[Original] Application of Filter
/ ** * @ (#) Userauthenticatefilter.java * * Copyright 2004 OpenSource Develop Team. All rights reserved. * /
// packagepackage com.opensource.filter;
// ImportsImport sun.misc.base64decoder;
import javax.servlet *;. import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.sql.Connection; import java .sql.preparedStatement; import java.sql.resultset; import java.sql.sqlexception;
Import com.opensource.database.connectfactory;
/ ** * Perform user authentication, acquire user information by connecting to the database. * * @Author: ODT * @see: Filter * @version: 1.0 21/04/2004 * @since: 1.3 * / public class UserAuthenticateFilter implements Filter {private FilterConfig filterConfig = null; private String adhocPassword = null;
Public Void Dofilter (ServletRequest Request, ServletResponse Response, Filterchain Chain) throws ioException, servletexception {if (filterConfig == null) return;
HTTPSERVLETREQUEST MYREQ = (httpservletRequest) Request; httpservletResponse myresp = (httpservletResponse) response; httpsession session = myreq.getations ();
String authstring = myreq.getheader ("authorization");
IF (AuthString == Null) {// Modify Realm MyResp.addhead ("WWW-Authenticate", "Basic Realm = /" OpenSource / "); MyResp.SetStatus (httpservletResponse.sc_unauthorized); Return;} else {//// atuhenticate BASE64Decoder decoder = new BASE64Decoder (); String enString = authString.substring (6); String decString = new String (decoder.decodeBuffer (enString)); int idx = decString.indexOf ( ":"); String uid = decString. Substring (0, IDX); String PWD = DECSTRING.SUBSTRING (IDX 1); if (! ExternalAuthenticate (UID, PWD)) {// Modify Realm MyResp.addheader ("www-automate", "Basic realm = /" OpenSource / "" "; MyResp.setstatus (httpservletResponse.sc_unauthorized); return;}
Session.setttribute ("UserName", UID); Session.SetaTRibute ("Password", PWD);
. FilterConfig.getServletContext () log ( "in AdHocAuthenticateFilter"); chain.doFilter (request, response);. FilterConfig.getServletContext () log ( "Getting out of AdHocAuthenticateFilter");} / ** * * database query may modify their own @Param: User - User Name * @Param: Password - Password * @return: Boolean * / Private Boolean ExternalAuthenticate (String PASSWORD) {Connection MyConnection = New ConnectFactory (). getConnection ();
try {String confirmSql = "SELECT USERNAME, PASSWORD FROM USERS WHERE" "USERNAME = AND PASSWORD =??"; PreparedStatement prep = myConnection.prepareStatement (confirmSql); prep.setString (1, user); prep.setString (2, Password; resultset = prep.executeQuery (); if (rs.next ()) {myconnection.close (); returnnection;}} catch (sqlexception sqle) {Return False;} Return false;
Public void destroy () {}
Public void init (FilterConfig filterConfig) {if (adhocpassword == null) adhocpassword = "aaaa"; this.filterconfig = filterconfig;}
Public String Tostring () {if (FilterConfig == Null) Return ("AdhocAuthenticateFilter ()");
StringBuffer SB = New StringBuffer ("AdhocAuthenticatefilter ("); sb.append (")"); Return (sb.toString ());}}
Installation Configuration UserAuthenticateFilterWeb.xml
