View Javadoc

1   /**
2    * 
3    */
4   package org.appfuse.webapp.security;
5   
6   import java.io.IOException;
7   
8   import javax.servlet.ServletException;
9   import javax.servlet.http.HttpServletRequest;
10  import javax.servlet.http.HttpServletResponse;
11  
12  import org.springframework.security.core.Authentication;
13  import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
14  import org.springframework.security.web.util.ELRequestMatcher;
15  import org.springframework.security.web.util.RequestMatcher;
16  
17  /**
18   * @author ivangsa
19   *
20   */
21  public class RpcAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
22  
23      private RequestMatcher requestMatcher = new ELRequestMatcher("hasHeader('X-Requested-With','XMLHttpRequest')");
24  
25      public void setRequestMatcher(RequestMatcher requestMatcher) {
26          this.requestMatcher = requestMatcher;
27      }
28  
29      /**
30       * @see org.springframework.security.web.authentication.AuthenticationSuccessHandler#onAuthenticationSuccess(javax.servlet.http.HttpServletRequest,
31       *      javax.servlet.http.HttpServletResponse,
32       *      org.springframework.security.core.Authentication)
33       */
34      @Override
35      public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
36          if (isRpcRequest(request, response, authentication)) {
37              response.setStatus(HttpServletResponse.SC_OK);
38              response.getWriter().flush();
39          } else {
40              super.onAuthenticationSuccess(request, response, authentication);
41          }
42      }
43  
44      protected boolean isRpcRequest(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
45          return requestMatcher.matches(request);
46      }
47  }