Skip to content

A
Asistencia
Commit d0472b18 by Billy Larru
Options

filtros para servlets

parent ff497ee3
Showing with 509 additions and 235 deletions
src/main/java/asistencia/filters/RequestFilter.java
/* ///*
* To change this license header, choose License Headers in Project Properties. // * To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates // * To change this template file, choose Tools | Templates
* and open the template in the editor. // * and open the template in the editor.
*/ // */
package asistencia.filters; //package asistencia.filters;
//
import java.io.IOException; //import java.io.IOException;
import java.io.PrintStream; //import java.io.PrintStream;
import java.io.PrintWriter; //import java.io.PrintWriter;
import java.io.StringWriter; //import java.io.StringWriter;
import java.util.ArrayList; //import java.util.ArrayList;
import java.util.List; //import java.util.List;
import javax.servlet.Filter; //import javax.servlet.Filter;
import javax.servlet.FilterChain; //import javax.servlet.FilterChain;
import javax.servlet.FilterConfig; //import javax.servlet.FilterConfig;
import javax.servlet.ServletException; //import javax.servlet.ServletException;
import javax.servlet.ServletRequest; //import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse; //import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter; //import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie; //import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; //import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; //import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; //import javax.servlet.http.HttpSession;
import javax.ws.rs.WebApplicationException; //import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response; //import javax.ws.rs.core.Response;
import org.json.JSONArray; //import org.json.JSONArray;
import org.json.JSONObject; //import org.json.JSONObject;
import asistencia.config.RequestPath; //import asistencia.config.RequestPath;
import asistencia.utilities.GeneralUtils; //import asistencia.utilities.GeneralUtils;
import asistencia.utilities.HttpRequest; //import asistencia.utilities.HttpRequest;
//
/** ///**
* // *
* @author sistem08user // * @author sistem08user
*/ // */
@WebFilter(filterName = "RequestFilter", urlPatterns = {"/*"}) //@WebFilter(filterName = "RequestFilter", urlPatterns = {"/*"})
public class RequestFilter implements Filter { //public class RequestFilter implements Filter {
//
// The filter configuration object we are associated with. If // // The filter configuration object we are associated with. If
// this value is null, this filter instance is not currently // // this value is null, this filter instance is not currently
// configured. // // configured.
private FilterConfig filterConfig = null; // private FilterConfig filterConfig = null;
//
public RequestFilter() { // public RequestFilter() {
} // }
//
private void doBeforeProcessing(ServletRequest req, ServletResponse resp, FilterChain chain) // private void doBeforeProcessing(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException { // throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req; // HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp; // HttpServletResponse response = (HttpServletResponse) resp;
String uri = request.getRequestURI(); // String uri = request.getRequestURI();
//
if (uri.endsWith("Asistencia") || uri.endsWith("Asistencia/") // if (uri.endsWith("Asistencia") || uri.endsWith("Asistencia/")
|| uri.contains("vistas/index.jsp") // || uri.contains("vistas/index.jsp")
|| uri.contains("plantilla/assets") || uri.endsWith(".js") || uri.endsWith(".css") // || uri.contains("plantilla/assets") || uri.endsWith(".js") || uri.endsWith(".css")
|| uri.endsWith(".png") || uri.endsWith(".jpg") || uri.endsWith(".gif") // || uri.endsWith(".png") || uri.endsWith(".jpg") || uri.endsWith(".gif")
|| uri.contains("/login") || uri.contains("vistas/redireccionarServlet") // || uri.contains("/login") || uri.contains("vistas/redireccionarServlet")
|| uri.contains("vistas/interceptar")) { // || uri.contains("vistas/interceptar")) {
chain.doFilter(request, response); // chain.doFilter(request, response);
} else { // } else {
if (request.getSession().getAttribute("codigo") != null) { // if (request.getSession().getAttribute("codigo") != null) {
if (uri.endsWith(".jsp")) { // if (uri.endsWith(".jsp")) {
HttpSession session = request.getSession(); // HttpSession session = request.getSession();
HttpRequest httpRequest = new HttpRequest(); // HttpRequest httpRequest = new HttpRequest();
JSONObject valid = null; // JSONObject valid = null;
String respuesta = ""; // String respuesta = "";
String auth = ""; // String auth = "";
try { // try {
if (session.getAttribute("Authorization") != null) { // if (session.getAttribute("Authorization") != null) {
auth = (String) session.getAttribute("Authorization"); // auth = (String) session.getAttribute("Authorization");
} else { // } else {
setError(response);
}
respuesta = httpRequest.getRespuesta(RequestPath.VERIFICAR_LOGIN, HttpRequest.POST, new JSONObject("{}"), auth);
valid = new JSONObject(respuesta);
if (valid.getBoolean("status")) {
JSONObject menu = new JSONObject(valid.getString("menu"));//Obtiene el menu
List<Object> vistas = new ArrayList<>();
JSONObject rolvista = valid.getJSONObject("rolvista");
JSONArray urls = rolvista.getJSONArray("vistas");
for (int i = 0; i < urls.length(); i++) {
vistas.add(urls.get(i));
}
vistas.add("main.jsp");
String ruta = request.getRequestURI();
int indice = GeneralUtils.obtenerIndex(ruta);
String rutaJsp = ruta.substring(indice, ruta.length());
boolean acceso = vistas.contains(rutaJsp);
if (!acceso) {
request.getSession().setAttribute("error", "no tiene acceso a la vista solicitada");//Esta session se elimina en el jsp (para que no ocupe memoria)
// request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
response.sendRedirect("error/error.jsp");
return;
}
session.setAttribute("menu", menu.toString());
} else {
deleteCredenciales(response, request);
request.getSession().setAttribute("error", "no tiene credenciales validas");
// request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
response.sendRedirect("error/error.jsp");
return;
// setError(response); // setError(response);
} // }
} catch (Exception ex) { // respuesta = httpRequest.getRespuesta(RequestPath.VERIFICAR_LOGIN, HttpRequest.POST, new JSONObject("{}"), auth);
request.getSession().setAttribute("error", ex.getMessage()); // valid = new JSONObject(respuesta);
// request.getRequestDispatcher("/vistas/error.jsp").forward(request, response); // if (valid.getBoolean("status")) {
response.sendRedirect("error/error.jsp"); // JSONObject menu = new JSONObject(valid.getString("menu"));//Obtiene el menu
return; // List<Object> vistas = new ArrayList<>();
// setError(response); // JSONObject rolvista = valid.getJSONObject("rolvista");
} // JSONArray urls = rolvista.getJSONArray("vistas");
} // for (int i = 0; i < urls.length(); i++) {
chain.doFilter(request, response); // vistas.add(urls.get(i));
} else { // }
deleteCredenciales(response, request); // vistas.add("main.jsp");
response.sendRedirect("index.jsp"); // String ruta = request.getRequestURI();
} // int indice = GeneralUtils.obtenerIndex(ruta);
} // String rutaJsp = ruta.substring(indice, ruta.length());
} // boolean acceso = vistas.contains(rutaJsp);
// if (!acceso) {
private void deleteCredenciales(HttpServletResponse response, HttpServletRequest request) { // request.getSession().setAttribute("error", "no tiene acceso a la vista solicitada");//Esta session se elimina en el jsp (para que no ocupe memoria)
Cookie cookieAuth = new Cookie("Authorization", ""); //// request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
cookieAuth.setMaxAge(0); // response.sendRedirect("error/error.jsp");
request.getSession().invalidate(); // return;
response.addCookie(cookieAuth); // }
} // session.setAttribute("menu", menu.toString());
// } else {
private void sendError(HttpServletResponse response) throws IOException { // deleteCredenciales(response, request);
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // request.getSession().setAttribute("error", "no tiene credenciales validas");
response.sendError(401); //// request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
} // response.sendRedirect("error/error.jsp");
// return;
public void setError(HttpServletResponse response) throws IOException { //// setError(response);
Response.ResponseBuilder builder = null; // }
sendError(response); // } catch (Exception ex) {
builder = Response.status(Response.Status.UNAUTHORIZED).entity(response); // request.getSession().setAttribute("error", ex.getMessage());
throw new WebApplicationException(builder.build()); //// request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
} // response.sendRedirect("error/error.jsp");
// return;
private void doAfterProcessing(ServletRequest request, ServletResponse response) //// setError(response);
throws IOException, ServletException { // }
// }
} // chain.doFilter(request, response);
// } else {
public void doFilter(ServletRequest req, ServletResponse resp, // deleteCredenciales(response, request);
FilterChain chain) // response.sendRedirect("index.jsp");
throws IOException, ServletException { // }
System.out.println("Entrando al filtro"); // }
doBeforeProcessing(req, resp, chain); // }
//
// chain.doFilter(req, resp); // private void deleteCredenciales(HttpServletResponse response, HttpServletRequest request) {
doAfterProcessing(req, resp); // Cookie cookieAuth = new Cookie("Authorization", "");
// cookieAuth.setMaxAge(0);
} // request.getSession().invalidate();
// response.addCookie(cookieAuth);
/** // }
* Return the filter configuration object for this filter. //
*/ // private void sendError(HttpServletResponse response) throws IOException {
public FilterConfig getFilterConfig() { // response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return (this.filterConfig); // response.sendError(401);
} // }
//
/** // public void setError(HttpServletResponse response) throws IOException {
* Set the filter configuration object for this filter. // Response.ResponseBuilder builder = null;
* // sendError(response);
* @param filterConfig The filter configuration object // builder = Response.status(Response.Status.UNAUTHORIZED).entity(response);
*/ // throw new WebApplicationException(builder.build());
public void setFilterConfig(FilterConfig filterConfig) { // }
this.filterConfig = filterConfig; //
} // private void doAfterProcessing(ServletRequest request, ServletResponse response)
// throws IOException, ServletException {
/** //
* Destroy method for this filter // }
*/ //
public void destroy() { // public void doFilter(ServletRequest req, ServletResponse resp,
} // FilterChain chain)
// throws IOException, ServletException {
/** // System.out.println("Entrando al filtro");
* Init method for this filter // doBeforeProcessing(req, resp, chain);
*/ //
public void init(FilterConfig filterConfig) { //// chain.doFilter(req, resp);
// doAfterProcessing(req, resp);
} //
// }
private void sendProcessingError(Throwable t, ServletResponse response) { //
String stackTrace = getStackTrace(t); // /**
// * Return the filter configuration object for this filter.
if (stackTrace != null && !stackTrace.equals("")) { // */
try { // public FilterConfig getFilterConfig() {
response.setContentType("text/html"); // return (this.filterConfig);
PrintStream ps = new PrintStream(response.getOutputStream()); // }
PrintWriter pw = new PrintWriter(ps); //
pw.print("<html>\n<head>\n<title>Error</title>\n</head>\n<body>\n"); //NOI18N // /**
// * Set the filter configuration object for this filter.
// PENDING! Localize this for next official release // *
pw.print("<h1>The resource did not process correctly</h1>\n<pre>\n"); // * @param filterConfig The filter configuration object
pw.print(stackTrace); // */
pw.print("</pre></body>\n</html>"); //NOI18N // public void setFilterConfig(FilterConfig filterConfig) {
pw.close(); // this.filterConfig = filterConfig;
ps.close(); // }
response.getOutputStream().close(); //
} catch (Exception ex) { // /**
} // * Destroy method for this filter
} else { // */
try { // public void destroy() {
PrintStream ps = new PrintStream(response.getOutputStream()); // }
t.printStackTrace(ps); //
ps.close(); // /**
response.getOutputStream().close(); // * Init method for this filter
} catch (Exception ex) { // */
} // public void init(FilterConfig filterConfig) {
} //
} // }
//
public static String getStackTrace(Throwable t) { // private void sendProcessingError(Throwable t, ServletResponse response) {
String stackTrace = null; // String stackTrace = getStackTrace(t);
try { //
StringWriter sw = new StringWriter(); // if (stackTrace != null && !stackTrace.equals("")) {
PrintWriter pw = new PrintWriter(sw); // try {
t.printStackTrace(pw); // response.setContentType("text/html");
pw.close(); // PrintStream ps = new PrintStream(response.getOutputStream());
sw.close(); // PrintWriter pw = new PrintWriter(ps);
stackTrace = sw.getBuffer().toString(); // pw.print("<html>\n<head>\n<title>Error</title>\n</head>\n<body>\n"); //NOI18N
} catch (Exception ex) { //
} // // PENDING! Localize this for next official release
return stackTrace; // pw.print("<h1>The resource did not process correctly</h1>\n<pre>\n");
} // pw.print(stackTrace);
// pw.print("</pre></body>\n</html>"); //NOI18N
public void log(String msg) { // pw.close();
filterConfig.getServletContext().log(msg); // ps.close();
} // response.getOutputStream().close();
// } catch (Exception ex) {
} // }
// } else {
// try {
// PrintStream ps = new PrintStream(response.getOutputStream());
// t.printStackTrace(ps);
// ps.close();
// response.getOutputStream().close();
// } catch (Exception ex) {
// }
// }
// }
//
// public static String getStackTrace(Throwable t) {
// String stackTrace = null;
// try {
// StringWriter sw = new StringWriter();
// PrintWriter pw = new PrintWriter(sw);
// t.printStackTrace(pw);
// pw.close();
// sw.close();
// stackTrace = sw.getBuffer().toString();
// } catch (Exception ex) {
// }
// return stackTrace;
// }
//
// public void log(String msg) {
// filterConfig.getServletContext().log(msg);
// }
//
//}
src/main/java/asistencia/filters/RequestsFilter.java 0 → 100644
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package asistencia.filters;
import asistencia.config.RequestPath;
import asistencia.utilities.GeneralUtils;
import asistencia.utilities.HttpRequest;
import java.io.IOException;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.json.JSONArray;
import org.json.JSONObject;
/**
*
* @author Percy Oliver Quispe Huarcaya
*/
public class RequestsFilter implements Filter {
private FilterConfig filterConfig = null;
public RequestsFilter() {
}
private void doBeforeProcessing(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String uri = request.getRequestURI();
if(uri.endsWith("vistas/index.jsp")){
if (request.getSession().getAttribute("codigo") != null) {
response.sendRedirect("main.jsp");
return;
}
chain.doFilter(req, resp);
}else{
if (request.getSession().getAttribute("codigo") != null) {
if (uri.endsWith(".jsp")) {
HttpSession session = request.getSession();
HttpRequest httpRequest = new HttpRequest();
JSONObject valid = null;
String respuesta = "";
String auth = "";
try {
if (session.getAttribute("Authorization") != null) {
auth = (String) session.getAttribute("Authorization");
} else {
setError(response);
}
respuesta = httpRequest.getRespuesta(RequestPath.VERIFICAR_LOGIN, HttpRequest.POST, new JSONObject("{}"), auth);
valid = new JSONObject(respuesta);
if (valid.getBoolean("status")) {
JSONObject menu = new JSONObject(valid.getString("menu"));//Obtiene el menu
List<Object> vistas = new ArrayList<>();
JSONObject rolvista = valid.getJSONObject("rolvista");
JSONArray urls = rolvista.getJSONArray("vistas");
for (int i = 0; i < urls.length(); i++) {
vistas.add(urls.get(i));
}
String ruta = request.getRequestURI();
int indice = GeneralUtils.obtenerIndex(ruta);
String rutaJsp = ruta.substring(indice, ruta.length());
boolean acceso = vistas.contains(rutaJsp);
if (!acceso) {
request.getSession().setAttribute("error", "no tiene acceso a la vista solicitada");//Esta session se elimina en el jsp (para que no ocupe memoria)
request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
return;
}
session.setAttribute("menu", menu.toString());
} else {
deleteCredenciales(response,request);
request.getSession().setAttribute("error", "no tiene credenciales validas");
request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
return;
}
} catch (Exception ex) {
request.getSession().setAttribute("error", ex.getMessage());
request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
return;
}
}
chain.doFilter(request, response);
} else {
deleteCredenciales(response,request);
request.getSession().setAttribute("error","no tiene una sesion activa");
request.getRequestDispatcher("/vistas/error.jsp").forward(request, response);
}
}
}
private void deleteCredenciales(HttpServletResponse response,HttpServletRequest request) {
request.getSession().invalidate();
Cookie cookieAuth = new Cookie("Authorization", "");
cookieAuth.setMaxAge(0);
response.addCookie(cookieAuth);
}
private void sendError(HttpServletResponse response) throws IOException {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.sendError(401);
}
public void setError(HttpServletResponse response) throws IOException {
Response.ResponseBuilder builder = null;
sendError(response);
builder = Response.status(Response.Status.UNAUTHORIZED).entity(response);
throw new WebApplicationException(builder.build());
}
private void doAfterProcessing(ServletRequest request, ServletResponse response)
throws IOException, ServletException {
// Write code here to process the request and/or response after
// the rest of the filter chain is invoked.
// For example, a logging filter might log the attributes on the
// request object after the request has been processed.
/*
for (Enumeration en = request.getAttributeNames(); en.hasMoreElements(); ) {
String name = (String)en.nextElement();
Object value = request.getAttribute(name);
log("attribute: " + name + "=" + value.toString());
}
*/
// For example, a filter might append something to the response.
/*
PrintWriter respOut = new PrintWriter(response.getWriter());
respOut.println("<P><B>This has been appended by an intrusive filter.</B>");
*/
}
/**
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
* @param chain The filter chain we are processing
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
doBeforeProcessing(request, response, chain);
// chain.doFilter(request, response);
doAfterProcessing(request, response);
}
/**
* Return the filter configuration object for this filter.
*/
public FilterConfig getFilterConfig() {
return (this.filterConfig);
}
/**
* Set the filter configuration object for this filter.
*
* @param filterConfig The filter configuration object
*/
public void setFilterConfig(FilterConfig filterConfig) {
this.filterConfig = filterConfig;
}
/**
* Destroy method for this filter
*/
public void destroy() {
}
/**
* Init method for this filter
*/
public void init(FilterConfig filterConfig) {
this.filterConfig = filterConfig;
if (filterConfig != null) {
}
}
/**
* Return a String representation of this object.
*/
@Override
public String toString() {
if (filterConfig == null) {
return ("RequestsFilter()");
}
StringBuffer sb = new StringBuffer("RequestsFilter(");
sb.append(filterConfig);
sb.append(")");
return (sb.toString());
}
private void sendProcessingError(Throwable t, ServletResponse response) {
String stackTrace = getStackTrace(t);
if (stackTrace != null && !stackTrace.equals("")) {
try {
response.setContentType("text/html");
PrintStream ps = new PrintStream(response.getOutputStream());
PrintWriter pw = new PrintWriter(ps);
pw.print("<html>\n<head>\n<title>Error</title>\n</head>\n<body>\n"); //NOI18N
// PENDING! Localize this for next official release
pw.print("<h1>The resource did not process correctly</h1>\n<pre>\n");
pw.print(stackTrace);
pw.print("</pre></body>\n</html>"); //NOI18N
pw.close();
ps.close();
response.getOutputStream().close();
} catch (Exception ex) {
}
} else {
try {
PrintStream ps = new PrintStream(response.getOutputStream());
t.printStackTrace(ps);
ps.close();
response.getOutputStream().close();
} catch (Exception ex) {
}
}
}
public static String getStackTrace(Throwable t) {
String stackTrace = null;
try {
StringWriter sw = new StringWriter();
PrintWriter pw = new PrintWriter(sw);
t.printStackTrace(pw);
pw.close();
sw.close();
stackTrace = sw.getBuffer().toString();
} catch (Exception ex) {
}
return stackTrace;
}
public void log(String msg) {
filterConfig.getServletContext().log(msg);
}
}
src/main/webapp/WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"> <web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<filter>
<filter-name>RequestsFilter</filter-name>
<filter-class>asistencia.filters.RequestsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>RequestsFilter</filter-name>
<url-pattern>/servlet/*</url-pattern>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<servlet> <servlet>
<servlet-name>InterceptarRedireccionServlet</servlet-name> <servlet-name>InterceptarRedireccionServlet</servlet-name>
<servlet-class>asistencia.servlets.InterceptarRedireccionServlet</servlet-class> <servlet-class>asistencia.servlets.InterceptarRedireccionServlet</servlet-class>
...@@ -32,13 +41,10 @@ ...@@ -32,13 +41,10 @@
<servlet-name>RedireccionarServlet</servlet-name> <servlet-name>RedireccionarServlet</servlet-name>
<url-pattern>/vistas/redireccionarServlet</url-pattern> <url-pattern>/vistas/redireccionarServlet</url-pattern>
</servlet-mapping> </servlet-mapping>
<error-page> <error-page>
<error-code>404</error-code> <error-code>404</error-code>
<location>/vistas/error/error.jsp</location> <location>/vistas/error/error.jsp</location>
</error-page> </error-page>
<session-config> <session-config>
<session-timeout> <session-timeout>
30 30
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment