public GeoServerSecuredPage() { super(); Authentication auth = getSession().getAuthentication(); if(auth == null || !auth.isAuthenticated() || auth instanceof AnonymousAuthenticationToken) { // emulate what spring security url control would do so that we get a proper redirect after login HttpServletRequest httpRequest = ((WebRequest) getRequest()).getHttpServletRequest(); //ExceptionTranslationFilter translator = (ExceptionTranslationFilter) getGeoServerApplication().getBean("consoleExceptionTranslationFilter"); SavedRequest savedRequest = new DefaultSavedRequest(httpRequest, new PortResolverImpl()); HttpSession session = httpRequest.getSession(); // TODO, Justin, WebAttributes.SAVED_REQUEST has disappeared in spring security framework session.setAttribute(SAVED_REQUEST, savedRequest); // then redirect to the login page setResponsePage(GeoServerLoginPage.class); } else if (!getPageAuthorizer().isAccessAllowed(this.getClass(), auth)) setResponsePage(UnauthorizedPage.class); }
public GeoServerSecuredPage() { super(); if (GeoServerSecurityFilterChainProxy.isSecurityEnabledForCurrentRequest() == false) return; // nothing to do Authentication auth = getSession().getAuthentication(); if (auth == null || !auth.isAuthenticated() || auth instanceof AnonymousAuthenticationToken) { // emulate what spring security url control would do so that we get a proper redirect // after login HttpServletRequest httpRequest = (HttpServletRequest) ((WebRequest) getRequest()).getContainerRequest(); // ExceptionTranslationFilter translator = (ExceptionTranslationFilter) // getGeoServerApplication().getBean("consoleExceptionTranslationFilter"); SavedRequest savedRequest = new DefaultSavedRequest(httpRequest, new PortResolverImpl()); HttpSession session = httpRequest.getSession(); // TODO, Justin, WebAttributes.SAVED_REQUEST has disappeared in spring security // framework session.setAttribute(SAVED_REQUEST, savedRequest); // then redirect to the login page throw new RestartResponseException(GeoServerLoginPage.class); } else if (!getPageAuthorizer().isAccessAllowed(this.getClass(), auth)) throw new RestartResponseException(UnauthorizedPage.class); }