org.xwiki.container.servlet.filters.internal
Class SavedRequestRestorerFilter

java.lang.Object
  org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter

All Implemented Interfaces:

javax.servlet.Filter

public class SavedRequestRestorerFilter
extends java.lang.Object
implements javax.servlet.Filter

A filter that allows requests to be saved and reused later. For example when the current request contains an expired authentication token, and the authorization module redirects to the login page, all the information sent by the client would be lost; this filter allows to save all that information, and after a successful login, injects the saved data in the new request.

The saved data is used as a fallback for the new request, meaning that a parameter value is first searched in the new request, and only if not found it is searched in the saved request. Only the request parameters are stored, along with the request URL needed to verify that the request is reused only in a compatible future request. Multiple requests can be stored, each one identified by a distinct ID. A request is restored only if a valid ID was provided in the new URL, and if the new URL matches the URL of the saved request (except the query string). A saved session is deleted after it is restored, so it cannot be reused more than once.

Request data is stored in the current HTTP session, in order to provide a safe temporary storage. The data is only as safe as a session is, and it will not be available after the session is invalidated. Another consequence is that only HTTP requests are saved.

Version:

$Id$

Nested Class Summary

static class

SavedRequestRestorerFilter.SavedRequestWrapper Request Wrapper that inserts data from a previous request into the current request.

Constructor Summary

SavedRequestRestorerFilter()

Method Summary

void	destroy()
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
protected SavedRequestManager.SavedRequest	getSavedRequest(javax.servlet.http.HttpServletRequest request) If this request specifies a saved request (using the srid paramter) and the URL matches the one of the saved request, return the SavedRequest and remove it from the session.
void	init(javax.servlet.FilterConfig filterConfig)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SavedRequestRestorerFilter

public SavedRequestRestorerFilter()

Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)

Specified by:

init in interface javax.servlet.Filter

See Also:

Filter.init(javax.servlet.FilterConfig)

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException

Specified by:

doFilter in interface javax.servlet.Filter

Throws:

java.io.IOException

javax.servlet.ServletException

See Also:

Filter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)

destroy

public void destroy()

Specified by:

destroy in interface javax.servlet.Filter

See Also:

Filter.destroy()

getSavedRequest

protected SavedRequestManager.SavedRequest getSavedRequest(javax.servlet.http.HttpServletRequest request)

If this request specifies a saved request (using the srid paramter) and the URL matches the one of the saved request, return the SavedRequest and remove it from the session.

Parameters:

request - the current request

Returns:

the saved request, if one exists, or null.