Hello, I am going through the Petstore's SignOnFilter class and I am wondering why it has been named SignOnFilter and not SignInFilter. Isn't the businesss logic of the class to help the signing in and not the signing on? Am I right or wrong? Thanks in advance for your replies. Julien.
Here is the source for the class: package com.sun.j2ee.blueprints.signon.web;import java.io.PrintWriter;import java.io.OutputStreamWriter;import java.io.IOException;import java.util.HashMap;import java.util.Iterator;import java.net.URL;// J2EE importsimport javax.servlet.ServletException;import javax.servlet.ServletContext;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.http.HttpSession;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.Cookie;import javax.ejb.CreateException;import javax.naming.NamingException;import javax.naming.InitialContext;// SignOn EJB Importsimport com.sun.j2ee.blueprints.signon.ejb.SignOnLocalHome;import com.sun.j2ee.blueprints.signon.ejb.SignOnLocal;public class SignOnFilter implements Filter { // these static strings define where to put/get things public static final String FORM_SIGNON_URL = "j_signon_check"; public static final String FORM_USER_NAME = "j_username"; public static final String FORM_PASSWORD = "j_password"; public static final String REMEMBER_USERNAME = "j_remember_username"; public static final String USER_NAME = "j_signon_username"; public static final String SIGNED_ON_USER = "j_signon"; public static final String ORIGINAL_URL = "j_signon_original_url"; public static final String CREATE_USER_URL = "j_create_user"; public static final String COOKIE_NAME = "bp_signon"; private HashMap protectedResources; private FilterConfig config = null; private String signOnErrorPage = null; private String signOnPage = null; private String userCreationError = null; public void init(FilterConfig config) throws ServletException { this.config = config; URL protectedResourcesURL = null; try { protectedResourcesURL = config.getServletContext().getResource("/WEB-INF/signon-config.xml"); SignOnDAO dao = new SignOnDAO(protectedResourcesURL); signOnErrorPage = dao.getSignOnErrorPage(); signOnPage = dao.getSignOnPage(); protectedResources = dao.getProtectedResources(); } catch (java.net.MalformedURLException ex) { System.err.println("SignonFilter: malformed URL exception: " + ex); } } public void destroy() { config = null; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest hreq = (HttpServletRequest)request; String currentURI = hreq.getRequestURL().toString(); String currentURL = hreq.getRequestURI(); // get everything after the context root int firstSlash = currentURL.indexOf("/",1); // jump past the starting slash String targetURL = null; if (firstSlash != -1) targetURL = currentURL.substring(firstSlash + 1, currentURL.length()); if ((targetURL != null) && targetURL.equals(FORM_SIGNON_URL)) { validateSignOn(request, response, chain); // jump out of this method return; } // check if the user is signed on boolean signedOn = false; if (hreq.getSession().getAttribute(SIGNED_ON_USER) != null) { signedOn =((Boolean)hreq.getSession().getAttribute(SIGNED_ON_USER)).booleanValue(); } else { hreq.getSession().setAttribute(SIGNED_ON_USER, new Boolean(false)); } // jump to the resource if signed on if (signedOn) { chain.doFilter(request,response); return; } // find out if the patterns match the target URL Iterator it = protectedResources.keySet().iterator(); while (it.hasNext()) { String protectedName = (String)it.next(); ProtectedResource resource = (ProtectedResource)protectedResources.get(protectedName); String urlPattern = resource.getURLPattern(); // now check agains the targetURL if (urlPattern.equals(targetURL)) { // put the orginal url in the session so others can access hreq.getSession().setAttribute(ORIGINAL_URL, targetURL); config.getServletContext().getRequestDispatcher("/" + signOnPage).forward(request, response); // Jump out of the filter and go to the next page return; } } // No matches if we made it to here chain.doFilter(request,response); } public void validateSignOn(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // convert to a http servlet request for now HttpServletRequest hreq = (HttpServletRequest)request; HttpServletResponse hres = (HttpServletResponse)response; // get the user name String userName = hreq.getParameter(FORM_USER_NAME); // get the password String password = hreq.getParameter(FORM_PASSWORD); // check if the user wants userName set in cookie String rememberUserName = hreq.getParameter(REMEMBER_USERNAME); if (rememberUserName != null) { // set a cookie with the username in it Cookie userNameCookie = new Cookie(COOKIE_NAME, userName); // set cookie to last for one month userNameCookie.setMaxAge(2678400); hres.addCookie(userNameCookie); } else { // see if the cookie exists and remove accordingly Cookie[] cookies = hreq.getCookies(); if (cookies != null) { for (int loop=0; loop < cookies.length; loop++) { if (cookies[loop].getName().equals(COOKIE_NAME)) { cookies[loop].setMaxAge(0); hres.addCookie(cookies[loop]); } } } } //validate against the registered users SignOnLocal signOn = getSignOnEjb(); boolean authenticated = signOn.authenticate(userName, password); if (authenticated) { // place a true boolean in the session if (hreq.getSession().getAttribute(USER_NAME) != null) { hreq.getSession().removeAttribute(USER_NAME); } hreq.getSession().setAttribute(USER_NAME, userName); // remove the sign on user key before putting it back in if (hreq.getSession().getAttribute(SIGNED_ON_USER) != null) { hreq.getSession().removeAttribute(SIGNED_ON_USER); } hreq.getSession().setAttribute(SIGNED_ON_USER, new Boolean(true)); // redirect to the original destination String targetURL = (String)hreq.getSession().getAttribute(ORIGINAL_URL); hres.sendRedirect(targetURL); return; } else { hres.sendRedirect(signOnErrorPage); return; } } private SignOnLocal getSignOnEjb() throws ServletException { SignOnLocal signOn = null; try { InitialContext ic = new InitialContext(); Object o = ic.lookup("java:comp/env/ejb/SignOn"); SignOnLocalHome home =(SignOnLocalHome)o; signOn = home.create(); } catch (javax.ejb.CreateException cx) { throw new ServletException("Failed to Create SignOn EJB: caught " + cx); } catch (javax.naming.NamingException nx) { throw new ServletException("Failed to Create SignOn EJB: caught " + nx); } return signOn; }}