| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.shiro.web.servlet; |
| |
| import org.slf4j.Logger; |
| import org.slf4j.LoggerFactory; |
| |
| import javax.servlet.FilterChain; |
| import javax.servlet.ServletException; |
| import javax.servlet.ServletRequest; |
| import javax.servlet.ServletResponse; |
| import java.io.IOException; |
| |
| /** |
| * A Servlet Filter that enables AOP-style "around" advice for a ServletRequest via |
| * {@link #preHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse) preHandle}, |
| * {@link #postHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse) postHandle}, |
| * and {@link #afterCompletion(javax.servlet.ServletRequest, javax.servlet.ServletResponse, Exception) afterCompletion} |
| * hooks. |
| * |
| * @since 0.9 |
| */ |
| public abstract class AdviceFilter extends OncePerRequestFilter { |
| |
| /** |
| * The static logger available to this class only |
| */ |
| private static final Logger log = LoggerFactory.getLogger(AdviceFilter.class); |
| |
| /** |
| * Returns {@code true} if the filter chain should be allowed to continue, {@code false} otherwise. |
| * It is called before the chain is actually consulted/executed. |
| * <p/> |
| * The default implementation returns {@code true} always and exists as a template method for subclasses. |
| * |
| * @param request the incoming ServletRequest |
| * @param response the outgoing ServletResponse |
| * @return {@code true} if the filter chain should be allowed to continue, {@code false} otherwise. |
| * @throws Exception if there is any error. |
| */ |
| protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception { |
| return true; |
| } |
| |
| /** |
| * Allows 'post' advice logic to be called, but only if no exception occurs during filter chain execution. That |
| * is, if {@link #executeChain executeChain} throws an exception, this method will never be called. Be aware of |
| * this when implementing logic. Most resource 'cleanup' behavior is often done in the |
| * {@link #afterCompletion(javax.servlet.ServletRequest, javax.servlet.ServletResponse, Exception) afterCompletion(request,response,exception)} |
| * implementation, which is guaranteed to be called for every request, even when the chain processing throws |
| * an Exception. |
| * <p/> |
| * The default implementation does nothing (no-op) and exists as a template method for subclasses. |
| * |
| * @param request the incoming ServletRequest |
| * @param response the outgoing ServletResponse |
| * @throws Exception if an error occurs. |
| */ |
| @SuppressWarnings({"UnusedDeclaration"}) |
| protected void postHandle(ServletRequest request, ServletResponse response) throws Exception { |
| } |
| |
| /** |
| * Called in all cases in a {@code finally} block even if {@link #preHandle preHandle} returns |
| * {@code false} or if an exception is thrown during filter chain processing. Can be used for resource |
| * cleanup if so desired. |
| * <p/> |
| * The default implementation does nothing (no-op) and exists as a template method for subclasses. |
| * |
| * @param request the incoming ServletRequest |
| * @param response the outgoing ServletResponse |
| * @param exception any exception thrown during {@link #preHandle preHandle}, {@link #executeChain executeChain}, |
| * or {@link #postHandle postHandle} execution, or {@code null} if no exception was thrown |
| * (i.e. the chain processed successfully). |
| * @throws Exception if an error occurs. |
| */ |
| @SuppressWarnings({"UnusedDeclaration"}) |
| public void afterCompletion(ServletRequest request, ServletResponse response, Exception exception) throws Exception { |
| } |
| |
| /** |
| * Actually executes the specified filter chain by calling <code>chain.doFilter(request,response);</code>. |
| * <p/> |
| * Can be overridden by subclasses for custom logic. |
| * |
| * @param request the incoming ServletRequest |
| * @param response the outgoing ServletResponse |
| * @param chain the filter chain to execute |
| * @throws Exception if there is any error executing the chain. |
| */ |
| protected void executeChain(ServletRequest request, ServletResponse response, FilterChain chain) throws Exception { |
| chain.doFilter(request, response); |
| } |
| |
| /** |
| * Actually implements the chain execution logic, utilizing |
| * {@link #preHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse) pre}, |
| * {@link #postHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse) post}, and |
| * {@link #afterCompletion(javax.servlet.ServletRequest, javax.servlet.ServletResponse, Exception) after} |
| * advice hooks. |
| * |
| * @param request the incoming ServletRequest |
| * @param response the outgoing ServletResponse |
| * @param chain the filter chain to execute |
| * @throws ServletException if a servlet-related error occurs |
| * @throws IOException if an IO error occurs |
| */ |
| public void doFilterInternal(ServletRequest request, ServletResponse response, FilterChain chain) |
| throws ServletException, IOException { |
| |
| Exception exception = null; |
| |
| try { |
| |
| boolean continueChain = preHandle(request, response); |
| if (log.isTraceEnabled()) { |
| log.trace("Invoked preHandle method. Continuing chain?: [" + continueChain + "]"); |
| } |
| |
| if (continueChain) { |
| executeChain(request, response, chain); |
| } |
| |
| postHandle(request, response); |
| if (log.isTraceEnabled()) { |
| log.trace("Successfully invoked postHandle method"); |
| } |
| |
| } catch (Exception e) { |
| exception = e; |
| } finally { |
| cleanup(request, response, exception); |
| } |
| } |
| |
| /** |
| * Executes cleanup logic in the {@code finally} code block in the |
| * {@link #doFilterInternal(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) doFilterInternal} |
| * implementation. |
| * <p/> |
| * This implementation specifically calls |
| * {@link #afterCompletion(javax.servlet.ServletRequest, javax.servlet.ServletResponse, Exception) afterCompletion} |
| * as well as handles any exceptions properly. |
| * |
| * @param request the incoming {@code ServletRequest} |
| * @param response the outgoing {@code ServletResponse} |
| * @param existing any exception that might have occurred while executing the {@code FilterChain} or |
| * pre or post advice, or {@code null} if the pre/chain/post execution did not throw an {@code Exception}. |
| * @throws ServletException if any exception other than an {@code IOException} is thrown. |
| * @throws IOException if the pre/chain/post execution throw an {@code IOException} |
| */ |
| protected void cleanup(ServletRequest request, ServletResponse response, Exception existing) |
| throws ServletException, IOException { |
| Exception exception = existing; |
| try { |
| afterCompletion(request, response, exception); |
| if (log.isTraceEnabled()) { |
| log.trace("Successfully invoked afterCompletion method."); |
| } |
| } catch (Exception e) { |
| if (exception == null) { |
| exception = e; |
| } else { |
| log.debug("afterCompletion implementation threw an exception. This will be ignored to " + |
| "allow the original source exception to be propagated.", e); |
| } |
| } |
| if (exception != null) { |
| if (exception instanceof ServletException) { |
| throw (ServletException) exception; |
| } else if (exception instanceof IOException) { |
| throw (IOException) exception; |
| } else { |
| if (log.isDebugEnabled()) { |
| String msg = "Filter execution resulted in an unexpected Exception " + |
| "(not IOException or ServletException as the Filter API recommends). " + |
| "Wrapping in ServletException and propagating."; |
| log.debug(msg); |
| } |
| throw new ServletException(exception); |
| } |
| } |
| } |
| } |