001 /* 002 * Copyright 2007 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 package org.codehaus.groovy.grails.plugins.springsecurity; 017 018 import javax.servlet.http.HttpServletRequest; 019 import javax.servlet.http.HttpServletResponse; 020 021 import org.springframework.security.AuthenticationException; 022 import org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint; 023 024 /** 025 * AuthenticationProcessingFilterEntryPoint with Ajax login form option if 026 * Method Access is denied returns <code>null</code>. 027 * 028 * @author T.Yamamoto 029 * @author <a href='mailto:beckwithb@studentsonly.com'>Burt Beckwith</a> 030 */ 031 public class WithAjaxAuthenticationProcessingFilterEntryPoint extends AuthenticationProcessingFilterEntryPoint { 032 033 /** 034 * Default value for the name of the Ajax header. 035 */ 036 public static final String AJAX_HEADER = "X-Requested-With"; 037 038 private String ajaxLoginFormUrl; 039 private String ajaxHeader = AJAX_HEADER; 040 041 /** 042 * {@inheritDoc} 043 * @see org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint#determineUrlToUseForThisRequest( 044 * javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, 045 * org.springframework.security.AuthenticationException) 046 */ 047 @Override 048 protected String determineUrlToUseForThisRequest( 049 final HttpServletRequest request, final HttpServletResponse response, 050 final AuthenticationException exception) { 051 052 if (request.getHeader(ajaxHeader) != null && ajaxLoginFormUrl != null) { 053 return ajaxLoginFormUrl; 054 } 055 056 return getLoginFormUrl(); 057 } 058 059 /** 060 * Dependency injection for the Ajax login form url, e.g. '/login/authAjax'. 061 * @param url the url 062 */ 063 public void setAjaxLoginFormUrl(final String url) { 064 if (url != null && !url.startsWith("/")) { 065 throw new IllegalArgumentException("ajaxLoginFormUrl must begin with '/'"); 066 } 067 ajaxLoginFormUrl = url; 068 } 069 070 /** 071 * Dependency injection for the Ajax header name; defaults to 'X-Requested-With'. 072 * @param header the header name 073 */ 074 public void setAjaxHeader(final String header) { 075 ajaxHeader = header; 076 } 077 }