portalImpl

kevinshen Tue, 26 Jan 2010 22:24:41 -0800

Author: kevinshen
Date: 2010-01-27 07:24:28 +0100 (Wed, 27 Jan 2010)
New Revision: 40736


Modified:
   
CMSContainer/trunk/CMSContainer/cmsc/portal/src/java/com/finalist/cmsc/portalImpl/SecurePortalServlet.java
Log:
CMSC-1596 Make staging side unaccessible until you log in with a mmbase user

Modified: 
CMSContainer/trunk/CMSContainer/cmsc/portal/src/java/com/finalist/cmsc/portalImpl/SecurePortalServlet.java
===================================================================
--- 
CMSContainer/trunk/CMSContainer/cmsc/portal/src/java/com/finalist/cmsc/portalImpl/SecurePortalServlet.java
  2010-01-27 05:41:54 UTC (rev 40735)
+++ 
CMSContainer/trunk/CMSContainer/cmsc/portal/src/java/com/finalist/cmsc/portalImpl/SecurePortalServlet.java
  2010-01-27 06:24:28 UTC (rev 40736)
@@ -19,26 +19,38 @@
 import com.finalist.cmsc.services.community.Community;
 import com.finalist.cmsc.services.sitemanagement.SiteManagement;
 import com.finalist.cmsc.util.HttpUtil;
+import com.finalist.cmsc.util.ServerUtil;
 
 @SuppressWarnings("serial")
 public class SecurePortalServlet extends PortalServlet {
+   
+   private static Log log = LogFactory.getLog(SecurePortalServlet.class);
+   
    private static final String CAS_LOGIN_LOCALE = "cas_login_locale";
+   
    private static final String DEFAULT_LOGIN_URL = "casServerLoginUrl";
-       private static Log log = LogFactory.getLog(SecurePortalServlet.class);
-       
+       
        protected boolean doRender(HttpServletRequest request,
                        HttpServletResponse response, String path) throws 
IOException {
           String useSSO = SecureUtil.getEnvironment("useSSO");
           if(useSSO == null || "false".equalsIgnoreCase(useSSO)) {
              return super.doRender(request, response, path);
           }
+      Cloud cloud = CloudUtil.getCloudFromThread();
+      //In the staging side. deny community user and guest. redirect to 403 
page.
+          if (ServerUtil.isStaging() && cloud == null) {
+             String noRightPage = 
SiteManagement.getSiteFromPath(path).getUrlfragment()+"/403";             
+             if (path != null && !path.endsWith("/403")) {
+             response.sendRedirect(HttpUtil.getWebappUri(request)+noRightPage);
+             return true;
+             }
+          }
                NavigationItem item = 
SiteManagement.getNavigationItemFromPath(path);
                if (SecureUtil.isAllowedToSee(item)) {
                        log.debug("Page: allowed to see");
                        return super.doRender(request, response, path);
-               }
-               
-      Cloud cloud = CloudUtil.getCloudFromThread();
+               }               
+      
           if (cloud != null) {
                   Node node = cloud.getNode(item.getId());
                   UserRole role = NavigationUtil.getRole(cloud, node, false);

_______________________________________________
Cvs mailing list
[email protected]
http://lists.mmbase.org/mailman/listinfo/cvs

[MMBASE SCM] r40736 - CMSContainer/trunk/CMSContainer/cmsc/portal/src/java/com/finalist/cmsc/portalImpl

Reply via email to