liferay过滤器(三)
MaureenChen 2011-07-20
1、Minifier过滤器
主要代码:
if (realPath.endsWith(_CSS_EXTENSION)) {
if(_log.isInfoEnabled()){
_log.info("MinifyingCSS"+file);
}minifiedContent = minifyCss(request, file);
response.setContentType(ContentTypes.TEXT_CSS);
FileUtil.write(cacheContentTypeFile, ContentTypes.TEXT_CSS);
}
elseif(realPath.endsWith(_JAVASCRIPT_EXTENSION)){
if(_log.isInfoEnabled()){
_log.info("MinifyingJavaScript"+file);
}minifiedContent = minifyJavaScript(file);
response.setContentType(ContentTypes.TEXT_JAVASCRIPT);
FileUtil.write(
cacheContentTypeFile,ContentTypes.TEXT_JAVASCRIPT);
}
elseif(realPath.endsWith(_JSP_EXTENSION)){
if(_log.isInfoEnabled()){
_log.info("MinifyingJSP"+file);
}StringServletResponse stringResponse = new StringServletResponse(response);
processFilter( MinifierFilter.class, request, stringResponse, filterChain);
CacheResponseUtil.setHeaders( response, stringResponse.getHeaders());
response.setContentType(stringResponse.getContentType());
minifiedContent = stringResponse.getString();
if (minifierType.equals("css")) {
minifiedContent=minifyCss(request,minifiedContent);
}
elseif(minifierType.equals("js")){
minifiedContent=minifyJavaScript(minifiedContent);
}FileUtil.write(
cacheContentTypeFile,stringResponse.getContentType());
}
else{
returnnull;
}FileUtil.write(cacheDataFile, minifiedContent);
功能: minifier filter 根据portalet的的配置文件liferay-portlet.xml设置的css、js路径、jsp路径,组合新的路径放到response中。在portalet中,jsp中设置的js或css路径不起作用,liferay自己的默认的/MyPortletName//docroot/WEB-INF/liferay-portlet.xml里面定义的。默认是:<footer-portlet-javascript>/js/main.js</footer-portlet-javascript>,这时在liferay-portlet.xml里面设置的,如果不需要此过滤器,可以在portal-ext.properties中设置com.liferay.portal.servlet.filters.minifier.MinifierFilter=false
2、MonitoringFilter 过滤器
主要代码:
long companyId = PortalUtil.getCompanyId(request);
PortalRequestDataSample portalRequestDataSample =
newPortalRequestDataSample(
companyId,request.getRemoteUser(),request.getRequestURI(),
request.getRequestURL().toString());try { portalRequestDataSample.prepare();
processFilter( MonitoringFilter.class, request, response, filterChain);
portalRequestDataSample.capture(RequestStatus.SUCCESS);
}
catch(Exceptione){
portalRequestDataSample.capture(RequestStatus.ERROR);if (e instanceof IOException) {
throw(IOException)e;
}
elseif(einstanceofServletException){
throw(ServletException)e;
}
else{
thrownewServletException("Unabletoexecuterequest",e);
}
}
finally{
MessageBusUtil.sendMessage(
DestinationNames.MONITORING, portalRequestDataSample);DataSampleThreadLocal.addDataSample(portalRequestDataSample); }
作用:监控服务器响应时间(没怎么看懂,猜得)
3、SecureFilter 过滤器
主要代码:
if (isAccessAllowed(request)) {
if(_log.isDebugEnabled()){
_log.debug("Accessallowedfor"+remoteAddr);
}
}
else{
if(_log.isWarnEnabled()){
_log.warn("Accessdeniedfor"+remoteAddr);
}response.sendError(
HttpServletResponse.SC_FORBIDDEN,
"Access denied for " + remoteAddr);return; }
if (_log.isDebugEnabled()) {
if(_httpsRequired){
_log.debug("httpsisrequired");
}
else{
_log.debug("httpsisnotrequired");
}
}功能:判断访问地址是否安全,是否走https://
4、SessionIdFilter过滤器
主要代码:
SessionIdServletRequest sessionIdRequest = new SessionIdServletRequest( request, response);
功能:如果 com.liferay.portal.servlet.filters.sessionid.SessionIdFilter=true,保证只一个session创建
5、CASFilter过滤器
主要代码:
if (pathInfo.indexOf("/portal/logout") != -1) { session.invalidate();
String logoutUrl = PrefsPropsUtil.getString(
companyId,PropsKeys.CAS_LOGOUT_URL,
PropsValues.CAS_LOGOUT_URL);response.sendRedirect(logoutUrl);
return;
}
else{
String login = (String)session.getAttribute(LOGIN);String serverName = PrefsPropsUtil.getString(
companyId,PropsKeys.CAS_SERVER_NAME,
PropsValues.CAS_SERVER_NAME);String serviceUrl = PrefsPropsUtil.getString(
companyId,PropsKeys.CAS_SERVICE_URL,
PropsValues.CAS_SERVICE_URL);if (Validator.isNull(serviceUrl)) {
serviceUrl=CommonUtils.constructServiceUrl(
request,response,serviceUrl,serverName,"ticket",
false);
}String ticket = ParamUtil.getString(request, "ticket");
if (Validator.isNull(ticket)) {
if(Validator.isNotNull(login)){
processFilter(
CASFilter.class,request,response,filterChain);
}
else{
StringloginUrl=PrefsPropsUtil.getString(
companyId,PropsKeys.CAS_LOGIN_URL,
PropsValues.CAS_LOGIN_URL);loginUrl = HttpUtil.addParameter( loginUrl, "service", serviceUrl);
response.sendRedirect(loginUrl); }
return; }
TicketValidator ticketValidator = getTicketValidator( companyId);
Assertion assertion = ticketValidator.validate( ticket, serviceUrl);
if (assertion != null) {
AttributePrincipalattributePrincipal=
assertion.getPrincipal();login = attributePrincipal.getName();
session.setAttribute(LOGIN, login); }
主要功能:单点登录(具体实现要详细的研读代码)
6、NtlmFilter过滤器
主要代码(略)
功能:单点登录
7、NtlmPostFilter过滤器
主要代码(略)
功能:单点登录
8、OpenSSOFilter过滤器
主要代码(略)
功能:单点登录
9、ValidHtmlFilter过滤器
主要代码:
protected String getContent(HttpServletRequest request, String content) {
content=StringUtil.replaceLast(
content,_CLOSE_BODY,StringPool.BLANK);
content=StringUtil.replaceLast(
content, _CLOSE_HTML, _CLOSE_BODY + _CLOSE_HTML);return content; }
主要功能:处理html数据,把html中的</body></html>放在在一起。(html类型为 text/html )
10、UrlRewriteFilter过滤器
主要代码:(略)
功能:重写uRL(根据配置文件urlrewrite.xml的规则,重写URL,主要是为了安全。)
