Acegiとの連携
filterは Acegi、 Struts2の順に適用する必要があるが、これだとAcegiのAccessDeniedExceptionがStrutsで処理できない
なので、Struts2の Interceptor として実装した
tutorial.AcegiSecurityFilter.java
package tutorial; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.acegisecurity.intercept.AbstractSecurityInterceptor; import org.acegisecurity.intercept.InterceptorStatusToken; import org.acegisecurity.intercept.ObjectDefinitionSource; import org.acegisecurity.intercept.web.FilterInvocation; import org.acegisecurity.intercept.web.FilterInvocationDefinitionSource; import org.apache.struts2.ServletActionContext; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.interceptor.Interceptor; public class AcegiFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Interceptor, FilterChain { private FilterInvocationDefinitionSource objectDefinitionSource; private boolean observeOncePerRequest = true; public void destroy() { } public void init() { } public Class getSecureObjectClass() { return FilterInvocation.class; } public void doFilter(ServletRequest request, ServletResponse response) throws java.io.IOException,ServletException { } public String intercept(ActionInvocation actionInvocation) throws Exception { HttpServletRequest req = ServletActionContext.getRequest(); HttpServletResponse res = ServletActionContext.getResponse(); FilterInvocation fi = new FilterInvocation(req, res, this ); InterceptorStatusToken token = super.beforeInvocation(fi); String ans; try { ans = actionInvocation.invoke(); } finally { super.afterInvocation(token, null); } return ans; } public boolean isObserveOncePerRequest() { return observeOncePerRequest; } public ObjectDefinitionSource obtainObjectDefinitionSource() { return this.objectDefinitionSource; } public void setObjectDefinitionSource(FilterInvocationDefinitionSource newSource) { this.objectDefinitionSource = newSource; } public void setObserveOncePerRequest(boolean observeOncePerRequest) { this.observeOncePerRequest = observeOncePerRequest; } }
とする。