package com.oreilly.jent.servlets.filter;

/**
 * In general, you may use the code in this book in your programs and 
 * documentation. You do not need to contact us for permission unless 
 * you're reproducing a significant portion of the code. For example, 
 * writing a program that uses several chunks of code from this book does 
 * not require permission. Selling or distributing a CD-ROM of examples 
 * from O'Reilly books does require permission. Answering a question by 
 * citing this book and quoting example code does not require permission. 
 * Incorporating a significant amount of example code from this book into 
 * your product's documentation does require permission.
 * 
 * We appreciate, but do not require, attribution. An attribution usually 
 * includes the title, author, publisher, and ISBN. For example: 
 * 
 *   "Java Enterprise in a Nutshell, Third Edition, 
 *    by Jim Farley and William Crawford 
 *    with Prakash Malani, John G. Norman, and Justin Gehtland. 
 *    Copyright 2006 O'Reilly Media, Inc., 0-596-10142-2."
 *  
 *  If you feel your use of code examples falls outside fair use or the 
 *  permission given above, feel free to contact us at 
 *  permissions@oreilly.com.
 */

import java.util.Hashtable;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

public class AuthenticationFilter implements Filter {

  private Hashtable users = null;
  public void init(FilterConfig config)
    throws javax.servlet.ServletException {

    users = (Hashtable)config.getServletContext(  ).getAttribute(
                               "enterprise.users");
    if(users == null) {
       users = new Hashtable(5);
       users.put("test", "test");
    }
  }

  public void doFilter(
    ServletRequest req, ServletResponse res, FilterChain chain)
    throws java.io.IOException, javax.servlet.ServletException {

    HttpServletRequest request = (HttpServletRequest)req;
    HttpSession sess = request.getSession(true);

    if(sess != null) {
      Boolean loggedIn = (Boolean)sess.getAttribute("enterprise.login");
      if (loggedIn != Boolean.TRUE) {
        String login_name = request.getParameter("login_name");
        String login_pass = request.getParameter("login_pass");
        if((login_name != null) && (login_pass != null))
          if(users.get(login_name).toString(  ).equals(login_pass)) {
            loggedIn = Boolean.TRUE;
            sess.setAttribute("enterprise.login", Boolean.TRUE);
            sess.setAttribute("enterprise.loginname", login_name);
          }
      }

      if (loggedIn == Boolean.TRUE) {
        chain.doFilter(req, res);
      }  else {
        request.setAttribute("originaluri", request.getRequestURI(  ));
        request.getRequestDispatcher("/login.jsp").forward(req, res);
      }
    }
  }

  public void destroy(  ) {
    // Code cleanup would be here
  }
}