liferay过滤器(三)
1、Minifier过滤器
主要代码:
if (realPath.endsWith(_CSS_EXTENSION)) {
????if (_log.isInfoEnabled()) {
?????_log.info("Minifying CSS " + file);
????}
????minifiedContent = minifyCss(request, file);
????response.setContentType(ContentTypes.TEXT_CSS);
????FileUtil.write(cacheContentTypeFile, ContentTypes.TEXT_CSS);
???}
???else if (realPath.endsWith(_JAVASCRIPT_EXTENSION)) {
????if (_log.isInfoEnabled()) {
?????_log.info("Minifying JavaScript " + file);
????}
????minifiedContent = minifyJavaScript(file);
????response.setContentType(ContentTypes.TEXT_JAVASCRIPT);
????FileUtil.write(
?????cacheContentTypeFile, ContentTypes.TEXT_JAVASCRIPT);
???}
???else if (realPath.endsWith(_JSP_EXTENSION)) {
????if (_log.isInfoEnabled()) {
?????_log.info("Minifying JSP " + file);
????}
????StringServletResponse stringResponse =
?????new StringServletResponse(response);
????processFilter(
?????MinifierFilter.class, request, stringResponse, filterChain);
????CacheResponseUtil.setHeaders(
?????response, stringResponse.getHeaders());
????response.setContentType(stringResponse.getContentType());
????minifiedContent = stringResponse.getString();
????if (minifierType.equals("css")) {
?????minifiedContent = minifyCss(request, minifiedContent);
????}
????else if (minifierType.equals("js")) {
?????minifiedContent = minifyJavaScript(minifiedContent);
????}
????FileUtil.write(
?????cacheContentTypeFile, stringResponse.getContentType());
???}
???else {
????return null;
???}
???FileUtil.write(cacheDataFile, minifiedContent);
?
功能: minifier filter 根据portalet的的配置文件liferay-portlet.xml设置的css、js路径、jsp路径,组合新的路径放到response中。在portalet中,jsp中设置的js或css路径不起作用,liferay自己的默认的/MyPortletName//docroot/WEB-INF/liferay-portlet.xml里面定义的。默认是:<footer-portlet-javascript>/js/main.js</footer-portlet-javascript>,这时在liferay-portlet.xml里面设置的,如果不需要此过滤器,可以在portal-ext.properties中设置com.liferay.portal.servlet.filters.minifier.MinifierFilter=false
?
2、MonitoringFilter 过滤器
主要代码:
long companyId = PortalUtil.getCompanyId(request);
??PortalRequestDataSample portalRequestDataSample =
???new PortalRequestDataSample(
????companyId, request.getRemoteUser(), request.getRequestURI(),
????request.getRequestURL().toString());
??try {
???portalRequestDataSample.prepare();
???processFilter(
????MonitoringFilter.class, request, response, filterChain);
???portalRequestDataSample.capture(RequestStatus.SUCCESS);
??}
??catch (Exception e) {
???portalRequestDataSample.capture(RequestStatus.ERROR);
???if (e instanceof IOException) {
????throw (IOException)e;
???}
???else if (e instanceof ServletException) {
????throw (ServletException)e;
???}
???else {
????throw new ServletException("Unable to execute request", e);
???}
??}
??finally {
???MessageBusUtil.sendMessage(
????DestinationNames.MONITORING, portalRequestDataSample);
???DataSampleThreadLocal.addDataSample(portalRequestDataSample);
??}
?
作用:监控服务器响应时间(没怎么看懂,猜得)
?
3、SecureFilter? 过滤器
主要代码:
if (isAccessAllowed(request)) {
???if (_log.isDebugEnabled()) {
????_log.debug("Access allowed for " + remoteAddr);
???}
??}
??else {
???if (_log.isWarnEnabled()) {
????_log.warn("Access denied for " + remoteAddr);
???}
???response.sendError(
????HttpServletResponse.SC_FORBIDDEN,
????"Access denied for " + remoteAddr);
???return;
??}
??if (_log.isDebugEnabled()) {
???if (_httpsRequired) {
????_log.debug("https is required");
???}
???else {
????_log.debug("https is not required");
???}
??}
功能:判断访问地址是否安全,是否走https://
?
4、SessionIdFilter过滤器
主要代码:
SessionIdServletRequest sessionIdRequest = new SessionIdServletRequest(
???request, response);
功能:如果 com.liferay.portal.servlet.filters.sessionid.SessionIdFilter=true,保证只一个session创建
?
5、CASFilter过滤器
主要代码:
if (pathInfo.indexOf("/portal/logout") != -1) {
????session.invalidate();
????String logoutUrl = PrefsPropsUtil.getString(
?????companyId, PropsKeys.CAS_LOGOUT_URL,
?????PropsValues.CAS_LOGOUT_URL);
????response.sendRedirect(logoutUrl);
????return;
???}
???else {
????String login = (String)session.getAttribute(LOGIN);
????String serverName = PrefsPropsUtil.getString(
?????companyId, PropsKeys.CAS_SERVER_NAME,
?????PropsValues.CAS_SERVER_NAME);
????String serviceUrl = PrefsPropsUtil.getString(
?????companyId, PropsKeys.CAS_SERVICE_URL,
?????PropsValues.CAS_SERVICE_URL);
????if (Validator.isNull(serviceUrl)) {
?????serviceUrl = CommonUtils.constructServiceUrl(
??????request, response, serviceUrl, serverName, "ticket",
??????false);
????}
????String ticket = ParamUtil.getString(request, "ticket");
????if (Validator.isNull(ticket)) {
?????if (Validator.isNotNull(login)) {
??????processFilter(
???????CASFilter.class, request, response, filterChain);
?????}
?????else {
??????String loginUrl = PrefsPropsUtil.getString(
???????companyId, PropsKeys.CAS_LOGIN_URL,
???????PropsValues.CAS_LOGIN_URL);
??????loginUrl = HttpUtil.addParameter(
???????loginUrl, "service", serviceUrl);
??????response.sendRedirect(loginUrl);
?????}
?????return;
????}
????TicketValidator ticketValidator = getTicketValidator(
?????companyId);
????Assertion assertion = ticketValidator.validate(
?????ticket, serviceUrl);
????if (assertion != null) {
?????AttributePrincipal attributePrincipal =
??????assertion.getPrincipal();
?????login = attributePrincipal.getName();
?????session.setAttribute(LOGIN, login);
????}
?
主要功能:单点登录(具体实现要详细的研读代码)
?
6、NtlmFilter过滤器
主要代码(略)
功能:单点登录
?
7、NtlmPostFilter过滤器
主要代码(略)
功能:单点登录
?
8、OpenSSOFilter过滤器
主要代码(略)
功能:单点登录
?
9、ValidHtmlFilter过滤器
主要代码:
protected String getContent(HttpServletRequest request, String content) {
??content = StringUtil.replaceLast(
???content, _CLOSE_BODY, StringPool.BLANK);
??content = StringUtil.replaceLast(
???content, _CLOSE_HTML, _CLOSE_BODY + _CLOSE_HTML);
??return content;
?}
主要功能:处理html数据,把html中的</body></html>放在在一起。(html类型为 text/html )
?
10、UrlRewriteFilter过滤器
主要代码:(略)
功能:重写uRL(根据配置文件urlrewrite.xml的规则,重写URL,主要是为了安全。)
?
?
