package org.tynamo.security.internal;
import java.io.IOException;
import java.util.List;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.util.StringUtils;
import org.apache.tapestry5.ExceptionHandlerAssistant;
import org.apache.tapestry5.internal.services.PageResponseRenderer;
import org.apache.tapestry5.internal.services.RequestPageCache;
import org.apache.tapestry5.internal.structure.Page;
import org.apache.tapestry5.services.Response;
import org.tynamo.security.internal.services.LoginContextService;
import org.tynamo.security.services.SecurityService;
public class SecurityExceptionHandlerAssistant implements ExceptionHandlerAssistant {
private final SecurityService securityService;
private final LoginContextService loginContextService;
private final Response response;
private final PageResponseRenderer renderer;
private final RequestPageCache pageCache;
public SecurityExceptionHandlerAssistant(final SecurityService securityService,
final LoginContextService pageService, final RequestPageCache pageCache, final Response response,
final PageResponseRenderer renderer) {
this.securityService =securityService;
this.loginContextService = pageService;
this.pageCache = pageCache;
this.response = response;
this.renderer = renderer;
}
@Override
public Object handleRequestException(Throwable exception, List<Object> exceptionContext) throws IOException {
if (securityService.isAuthenticated()) {
String unauthorizedPage = loginContextService.getUnauthorizedPage();
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
if (!StringUtils.hasText(unauthorizedPage)) return null;
Page page = pageCache.get(unauthorizedPage);
renderer.renderPageResponse(page);
return null;
}
loginContextService.saveRequest();
return loginContextService.getLoginPage();
}
}
