liferay过滤器（三）

1、Minifier过滤器

主要代码：

if (realPath.endsWith(_CSS_EXTENSION)) {
    if (_log.isInfoEnabled()) {
     _log.info("Minifying CSS " + file);
    }

    minifiedContent = minifyCss(request, file);

    response.setContentType(ContentTypes.TEXT_CSS);

    FileUtil.write(cacheContentTypeFile, ContentTypes.TEXT_CSS);
   }
   else if (realPath.endsWith(_JAVASCRIPT_EXTENSION)) {
    if (_log.isInfoEnabled()) {
     _log.info("Minifying JavaScript " + file);
    }

    minifiedContent = minifyJavaScript(file);

    response.setContentType(ContentTypes.TEXT_JAVASCRIPT);

    FileUtil.write(
     cacheContentTypeFile, ContentTypes.TEXT_JAVASCRIPT);
   }
   else if (realPath.endsWith(_JSP_EXTENSION)) {
    if (_log.isInfoEnabled()) {
     _log.info("Minifying JSP " + file);
    }

    StringServletResponse stringResponse =
     new StringServletResponse(response);

    processFilter(
     MinifierFilter.class, request, stringResponse, filterChain);

    CacheResponseUtil.setHeaders(
     response, stringResponse.getHeaders());

    response.setContentType(stringResponse.getContentType());

    minifiedContent = stringResponse.getString();

    if (minifierType.equals("css")) {
     minifiedContent = minifyCss(request, minifiedContent);
    }
    else if (minifierType.equals("js")) {
     minifiedContent = minifyJavaScript(minifiedContent);
    }

    FileUtil.write(
     cacheContentTypeFile, stringResponse.getContentType());
   }
   else {
    return null;
   }

   FileUtil.write(cacheDataFile, minifiedContent);

 

功能： minifier filter 根据portalet的的配置文件liferay-portlet.xml设置的css、js路径、jsp路径，组合新的路径放到response中。在portalet中，jsp中设置的js或css路径不起作用，liferay自己的默认的/MyPortletName//docroot/WEB-INF/liferay-portlet.xml里面定义的。默认是:<footer-portlet-javascript>/js/main.js</footer-portlet-javascript>，这时在liferay-portlet.xml里面设置的，如果不需要此过滤器，可以在portal-ext.properties中设置com.liferay.portal.servlet.filters.minifier.MinifierFilter=false

 

2、MonitoringFilter 过滤器

主要代码：

long companyId = PortalUtil.getCompanyId(request);

  PortalRequestDataSample portalRequestDataSample =
   new PortalRequestDataSample(
    companyId, request.getRemoteUser(), request.getRequestURI(),
    request.getRequestURL().toString());

  try {
   portalRequestDataSample.prepare();

   processFilter(
    MonitoringFilter.class, request, response, filterChain);

   portalRequestDataSample.capture(RequestStatus.SUCCESS);
  }
  catch (Exception e) {
   portalRequestDataSample.capture(RequestStatus.ERROR);

   if (e instanceof IOException) {
    throw (IOException)e;
   }
   else if (e instanceof ServletException) {
    throw (ServletException)e;
   }
   else {
    throw new ServletException("Unable to execute request", e);
   }
  }
  finally {
   MessageBusUtil.sendMessage(
    DestinationNames.MONITORING, portalRequestDataSample);

   DataSampleThreadLocal.addDataSample(portalRequestDataSample);
  }

 

作用：监控服务器响应时间(没怎么看懂，猜得)

 

3、SecureFilter  过滤器

主要代码：

if (isAccessAllowed(request)) {
   if (_log.isDebugEnabled()) {
    _log.debug("Access allowed for " + remoteAddr);
   }
  }
  else {
   if (_log.isWarnEnabled()) {
    _log.warn("Access denied for " + remoteAddr);
   }

   response.sendError(
    HttpServletResponse.SC_FORBIDDEN,
    "Access denied for " + remoteAddr);

   return;
  }

  if (_log.isDebugEnabled()) {
   if (_httpsRequired) {
    _log.debug("https is required");
   }
   else {
    _log.debug("https is not required");
   }
  }

功能：判断访问地址是否安全，是否走https://

 

4、SessionIdFilter过滤器

主要代码：

SessionIdServletRequest sessionIdRequest = new SessionIdServletRequest(
   request, response);

功能：如果 com.liferay.portal.servlet.filters.sessionid.SessionIdFilter=true，保证只一个session创建

 

5、CASFilter过滤器

主要代码：

if (pathInfo.indexOf("/portal/logout") != -1) {
    session.invalidate();

    String logoutUrl = PrefsPropsUtil.getString(
     companyId, PropsKeys.CAS_LOGOUT_URL,
     PropsValues.CAS_LOGOUT_URL);

    response.sendRedirect(logoutUrl);

    return;
   }
   else {
    String login = (String)session.getAttribute(LOGIN);

    String serverName = PrefsPropsUtil.getString(
     companyId, PropsKeys.CAS_SERVER_NAME,
     PropsValues.CAS_SERVER_NAME);

    String serviceUrl = PrefsPropsUtil.getString(
     companyId, PropsKeys.CAS_SERVICE_URL,
     PropsValues.CAS_SERVICE_URL);

    if (Validator.isNull(serviceUrl)) {
     serviceUrl = CommonUtils.constructServiceUrl(
      request, response, serviceUrl, serverName, "ticket",
      false);
    }

    String ticket = ParamUtil.getString(request, "ticket");

    if (Validator.isNull(ticket)) {
     if (Validator.isNotNull(login)) {
      processFilter(
       CASFilter.class, request, response, filterChain);
     }
     else {
      String loginUrl = PrefsPropsUtil.getString(
       companyId, PropsKeys.CAS_LOGIN_URL,
       PropsValues.CAS_LOGIN_URL);

      loginUrl = HttpUtil.addParameter(
       loginUrl, "service", serviceUrl);

      response.sendRedirect(loginUrl);
     }

     return;
    }

    TicketValidator ticketValidator = getTicketValidator(
     companyId);

    Assertion assertion = ticketValidator.validate(
     ticket, serviceUrl);

    if (assertion != null) {
     AttributePrincipal attributePrincipal =
      assertion.getPrincipal();

     login = attributePrincipal.getName();

     session.setAttribute(LOGIN, login);
    }

 

主要功能：单点登录（具体实现要详细的研读代码）

 

6、NtlmFilter过滤器

主要代码（略）

功能：单点登录

 

7、NtlmPostFilter过滤器

主要代码（略）

功能：单点登录

 

8、OpenSSOFilter过滤器

主要代码（略）

功能：单点登录

 

9、ValidHtmlFilter过滤器

主要代码：

protected String getContent(HttpServletRequest request, String content) {
  content = StringUtil.replaceLast(
   content, _CLOSE_BODY, StringPool.BLANK);
  content = StringUtil.replaceLast(
   content, _CLOSE_HTML, _CLOSE_BODY + _CLOSE_HTML);

  return content;
 }

主要功能：处理html数据，把html中的</body></html>放在在一起。（html类型为 text/html ）

 

10、UrlRewriteFilter过滤器

主要代码：（略）

功能：重写uRL（根据配置文件urlrewrite.xml的规则，重写URL，主要是为了安全。）