1
22
23 package com.liferay.portal.events;
24
25 import com.liferay.portal.kernel.events.Action;
26 import com.liferay.portal.kernel.events.ActionException;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.kernel.util.Http;
30 import com.liferay.portal.kernel.util.HttpUtil;
31 import com.liferay.portal.kernel.util.StringUtil;
32
33 import javax.servlet.http.HttpServletRequest;
34 import javax.servlet.http.HttpServletResponse;
35
36
48 public class SecureRequestAction extends Action {
49
50 public void run(HttpServletRequest request, HttpServletResponse response)
51 throws ActionException {
52
53 try {
54 if (request.isSecure()) {
55 return;
56 }
57
58 if (!isRequiresSecure(request)) {
59 return;
60 }
61
62 if (response.isCommitted()) {
63 return;
64 }
65
66 String redirect = getRedirect(request);
67
68 if (_log.isDebugEnabled()) {
69 _log.debug("Redirect " + redirect);
70 }
71
72 if (redirect != null) {
73 response.sendRedirect(redirect);
74 }
75 }
76 catch (Exception e) {
77 throw new ActionException(e);
78 }
79 }
80
81 protected String getRedirect(HttpServletRequest request) {
82 String unsecureCompleteURL = HttpUtil.getCompleteURL(request);
83
84 if (_log.isDebugEnabled()) {
85 _log.debug("Unsecure URL " + unsecureCompleteURL);
86 }
87
88 String secureCompleteURL = StringUtil.replaceFirst(
89 unsecureCompleteURL, Http.HTTP_WITH_SLASH, Http.HTTPS_WITH_SLASH);
90
91 if (_log.isDebugEnabled()) {
92 _log.debug("Secure URL " + secureCompleteURL);
93 }
94
95 if (unsecureCompleteURL.equals(secureCompleteURL)) {
96 return null;
97 }
98 else {
99 return secureCompleteURL;
100 }
101 }
102
103 protected boolean isRequiresSecure(HttpServletRequest request) {
104 return _REQUIRES_SECURE;
105 }
106
107 private static final boolean _REQUIRES_SECURE = true;
108
109 private static Log _log = LogFactoryUtil.getLog(SecureRequestAction.class);
110
111 }