001
014
015 package com.liferay.portal.events;
016
017 import com.liferay.portal.kernel.events.Action;
018 import com.liferay.portal.kernel.events.ActionException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.util.Http;
022 import com.liferay.portal.kernel.util.StringUtil;
023 import com.liferay.portal.util.PortalUtil;
024
025 import javax.servlet.http.HttpServletRequest;
026 import javax.servlet.http.HttpServletResponse;
027
028
037 public class SecureRequestAction extends Action {
038
039 public void run(HttpServletRequest request, HttpServletResponse response)
040 throws ActionException {
041
042 try {
043 if (request.isSecure()) {
044 return;
045 }
046
047 if (!isRequiresSecure(request)) {
048 return;
049 }
050
051 if (response.isCommitted()) {
052 return;
053 }
054
055 String redirect = getRedirect(request);
056
057 if (_log.isDebugEnabled()) {
058 _log.debug("Redirect " + redirect);
059 }
060
061 if (redirect != null) {
062 response.sendRedirect(redirect);
063 }
064 }
065 catch (Exception e) {
066 throw new ActionException(e);
067 }
068 }
069
070 protected String getRedirect(HttpServletRequest request) {
071 String unsecureCompleteURL = PortalUtil.getCurrentCompleteURL(request);
072
073 if (_log.isDebugEnabled()) {
074 _log.debug("Unsecure URL " + unsecureCompleteURL);
075 }
076
077 String secureCompleteURL = StringUtil.replaceFirst(
078 unsecureCompleteURL, Http.HTTP_WITH_SLASH, Http.HTTPS_WITH_SLASH);
079
080 if (_log.isDebugEnabled()) {
081 _log.debug("Secure URL " + secureCompleteURL);
082 }
083
084 if (unsecureCompleteURL.equals(secureCompleteURL)) {
085 return null;
086 }
087 else {
088 return secureCompleteURL;
089 }
090 }
091
092 protected boolean isRequiresSecure(HttpServletRequest request) {
093 return _REQUIRES_SECURE;
094 }
095
096 private static final boolean _REQUIRES_SECURE = true;
097
098 private static Log _log = LogFactoryUtil.getLog(SecureRequestAction.class);
099
100 }