1
14
15 package com.liferay.portal.events;
16
17 import com.liferay.portal.kernel.events.Action;
18 import com.liferay.portal.kernel.events.ActionException;
19 import com.liferay.portal.kernel.log.Log;
20 import com.liferay.portal.kernel.log.LogFactoryUtil;
21 import com.liferay.portal.kernel.util.Http;
22 import com.liferay.portal.kernel.util.StringUtil;
23 import com.liferay.portal.util.PortalUtil;
24
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpServletResponse;
27
28
39 public class SecureRequestAction extends Action {
40
41 public void run(HttpServletRequest request, HttpServletResponse response)
42 throws ActionException {
43
44 try {
45 if (request.isSecure()) {
46 return;
47 }
48
49 if (!isRequiresSecure(request)) {
50 return;
51 }
52
53 if (response.isCommitted()) {
54 return;
55 }
56
57 String redirect = getRedirect(request);
58
59 if (_log.isDebugEnabled()) {
60 _log.debug("Redirect " + redirect);
61 }
62
63 if (redirect != null) {
64 response.sendRedirect(redirect);
65 }
66 }
67 catch (Exception e) {
68 throw new ActionException(e);
69 }
70 }
71
72 protected String getRedirect(HttpServletRequest request) {
73 String unsecureCompleteURL = PortalUtil.getCurrentCompleteURL(request);
74
75 if (_log.isDebugEnabled()) {
76 _log.debug("Unsecure URL " + unsecureCompleteURL);
77 }
78
79 String secureCompleteURL = StringUtil.replaceFirst(
80 unsecureCompleteURL, Http.HTTP_WITH_SLASH, Http.HTTPS_WITH_SLASH);
81
82 if (_log.isDebugEnabled()) {
83 _log.debug("Secure URL " + secureCompleteURL);
84 }
85
86 if (unsecureCompleteURL.equals(secureCompleteURL)) {
87 return null;
88 }
89 else {
90 return secureCompleteURL;
91 }
92 }
93
94 protected boolean isRequiresSecure(HttpServletRequest request) {
95 return _REQUIRES_SECURE;
96 }
97
98 private static final boolean _REQUIRES_SECURE = true;
99
100 private static Log _log = LogFactoryUtil.getLog(SecureRequestAction.class);
101
102 }