=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java' --- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java 2013-09-02 06:55:31 +0000 +++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java 2013-10-16 13:43:31 +0000 @@ -40,6 +40,8 @@ import java.util.HashMap; import java.util.Map; +import static org.hisp.dhis.security.filter.CustomAuthenticationFilter.*; + /** * @author mortenoh */ @@ -81,6 +83,10 @@ { Device device = deviceResolver.resolveDevice( request ); + // --------------------------------------------------------------------- + // Ignore certain ajax requests + // --------------------------------------------------------------------- + for ( String key : redirectMap.keySet() ) { if ( url.indexOf( key ) != -1 ) @@ -89,7 +95,11 @@ } } - String mobileVersion = (String) request.getAttribute( "mobileVersion" ); + // --------------------------------------------------------------------- + // Redirect to mobile start pages + // --------------------------------------------------------------------- + + String mobileVersion = (String) request.getAttribute( PARAM_MOBILE_VERSION ); mobileVersion = mobileVersion == null ? "desktop" : mobileVersion; if ( (device.isMobile() || device.isTablet()) && mobileVersion.equals( "basic" ) ) @@ -105,6 +115,17 @@ url = getRootPath( request ) + "/"; } + // --------------------------------------------------------------------- + // Check if redirect should be skipped - for cookie authentication only + // --------------------------------------------------------------------- + + String authOnly = (String) request.getAttribute( PARAM_AUTH_ONLY ); + + if ( "true".equals( authOnly ) ) + { + return; + } + log.debug( "Redirecting to " + url ); super.sendRedirect( request, response, url ); === modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CustomAuthenticationFilter.java' --- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CustomAuthenticationFilter.java 2013-08-23 16:05:01 +0000 +++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CustomAuthenticationFilter.java 2013-10-16 13:43:31 +0000 @@ -37,6 +37,9 @@ public class CustomAuthenticationFilter implements Filter { + public static final String PARAM_MOBILE_VERSION = "mobileVersion"; + public static final String PARAM_AUTH_ONLY = "authOnly"; + @Override public void init( FilterConfig filterConfig ) throws ServletException { @@ -45,13 +48,19 @@ @Override public void doFilter( ServletRequest request, ServletResponse response, FilterChain filterChain ) throws IOException, ServletException { - String mobileVersion = request.getParameter( "mobileVersion" ); - + String mobileVersion = request.getParameter( PARAM_MOBILE_VERSION ); + String authOnly = request.getParameter( PARAM_AUTH_ONLY ); + if ( mobileVersion != null ) { - request.setAttribute( "mobileVersion", mobileVersion ); + request.setAttribute( PARAM_MOBILE_VERSION, mobileVersion ); } + if ( authOnly != null ) + { + request.setAttribute( PARAM_AUTH_ONLY, authOnly ); + } + filterChain.doFilter( request, response ); }