From 88d7fe2b7b86d2062f885085321201cec587d548 Mon Sep 17 00:00:00 2001
From: jomu <jomu@711a9084-f618-47a6-a783-754c49204487>
Date: Sun, 7 May 2017 14:44:34 +0000
Subject: [PATCH] added ajax aware PassThruAuthenticationFilter to support
 redirect to login page when ajax request is made while session is timed out

---
 shiro-faces/pom.xml                           |  4 +++
 ...AjaxAwarePassThruAuthenticationFilter.java | 35 +++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 shiro-faces/src/main/java/de/muehlencord/shirofaces/filter/FacesAjaxAwarePassThruAuthenticationFilter.java

diff --git a/shiro-faces/pom.xml b/shiro-faces/pom.xml
index 851095a..80fa7a1 100644
--- a/shiro-faces/pom.xml
+++ b/shiro-faces/pom.xml
@@ -36,6 +36,10 @@
             <version>${elapi.version}</version>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>javax</groupId>
+            <artifactId>javaee-api</artifactId>
+        </dependency>
     </dependencies>    
      
 </project>
\ No newline at end of file
diff --git a/shiro-faces/src/main/java/de/muehlencord/shirofaces/filter/FacesAjaxAwarePassThruAuthenticationFilter.java b/shiro-faces/src/main/java/de/muehlencord/shirofaces/filter/FacesAjaxAwarePassThruAuthenticationFilter.java
new file mode 100644
index 0000000..d14e48a
--- /dev/null
+++ b/shiro-faces/src/main/java/de/muehlencord/shirofaces/filter/FacesAjaxAwarePassThruAuthenticationFilter.java
@@ -0,0 +1,35 @@
+package de.muehlencord.shirofaces.filter;
+
+import java.io.IOException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter;
+
+/**
+ * found at http://balusc.omnifaces.org/2013/01/apache-shiro-is-it-ready-for-java-ee-6.html#MakeShiroJSFAjaxAware)
+ * source by BalusC, adjusted to PassThruAuthenticationFilter by Joern Muehlencord
+ * @author BalusC  
+ * @author Joern Muehlencord <joern at muehlencord.de>
+ */
+public class FacesAjaxAwarePassThruAuthenticationFilter extends PassThruAuthenticationFilter {
+
+    private static final String FACES_REDIRECT_XML = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+            + "<partial-response><redirect url=\"%s\"></redirect></partial-response>";
+    
+    
+    @Override
+    protected void redirectToLogin(ServletRequest req, ServletResponse res) throws IOException {
+        HttpServletRequest request = (HttpServletRequest) req;
+
+        if ("partial/ajax".equals(request.getHeader("Faces-Request"))) {
+            res.setContentType("text/xml");
+            res.setCharacterEncoding("UTF-8");
+            res.getWriter().printf(FACES_REDIRECT_XML, request.getContextPath() + getLoginUrl());
+        }
+        else {
+            super.redirectToLogin(req, res);
+        }
+    }
+    
+}