/*
    * Licensed to the Apache Software Foundation (ASF) under one
    * or more contributor license agreements.  See the NOTICE file
    * distributed with this work for additional information
    * regarding copyright ownership.  The ASF licenses this file
    * to you under the Apache License, Version 2.0 (the
    * "License"); you may not use this file except in compliance
    * with the License.  You may obtain a copy of the License at
    *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing,
   * software distributed under the License is distributed on an
   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   * KIND, either express or implied.  See the License for the
   * specific language governing permissions and limitations
   * under the License.
   */
  package org.apache.shiro.samples.spring.web;
  
  import java.util.HashMap;
  import java.util.Map;
  import javax.annotation.Resource;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
  import org.springframework.stereotype.Component;
  import org.springframework.web.bind.annotation.RequestMapping;
  import org.springframework.web.bind.annotation.RequestMethod;
  import org.springframework.web.servlet.ModelAndView;
  import org.springframework.web.servlet.mvc.AbstractController;
  
  import org.apache.shiro.SecurityUtils;
  import org.apache.shiro.session.Session;
  import org.apache.shiro.subject.Subject;
  
  /**
   * Controller used to dynamically build a JNLP file used to launch the Shiro
   * Spring WebStart sample application.
   *
   * @since 0.1
   */
  @Component
  @RequestMapping("/s/shiro.jnlp")
  public class JnlpController extends AbstractController {
  
      /*--------------------------------------------
      |             C O N S T A N T S             |
      ============================================*/
  
      /*--------------------------------------------
      |    I N S T A N C E   V A R I A B L E S    |
      ============================================*/
      private String jnlpView = "shiro.jnlp";
  
      /*--------------------------------------------
      |         C O N S T R U C T O R S           |
      ============================================*/
  
      /*--------------------------------------------
      |  A C C E S S O R S / M O D I F I E R S    |
      ============================================*/
  
      public void setJnlpView(String jnlpView) {
          this.jnlpView = jnlpView;
      }
  
      /*--------------------------------------------
      |               M E T H O D S               |
      ============================================*/
  
      @RequestMapping(method = RequestMethod.GET)
      protected ModelAndView handleRequestInternal(HttpServletRequest request, HttpServletResponse response) throws Exception {
  
          Subject subject = SecurityUtils.getSubject();
          Session session = null;
  
          if (subject != null) {
              session = subject.getSession();
          }
          if (session == null) {
              String msg = "Expected a non-null Shiro session.";
              throw new IllegalArgumentException(msg);
          }
  
          StringBuilder sb = new StringBuilder();
          sb.append("http://");
          sb.append(request.getServerName());
          if (request.getServerPort() != 80) {
              sb.append(":");
              sb.append(request.getServerPort());
          }
          sb.append(request.getContextPath());
  
          // prevent JNLP caching by setting response headers
          response.setHeader("cache-control", "no-cache");
          response.setHeader("pragma", "no-cache");
  
          Map<String, Object> model = new HashMap<String, Object>();
         model.put("codebaseUrl", sb.toString());
         model.put("sessionId", session.getId());
         return new ModelAndView(jnlpView, model);
     }
 }