package info.elexis.server.core.security;

import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:info/elexis/server/core/security/NoLoginRedirectShiroFilter.class */
public class NoLoginRedirectShiroFilter extends AuthorizationFilter {
    private static final String message = "Access denied.";

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        Subject subject = getSubject(servletRequest, servletResponse);
        System.out.println(subject.getPrincipal());
        return subject.isAuthenticated();
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        try {
            HttpServletResponse http = WebUtils.toHttp(servletResponse);
            if (message == 0) {
                http.sendError(403);
                return false;
            }
            http.sendError(403, message);
            return false;
        } catch (ClassCastException e) {
            return super.onAccessDenied(servletRequest, servletResponse);
        }
    }
}
