Mercurial > dive4elements > river
annotate flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 4450:0074c113bb95
Be sure that a redirect url always exist
When redirecting the user after a successful authentication be sure that the url
is valid.
| author | Björn Ricks <bjoern.ricks@intevation.de> |
|---|---|
| date | Thu, 08 Nov 2012 10:29:09 +0100 |
| parents | 17fe00c09b7c |
| children | e2d8f344491e |
| rev | line source |
|---|---|
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
1 package de.intevation.flys.client.server; |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
2 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
3 import java.io.IOException; |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
4 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
5 import javax.servlet.ServletException; |
|
3485
71ba3cf3ec5e
Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2984
diff
changeset
|
6 import javax.servlet.ServletContext; |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
7 import javax.servlet.http.HttpServlet; |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
8 import javax.servlet.http.HttpServletRequest; |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
9 import javax.servlet.http.HttpServletResponse; |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
10 import javax.servlet.http.HttpSession; |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
11 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
12 import org.apache.log4j.Logger; |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
13 |
|
2956
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
14 import de.intevation.flys.client.server.auth.Authentication; |
|
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
15 import de.intevation.flys.client.server.auth.AuthenticationException; |
|
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
16 import de.intevation.flys.client.server.auth.AuthenticationFactory; |
|
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
17 import de.intevation.flys.client.server.auth.User; |
|
2984
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
18 import de.intevation.flys.client.server.auth.UserClient; |
|
3485
71ba3cf3ec5e
Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2984
diff
changeset
|
19 import de.intevation.flys.client.server.features.Features; |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
20 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
21 public class LoginServlet extends HttpServlet { |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
22 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
23 private static Logger logger = Logger.getLogger(LoginServlet.class); |
|
4450
0074c113bb95
Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents:
4194
diff
changeset
|
24 private static final String FLYS_PAGE = "FLYS.html"; |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
25 |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
26 private void redirectFailure(HttpServletResponse resp, String path) |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
27 throws IOException { |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
28 resp.sendRedirect(path + "/login.jsp"); |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
29 } |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
30 |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
31 private void redirectFailure(HttpServletResponse resp, String path, |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
32 Exception e) throws IOException { |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
33 this.redirectFailure(resp, path, e.getMessage()); |
|
2969
16c71457ed43
Display error details to the user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2956
diff
changeset
|
34 } |
|
16c71457ed43
Display error details to the user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2956
diff
changeset
|
35 |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
36 private void redirectFailure(HttpServletResponse resp, String path, |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
37 String message) throws IOException { |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
38 resp.sendRedirect(path + "/login.jsp?error=" + message); |
|
2984
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
39 } |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
40 |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
41 private void redirectSuccess(HttpServletResponse resp, String path, |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
42 String uri) throws IOException { |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
43 if (uri == null) { |
|
4194
17fe00c09b7c
Don't redirect to request uri
Björn Ricks <bjoern.ricks@intevation.de>
parents:
3851
diff
changeset
|
44 String redirecturl = getServletContext().getInitParameter("redirect-url"); |
|
4450
0074c113bb95
Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents:
4194
diff
changeset
|
45 if (redirecturl == null) { |
|
0074c113bb95
Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents:
4194
diff
changeset
|
46 redirecturl = FLYS_PAGE; |
|
0074c113bb95
Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents:
4194
diff
changeset
|
47 } |
|
4194
17fe00c09b7c
Don't redirect to request uri
Björn Ricks <bjoern.ricks@intevation.de>
parents:
3851
diff
changeset
|
48 uri = "/" + redirecturl; |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
49 } |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
50 resp.sendRedirect(uri); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
51 } |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
52 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
53 @Override |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
54 protected void doGet(HttpServletRequest req, HttpServletResponse resp) |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
55 throws ServletException, IOException { |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
56 logger.debug("Processing get request"); |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
57 this.redirectFailure(resp, req.getContextPath()); |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
58 } |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
59 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
60 @Override |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
61 protected void doPost(HttpServletRequest req, HttpServletResponse resp) |
|
3697
2e12518ff5b4
Removed trailing whitespace. Reverted functional change in parsing plain user file.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
3696
diff
changeset
|
62 throws ServletException, IOException |
| 3696 | 63 { |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
64 String encoding = req.getCharacterEncoding(); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
65 String username = req.getParameter("username"); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
66 String password = req.getParameter("password"); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
67 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
68 logger.debug("Processing post request"); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
69 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
70 if (username == null || password == null) { |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
71 logger.debug("No username or password provided"); |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
72 this.redirectFailure(resp, req.getContextPath()); |
| 3696 | 73 return; |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
74 } |
|
3697
2e12518ff5b4
Removed trailing whitespace. Reverted functional change in parsing plain user file.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
3696
diff
changeset
|
75 |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
76 try { |
|
2956
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
77 Authentication aresp = this.auth(username, password, encoding); |
|
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
78 if (aresp == null || !aresp.isSuccess()) { |
| 3696 | 79 logger.debug("Authentication not successful"); |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
80 this.redirectFailure(resp, req.getContextPath()); |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
81 } |
|
2984
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
82 User user = aresp.getUser(); |
|
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
83 |
|
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
84 String url = getServletContext().getInitParameter("server-url"); |
|
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
85 UserClient client = new UserClient(url); |
|
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
86 if (!client.userExists(user)) { |
|
3503
56f17c6c6288
Add debug output if a database user will be created
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3485
diff
changeset
|
87 logger.debug("Creating db user"); |
|
2984
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
88 if (!client.createUser(user)) { |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
89 this.redirectFailure(resp, req.getContextPath(), |
|
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
90 "Could not create new user"); |
|
2984
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
91 } |
|
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
92 } |
|
06d999e95615
Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2972
diff
changeset
|
93 |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
94 HttpSession session = req.getSession(); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
95 session.setAttribute("user", user); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
96 |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
97 String uri = (String)session.getAttribute("requesturi"); |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
98 |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
99 this.redirectSuccess(resp, req.getContextPath(), uri); |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
100 } |
|
2956
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
101 catch(AuthenticationException e) { |
|
2970
b89dd09b486c
Also log an authentication failure
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2969
diff
changeset
|
102 logger.error(e); |
|
3851
a4c9296f6efa
Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
3697
diff
changeset
|
103 this.redirectFailure(resp, req.getContextPath(), e); |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
104 } |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
105 } |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
106 |
|
2956
d7f76f197d89
Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2950
diff
changeset
|
107 private Authentication auth(String username, String password, String encoding) |
|
3697
2e12518ff5b4
Removed trailing whitespace. Reverted functional change in parsing plain user file.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
3696
diff
changeset
|
108 throws AuthenticationException, IOException |
| 3696 | 109 { |
|
3485
71ba3cf3ec5e
Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2984
diff
changeset
|
110 ServletContext sc = this.getServletContext(); |
|
71ba3cf3ec5e
Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2984
diff
changeset
|
111 Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); |
|
71ba3cf3ec5e
Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2984
diff
changeset
|
112 String auth = sc.getInitParameter("authentication"); |
|
71ba3cf3ec5e
Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
2984
diff
changeset
|
113 return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features); |
|
2950
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
114 } |
|
192eddbbd4cf
Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff
changeset
|
115 } |