dive4elements/river: flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java annotate

annotate flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 2950:192eddbbd4cf

Implement a login page to be able to authenticate a user The username and password requested by the login.jsp are send to the LoginServlet. The credentials are afterwards used to authenticate the user against GGinA. flys-client/trunk@4928 c6561f87-3c4e-4783-a992-168aeb5c3f6f

author	Bjoern Ricks <bjoern.ricks@intevation.de>
date	Wed, 11 Jul 2012 10:37:10 +0000
parents
children	d7f76f197d89

rev	line source
2950 192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	1 package de.intevation.flys.client.server;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	2
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	3 import java.io.IOException;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	4 import java.security.GeneralSecurityException;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	5
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	6 import javax.servlet.ServletException;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	7 import javax.servlet.http.HttpServlet;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	8 import javax.servlet.http.HttpServletRequest;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	9 import javax.servlet.http.HttpServletResponse;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	10 import javax.servlet.http.HttpSession;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	11
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	12 import org.apache.http.HttpEntity;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	13 import org.apache.http.HttpResponse;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	14 import org.apache.http.client.HttpClient;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	15 import org.apache.http.conn.scheme.Scheme;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	16 import org.apache.http.conn.ssl.SSLSocketFactory;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	17 import org.apache.http.impl.client.DefaultHttpClient;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	18
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	19 import org.apache.log4j.Logger;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	20
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	21 import de.intevation.flys.client.server.was.Assertion;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	22 import de.intevation.flys.client.server.was.User;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	23 import de.intevation.flys.client.server.was.Request;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	24 import de.intevation.flys.client.server.was.Response;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	25 import de.intevation.flys.client.server.was.ServiceException;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	26 import de.intevation.flys.client.server.was.Signature;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	27
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	28
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	29
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	30 public class LoginServlet extends HttpServlet {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	31
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	32 private static Logger logger = Logger.getLogger(LoginServlet.class);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	33
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	34 private void redirectFailure(HttpServletResponse resp) throws IOException {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	35 resp.sendRedirect("/login.jsp");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	36 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	37
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	38 private void redirectSuccess(HttpServletResponse resp, String uri) throws IOException {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	39 if (uri == null) {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	40 uri = "/FLYS.html";
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	41 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	42 resp.sendRedirect(uri);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	43 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	44
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	45 @Override
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	46 protected void doGet(HttpServletRequest req, HttpServletResponse resp)
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	47 throws ServletException, IOException {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	48 logger.debug("Processing get request");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	49 this.redirectFailure(resp);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	50 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	51
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	52 @Override
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	53 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	54 throws ServletException, IOException {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	55 String encoding = req.getCharacterEncoding();
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	56 String username = req.getParameter("username");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	57 String password = req.getParameter("password");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	58
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	59 logger.debug("Processing post request");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	60
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	61 if (username == null \|\| password == null) {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	62 logger.debug("No username or password provided");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	63 this.redirectFailure(resp);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	64 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	65 try {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	66 Response wasresp = this.auth(username, password, encoding);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	67 if (wasresp == null \|\| !wasresp.isSuccess()) {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	68 logger.debug("Athentication not successful");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	69 this.redirectFailure(resp);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	70 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	71 HttpSession session = req.getSession();
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	72 User user = new User(username, password);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	73 session.setAttribute("user", user);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	74
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	75 String uri = (String)session.getAttribute("requesturi");
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	76
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	77 this.redirectSuccess(resp, uri);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	78
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	79 /* Assertion assertion = wasresponse.getAssertion(); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	80 /* System.out.println("ID: " + assertion.getID()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	81 /* System.out.println("UserID: " + assertion.getUserID()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	82 /* System.out.println("NameID: " + assertion.getNameID()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	83 /* System.out.println("GroupID: " + assertion.getGroupID()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	84 /* System.out.println("GroupName: " + assertion.getGroupName()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	85 /* System.out.println("From: " + assertion.getFrom()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	86 /* System.out.println("Until: " + assertion.getUntil()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	87 /* for(String role : assertion.getRoles()) { */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	88 /* System.out.println("Role: " + role); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	89 /* } */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	90 /* Signature signature = assertion.getSiganture(); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	91 /* System.out.println("Cert:"); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	92 /* System.out.println(signature.getCertificate()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	93 /* System.out.println("Value: " + signature.getValue()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	94 /* System.out.println("Digest: " + signature.getDigestValue()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	95 /* System.out.println("Reference: " + signature.getReference()); */
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	96
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	97 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	98 catch(ServiceException e) {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	99 //TODO User could not be authenticated
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	100 throw new ServletException(e);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	101 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	102 catch(GeneralSecurityException e) {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	103 throw new ServletException(e);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	104 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	105 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	106
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	107 private Response auth(String username, String password, String encoding)
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	108 throws IOException, ServiceException, GeneralSecurityException {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	109 SSLSocketFactory sf = new SSLSocketFactory(
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	110 new GGInATrustStrategy());
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	111 Scheme https = new Scheme("https", 443, sf);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	112 HttpClient httpclient = new DefaultHttpClient();
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	113 httpclient.getConnectionManager().getSchemeRegistry().register(https);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	114
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	115 Request httpget = new Request("https://geoportal.bafg.de/" +
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	116 "administration/WAS", username, password, encoding);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	117 HttpResponse response = httpclient.execute(httpget);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	118 HttpEntity entity = response.getEntity();
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	119 if (entity == null) {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	120 return null;
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	121 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	122 else {
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	123 return new Response(entity);
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	124 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	125 }
192eddbbd4cf Implement a login page to be able to authenticate a user Bjoern Ricks <bjoern.ricks@intevation.de> parents: diff changeset	126 }

Mercurial > dive4elements > river

annotate flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 2950:192eddbbd4cf