annotate flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 5545:ed149d5d7fb7

Add floodmarks importer
author Andre Heinecke <aheinecke@intevation.de>
date Wed, 03 Apr 2013 16:33:28 +0200
parents 82cc03e5f1c4
children
rev   line source
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
1 package de.intevation.flys.client.server;
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
2
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
3 import java.io.IOException;
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
4
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
5 import javax.servlet.ServletException;
3485
71ba3cf3ec5e Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2984
diff changeset
6 import javax.servlet.ServletContext;
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
7 import javax.servlet.http.HttpServlet;
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
8 import javax.servlet.http.HttpServletRequest;
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
9 import javax.servlet.http.HttpServletResponse;
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
10 import javax.servlet.http.HttpSession;
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
11
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
12 import org.apache.log4j.Logger;
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
13
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
14 import de.intevation.flys.client.server.auth.Authentication;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
15 import de.intevation.flys.client.server.auth.AuthenticationException;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
16 import de.intevation.flys.client.server.auth.AuthenticationFactory;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
17 import de.intevation.flys.client.server.auth.User;
2984
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
18 import de.intevation.flys.client.server.auth.UserClient;
3485
71ba3cf3ec5e Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2984
diff changeset
19 import de.intevation.flys.client.server.features.Features;
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
20
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
21 public class LoginServlet extends HttpServlet {
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
22
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
23 private static Logger logger = Logger.getLogger(LoginServlet.class);
4451
e2d8f344491e Use static variable for login page name in LoginServlet
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4450
diff changeset
24
4450
0074c113bb95 Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4194
diff changeset
25 private static final String FLYS_PAGE = "FLYS.html";
4451
e2d8f344491e Use static variable for login page name in LoginServlet
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4450
diff changeset
26 private static final String LOGIN_PAGE = "login.jsp";
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
27
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
28 private void redirectFailure(HttpServletResponse resp, String path)
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
29 throws IOException {
4451
e2d8f344491e Use static variable for login page name in LoginServlet
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4450
diff changeset
30 resp.sendRedirect(path + "/" + LOGIN_PAGE);
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
31 }
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
32
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
33 private void redirectFailure(HttpServletResponse resp, String path,
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
34 Exception e) throws IOException {
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
35 this.redirectFailure(resp, path, e.getMessage());
2969
16c71457ed43 Display error details to the user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2956
diff changeset
36 }
16c71457ed43 Display error details to the user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2956
diff changeset
37
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
38 private void redirectFailure(HttpServletResponse resp, String path,
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
39 String message) throws IOException {
4451
e2d8f344491e Use static variable for login page name in LoginServlet
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4450
diff changeset
40 resp.sendRedirect(path + "/" + LOGIN_PAGE + "?error=" + message);
2984
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
41 }
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
42
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
43 private void redirectSuccess(HttpServletResponse resp, String path,
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
44 String uri) throws IOException {
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
45 if (uri == null) {
4194
17fe00c09b7c Don't redirect to request uri
Björn Ricks <bjoern.ricks@intevation.de>
parents: 3851
diff changeset
46 String redirecturl = getServletContext().getInitParameter("redirect-url");
4450
0074c113bb95 Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4194
diff changeset
47 if (redirecturl == null) {
0074c113bb95 Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4194
diff changeset
48 redirecturl = FLYS_PAGE;
0074c113bb95 Be sure that a redirect url always exist
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4194
diff changeset
49 }
4194
17fe00c09b7c Don't redirect to request uri
Björn Ricks <bjoern.ricks@intevation.de>
parents: 3851
diff changeset
50 uri = "/" + redirecturl;
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
51 }
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
52 resp.sendRedirect(uri);
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
53 }
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
54
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
55 @Override
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
56 protected void doGet(HttpServletRequest req, HttpServletResponse resp)
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
57 throws ServletException, IOException {
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
58 logger.debug("Processing get request");
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
59 this.redirectFailure(resp, req.getContextPath());
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
60 }
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
61
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
62 @Override
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
63 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
3697
2e12518ff5b4 Removed trailing whitespace. Reverted functional change in parsing plain user file.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 3696
diff changeset
64 throws ServletException, IOException
3696
a050cb5f303f Cosmetics
Christian Lins <christian.lins@intevation.de>
parents: 3503
diff changeset
65 {
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
66 String encoding = req.getCharacterEncoding();
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
67 String username = req.getParameter("username");
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
68 String password = req.getParameter("password");
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
69
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
70 logger.debug("Processing post request");
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
71
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
72 if (username == null || password == null) {
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
73 logger.debug("No username or password provided");
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
74 this.redirectFailure(resp, req.getContextPath());
3696
a050cb5f303f Cosmetics
Christian Lins <christian.lins@intevation.de>
parents: 3503
diff changeset
75 return;
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
76 }
3697
2e12518ff5b4 Removed trailing whitespace. Reverted functional change in parsing plain user file.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 3696
diff changeset
77
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
78 try {
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
79 Authentication aresp = this.auth(username, password, encoding);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
80 if (aresp == null || !aresp.isSuccess()) {
3696
a050cb5f303f Cosmetics
Christian Lins <christian.lins@intevation.de>
parents: 3503
diff changeset
81 logger.debug("Authentication not successful");
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
82 this.redirectFailure(resp, req.getContextPath());
4489
fea3e4b6faba Return after sending a redirect
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4451
diff changeset
83 return;
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
84 }
2984
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
85 User user = aresp.getUser();
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
86
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
87 String url = getServletContext().getInitParameter("server-url");
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
88 UserClient client = new UserClient(url);
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
89 if (!client.userExists(user)) {
3503
56f17c6c6288 Add debug output if a database user will be created
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3485
diff changeset
90 logger.debug("Creating db user");
2984
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
91 if (!client.createUser(user)) {
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
92 this.redirectFailure(resp, req.getContextPath(),
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
93 "Could not create new user");
4489
fea3e4b6faba Return after sending a redirect
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4451
diff changeset
94 return;
2984
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
95 }
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
96 }
06d999e95615 Add UserClient class to handle REST communication for user related interfaces.
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2972
diff changeset
97
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
98 HttpSession session = req.getSession();
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
99 session.setAttribute("user", user);
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
100
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
101 String uri = (String)session.getAttribute("requesturi");
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
102
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
103 this.redirectSuccess(resp, req.getContextPath(), uri);
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
104 }
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
105 catch(AuthenticationException e) {
4490
82cc03e5f1c4 Add stack trace if authentication was not successfull
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4489
diff changeset
106 logger.error(e, e);
3851
a4c9296f6efa Use the Context PATH servlet variable when using URLs in the GGInAFilter
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3697
diff changeset
107 this.redirectFailure(resp, req.getContextPath(), e);
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
108 }
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
109 }
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
110
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2950
diff changeset
111 private Authentication auth(String username, String password, String encoding)
3697
2e12518ff5b4 Removed trailing whitespace. Reverted functional change in parsing plain user file.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 3696
diff changeset
112 throws AuthenticationException, IOException
3696
a050cb5f303f Cosmetics
Christian Lins <christian.lins@intevation.de>
parents: 3503
diff changeset
113 {
3485
71ba3cf3ec5e Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2984
diff changeset
114 ServletContext sc = this.getServletContext();
71ba3cf3ec5e Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2984
diff changeset
115 Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE);
71ba3cf3ec5e Refactor Authentication to allow to pass the Freatures to the user class
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2984
diff changeset
116 String auth = sc.getInitParameter("authentication");
4451
e2d8f344491e Use static variable for login page name in LoginServlet
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4450
diff changeset
117 return AuthenticationFactory.getInstance(auth).auth(username, password,
e2d8f344491e Use static variable for login page name in LoginServlet
Björn Ricks <bjoern.ricks@intevation.de>
parents: 4450
diff changeset
118 encoding, features);
2950
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
119 }
192eddbbd4cf Implement a login page to be able to authenticate a user
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
120 }

http://dive4elements.wald.intevation.org