Mercurial > dive4elements > river

comparison flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 2950:192eddbbd4cf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement a login page to be able to authenticate a user The username and password requested by the login.jsp are send to the LoginServlet. The credentials are afterwards used to authenticate the user against GGinA. flys-client/trunk@4928 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author Bjoern Ricks <bjoern.ricks@intevation.de>
date Wed, 11 Jul 2012 10:37:10 +0000
parents
children d7f76f197d89
comparison
equal deleted inserted replaced
2949:abf267708672 2950:192eddbbd4cf
1 package de.intevation.flys.client.server;
2
3 import java.io.IOException;
4 import java.security.GeneralSecurityException;
5
6 import javax.servlet.ServletException;
7 import javax.servlet.http.HttpServlet;
8 import javax.servlet.http.HttpServletRequest;
9 import javax.servlet.http.HttpServletResponse;
10 import javax.servlet.http.HttpSession;
11
12 import org.apache.http.HttpEntity;
13 import org.apache.http.HttpResponse;
14 import org.apache.http.client.HttpClient;
15 import org.apache.http.conn.scheme.Scheme;
16 import org.apache.http.conn.ssl.SSLSocketFactory;
17 import org.apache.http.impl.client.DefaultHttpClient;
18
19 import org.apache.log4j.Logger;
20
21 import de.intevation.flys.client.server.was.Assertion;
22 import de.intevation.flys.client.server.was.User;
23 import de.intevation.flys.client.server.was.Request;
24 import de.intevation.flys.client.server.was.Response;
25 import de.intevation.flys.client.server.was.ServiceException;
26 import de.intevation.flys.client.server.was.Signature;
27
28
29
30 public class LoginServlet extends HttpServlet {
31
32 private static Logger logger = Logger.getLogger(LoginServlet.class);
33
34 private void redirectFailure(HttpServletResponse resp) throws IOException {
35 resp.sendRedirect("/login.jsp");
36 }
37
38 private void redirectSuccess(HttpServletResponse resp, String uri) throws IOException {
39 if (uri == null) {
40 uri = "/FLYS.html";
41 }
42 resp.sendRedirect(uri);
43 }
44
45 @Override
46 protected void doGet(HttpServletRequest req, HttpServletResponse resp)
47 throws ServletException, IOException {
48 logger.debug("Processing get request");
49 this.redirectFailure(resp);
50 }
51
52 @Override
53 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
54 throws ServletException, IOException {
55 String encoding = req.getCharacterEncoding();
56 String username = req.getParameter("username");
57 String password = req.getParameter("password");
58
59 logger.debug("Processing post request");
60
61 if (username == null || password == null) {
62 logger.debug("No username or password provided");
63 this.redirectFailure(resp);
64 }
65 try {
66 Response wasresp = this.auth(username, password, encoding);
67 if (wasresp == null || !wasresp.isSuccess()) {
68 logger.debug("Athentication not successful");
69 this.redirectFailure(resp);
70 }
71 HttpSession session = req.getSession();
72 User user = new User(username, password);
73 session.setAttribute("user", user);
74
75 String uri = (String)session.getAttribute("requesturi");
76
77 this.redirectSuccess(resp, uri);
78
79 /* Assertion assertion = wasresponse.getAssertion(); */
80 /* System.out.println("ID: " + assertion.getID()); */
81 /* System.out.println("UserID: " + assertion.getUserID()); */
82 /* System.out.println("NameID: " + assertion.getNameID()); */
83 /* System.out.println("GroupID: " + assertion.getGroupID()); */
84 /* System.out.println("GroupName: " + assertion.getGroupName()); */
85 /* System.out.println("From: " + assertion.getFrom()); */
86 /* System.out.println("Until: " + assertion.getUntil()); */
87 /* for(String role : assertion.getRoles()) { */
88 /* System.out.println("Role: " + role); */
89 /* } */
90 /* Signature signature = assertion.getSiganture(); */
91 /* System.out.println("Cert:"); */
92 /* System.out.println(signature.getCertificate()); */
93 /* System.out.println("Value: " + signature.getValue()); */
94 /* System.out.println("Digest: " + signature.getDigestValue()); */
95 /* System.out.println("Reference: " + signature.getReference()); */
96
97 }
98 catch(ServiceException e) {
99 //TODO User could not be authenticated
100 throw new ServletException(e);
101 }
102 catch(GeneralSecurityException e) {
103 throw new ServletException(e);
104 }
105 }
106
107 private Response auth(String username, String password, String encoding)
108 throws IOException, ServiceException, GeneralSecurityException {
109 SSLSocketFactory sf = new SSLSocketFactory(
110 new GGInATrustStrategy());
111 Scheme https = new Scheme("https", 443, sf);
112 HttpClient httpclient = new DefaultHttpClient();
113 httpclient.getConnectionManager().getSchemeRegistry().register(https);
114
115 Request httpget = new Request("https://geoportal.bafg.de/" +
116 "administration/WAS", username, password, encoding);
117 HttpResponse response = httpclient.execute(httpget);
118 HttpEntity entity = response.getEntity();
119 if (entity == null) {
120 return null;
121 }
122 else {
123 return new Response(entity);
124 }
125 }
126 }
http://dive4elements.wald.intevation.org