Mercurial > dive4elements > river
comparison gwt-client/src/main/java/org/dive4elements/river/client/server/LoginServlet.java @ 5953:24dc13ac8e6c
Add AuthenticationServlet, a common base class for the login servlets
LoginServlet and SamlServlet to reduce code duplication.
| author | Bernhard Herzog <bh@intevation.de> |
|---|---|
| date | Wed, 08 May 2013 17:57:51 +0200 |
| parents | 1b939742629e |
| children | ea9eef426962 |
comparison
equal
deleted
inserted
replaced
| 5952:42b8447fa7ef | 5953:24dc13ac8e6c |
|---|---|
| 10 | 10 |
| 11 import java.io.IOException; | 11 import java.io.IOException; |
| 12 | 12 |
| 13 import javax.servlet.ServletException; | 13 import javax.servlet.ServletException; |
| 14 import javax.servlet.ServletContext; | 14 import javax.servlet.ServletContext; |
| 15 import javax.servlet.http.HttpServlet; | |
| 16 import javax.servlet.http.HttpServletRequest; | 15 import javax.servlet.http.HttpServletRequest; |
| 17 import javax.servlet.http.HttpServletResponse; | 16 import javax.servlet.http.HttpServletResponse; |
| 18 import javax.servlet.http.HttpSession; | |
| 19 | 17 |
| 20 import org.apache.log4j.Logger; | 18 import org.apache.log4j.Logger; |
| 21 | 19 |
| 22 import org.dive4elements.river.client.server.auth.Authentication; | 20 import org.dive4elements.river.client.server.auth.Authentication; |
| 23 import org.dive4elements.river.client.server.auth.AuthenticationException; | 21 import org.dive4elements.river.client.server.auth.AuthenticationException; |
| 24 import org.dive4elements.river.client.server.auth.AuthenticationFactory; | 22 import org.dive4elements.river.client.server.auth.AuthenticationFactory; |
| 25 import org.dive4elements.river.client.server.auth.User; | |
| 26 import org.dive4elements.river.client.server.auth.UserClient; | |
| 27 import org.dive4elements.river.client.server.features.Features; | 23 import org.dive4elements.river.client.server.features.Features; |
| 28 | 24 |
| 29 public class LoginServlet extends HttpServlet { | 25 public class LoginServlet extends AuthenticationServlet { |
| 30 | 26 |
| 31 private static Logger logger = Logger.getLogger(LoginServlet.class); | 27 private static Logger logger = Logger.getLogger(LoginServlet.class); |
| 32 | |
| 33 private static final String FLYS_PAGE = "FLYS.html"; | |
| 34 private static final String LOGIN_PAGE = "login.jsp"; | |
| 35 | |
| 36 private void redirectFailure(HttpServletResponse resp, String path) | |
| 37 throws IOException { | |
| 38 resp.sendRedirect(path + "/" + LOGIN_PAGE); | |
| 39 } | |
| 40 | |
| 41 private void redirectFailure(HttpServletResponse resp, String path, | |
| 42 Exception e) throws IOException { | |
| 43 this.redirectFailure(resp, path, e.getMessage()); | |
| 44 } | |
| 45 | |
| 46 private void redirectFailure(HttpServletResponse resp, String path, | |
| 47 String message) throws IOException { | |
| 48 resp.sendRedirect(path + "/" + LOGIN_PAGE + "?error=" + message); | |
| 49 } | |
| 50 | |
| 51 private void redirectSuccess(HttpServletResponse resp, String path, | |
| 52 String uri) throws IOException { | |
| 53 if (uri == null) { | |
| 54 String redirecturl = getServletContext().getInitParameter("redirect-url"); | |
| 55 if (redirecturl == null) { | |
| 56 redirecturl = FLYS_PAGE; | |
| 57 } | |
| 58 uri = "/" + redirecturl; | |
| 59 } | |
| 60 resp.sendRedirect(uri); | |
| 61 } | |
| 62 | |
| 63 @Override | |
| 64 protected void doGet(HttpServletRequest req, HttpServletResponse resp) | |
| 65 throws ServletException, IOException { | |
| 66 logger.debug("Processing get request"); | |
| 67 this.redirectFailure(resp, req.getContextPath()); | |
| 68 } | |
| 69 | 28 |
| 70 @Override | 29 @Override |
| 71 protected void doPost(HttpServletRequest req, HttpServletResponse resp) | 30 protected void doPost(HttpServletRequest req, HttpServletResponse resp) |
| 72 throws ServletException, IOException | 31 throws ServletException, IOException |
| 73 { | 32 { |
| 88 if (aresp == null || !aresp.isSuccess()) { | 47 if (aresp == null || !aresp.isSuccess()) { |
| 89 logger.debug("Authentication not successful"); | 48 logger.debug("Authentication not successful"); |
| 90 this.redirectFailure(resp, req.getContextPath()); | 49 this.redirectFailure(resp, req.getContextPath()); |
| 91 return; | 50 return; |
| 92 } | 51 } |
| 93 User user = aresp.getUser(); | 52 this.performLogin(req, resp, aresp.getUser()); |
| 94 | |
| 95 String url = getServletContext().getInitParameter("server-url"); | |
| 96 UserClient client = new UserClient(url); | |
| 97 if (!client.userExists(user)) { | |
| 98 logger.debug("Creating db user"); | |
| 99 if (!client.createUser(user)) { | |
| 100 this.redirectFailure(resp, req.getContextPath(), | |
| 101 "Could not create new user"); | |
| 102 return; | |
| 103 } | |
| 104 } | |
| 105 | |
| 106 HttpSession session = req.getSession(); | |
| 107 session.setAttribute("user", user); | |
| 108 | |
| 109 String uri = (String)session.getAttribute("requesturi"); | |
| 110 | |
| 111 this.redirectSuccess(resp, req.getContextPath(), uri); | |
| 112 } | 53 } |
| 113 catch(AuthenticationException e) { | 54 catch(AuthenticationException e) { |
| 114 logger.error(e, e); | 55 logger.error(e, e); |
| 115 this.redirectFailure(resp, req.getContextPath(), e); | 56 this.redirectFailure(resp, req.getContextPath(), e); |
| 116 } | 57 } |