Mercurial > dive4elements > river

view flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 2969:16c71457ed43

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Display error details to the user If an authentication fails the user should be informed about the reason. flys-client/trunk@4965 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author Bjoern Ricks <bjoern.ricks@intevation.de>
date Fri, 13 Jul 2012 06:52:33 +0000
parents d7f76f197d89
children b89dd09b486c
line wrap: on
line source
package de.intevation.flys.client.server;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;

import de.intevation.flys.client.server.auth.Authentication;
import de.intevation.flys.client.server.auth.AuthenticationException;
import de.intevation.flys.client.server.auth.AuthenticationFactory;
import de.intevation.flys.client.server.auth.User;

public class LoginServlet extends HttpServlet {

    private static Logger logger = Logger.getLogger(LoginServlet.class);

    private void redirectFailure(HttpServletResponse resp) throws IOException {
        resp.sendRedirect("/login.jsp");
    }

    private void redirectFailure(HttpServletResponse resp, Exception e) throws IOException {
        resp.sendRedirect("/login.jsp?error=" + e.getMessage());
    }

    private void redirectSuccess(HttpServletResponse resp, String uri) throws IOException {
        if (uri == null) {
            uri = "/FLYS.html";
        }
        resp.sendRedirect(uri);
    }

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
        logger.debug("Processing get request");
        this.redirectFailure(resp);
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
        String encoding = req.getCharacterEncoding();
        String username = req.getParameter("username");
        String password = req.getParameter("password");

        logger.debug("Processing post request");

        if (username == null || password == null) {
            logger.debug("No username or password provided");
            this.redirectFailure(resp);
        }
        try {
            Authentication aresp = this.auth(username, password, encoding);
            if (aresp == null || !aresp.isSuccess()) {
                logger.debug("Athentication not successful");
                this.redirectFailure(resp);
            }
            HttpSession session = req.getSession();
            User user = aresp.getUser();
            session.setAttribute("user", user);

            String uri = (String)session.getAttribute("requesturi");

            this.redirectSuccess(resp, uri);
        }
        catch(AuthenticationException e) {
            this.redirectFailure(resp, e);
        }
    }

    private Authentication auth(String username, String password, String encoding)
        throws AuthenticationException, IOException {
        String auth = this.getInitParameter("authentication");
        return AuthenticationFactory.getInstance(auth).auth(username, password, encoding);
    }
}
http://dive4elements.wald.intevation.org