Mercurial > dive4elements > river

view gwt-client/src/main/java/org/dive4elements/river/client/server/LoginServlet.java @ 5861:172338b1407f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
GWT client: Added copyright header.
author Sascha L. Teichmann <teichmann@intevation.de>
date Sun, 28 Apr 2013 14:30:15 +0200
parents 5aa05a7a34b7
children 1b939742629e
line wrap: on
line source
/* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU AGPL (>=v3) 
 * and comes with ABSOLUTELY NO WARRANTY! Check out the
 * documentation coming with Dive4Elements River for details. 
 */

package org.dive4elements.river.client.server;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;

import org.dive4elements.river.client.server.auth.Authentication;
import org.dive4elements.river.client.server.auth.AuthenticationException;
import org.dive4elements.river.client.server.auth.AuthenticationFactory;
import org.dive4elements.river.client.server.auth.User;
import org.dive4elements.river.client.server.auth.UserClient;
import org.dive4elements.river.client.server.features.Features;

public class LoginServlet extends HttpServlet {

    private static Logger logger = Logger.getLogger(LoginServlet.class);

    private static final String FLYS_PAGE = "FLYS.html";
    private static final String LOGIN_PAGE = "login.jsp";

    private void redirectFailure(HttpServletResponse resp, String path)
        throws IOException {
        resp.sendRedirect(path + "/" + LOGIN_PAGE);
    }

    private void redirectFailure(HttpServletResponse resp, String path,
            Exception e) throws IOException {
        this.redirectFailure(resp, path, e.getMessage());
    }

    private void redirectFailure(HttpServletResponse resp, String path,
            String message) throws IOException {
        resp.sendRedirect(path + "/" + LOGIN_PAGE + "?error=" + message);
    }

    private void redirectSuccess(HttpServletResponse resp, String path,
            String uri) throws IOException {
        if (uri == null) {
            String redirecturl = getServletContext().getInitParameter("redirect-url");
            if (redirecturl == null) {
                redirecturl = FLYS_PAGE;
            }
            uri = "/" + redirecturl;
        }
        resp.sendRedirect(uri);
    }

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
        logger.debug("Processing get request");
        this.redirectFailure(resp, req.getContextPath());
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException
    {
        String encoding = req.getCharacterEncoding();
        String username = req.getParameter("username");
        String password = req.getParameter("password");

        logger.debug("Processing post request");

        if (username == null || password == null) {
            logger.debug("No username or password provided");
            this.redirectFailure(resp, req.getContextPath());
            return;
        }

        try {
            Authentication aresp = this.auth(username, password, encoding);
            if (aresp == null || !aresp.isSuccess()) {
                logger.debug("Authentication not successful");
                this.redirectFailure(resp, req.getContextPath());
                return;
            }
            User user = aresp.getUser();

            String url = getServletContext().getInitParameter("server-url");
            UserClient client = new UserClient(url);
            if (!client.userExists(user)) {
                logger.debug("Creating db user");
                if (!client.createUser(user)) {
                    this.redirectFailure(resp, req.getContextPath(),
                            "Could not create new user");
                    return;
                }
            }

            HttpSession session = req.getSession();
            session.setAttribute("user", user);

            String uri = (String)session.getAttribute("requesturi");

            this.redirectSuccess(resp, req.getContextPath(), uri);
        }
        catch(AuthenticationException e) {
            logger.error(e, e);
            this.redirectFailure(resp, req.getContextPath(), e);
        }
    }

    private Authentication auth(String username, String password, String encoding)
        throws AuthenticationException, IOException
    {
        ServletContext sc = this.getServletContext();
        Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE);
        String auth = sc.getInitParameter("authentication");
        return AuthenticationFactory.getInstance(auth).auth(username, password,
                encoding, features);
    }
}
http://dive4elements.wald.intevation.org