view flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 4488:5041105d2edd

Check if response code from GGInA is 200 OK Only parse the GGInA response if the status code is 200 OK. This improves the error message if GGInA is not available and shows the real reason instead of a JDOM error while parsing the response.
author Björn Ricks <bjoern.ricks@intevation.de>
date Wed, 14 Nov 2012 10:36:21 +0100
parents e2d8f344491e
children fea3e4b6faba
line wrap: on
line source
package de.intevation.flys.client.server;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;

import de.intevation.flys.client.server.auth.Authentication;
import de.intevation.flys.client.server.auth.AuthenticationException;
import de.intevation.flys.client.server.auth.AuthenticationFactory;
import de.intevation.flys.client.server.auth.User;
import de.intevation.flys.client.server.auth.UserClient;
import de.intevation.flys.client.server.features.Features;

public class LoginServlet extends HttpServlet {

    private static Logger logger = Logger.getLogger(LoginServlet.class);

    private static final String FLYS_PAGE = "FLYS.html";
    private static final String LOGIN_PAGE = "login.jsp";

    private void redirectFailure(HttpServletResponse resp, String path)
        throws IOException {
        resp.sendRedirect(path + "/" + LOGIN_PAGE);
    }

    private void redirectFailure(HttpServletResponse resp, String path,
            Exception e) throws IOException {
        this.redirectFailure(resp, path, e.getMessage());
    }

    private void redirectFailure(HttpServletResponse resp, String path,
            String message) throws IOException {
        resp.sendRedirect(path + "/" + LOGIN_PAGE + "?error=" + message);
    }

    private void redirectSuccess(HttpServletResponse resp, String path,
            String uri) throws IOException {
        if (uri == null) {
            String redirecturl = getServletContext().getInitParameter("redirect-url");
            if (redirecturl == null) {
                redirecturl = FLYS_PAGE;
            }
            uri = "/" + redirecturl;
        }
        resp.sendRedirect(uri);
    }

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
        logger.debug("Processing get request");
        this.redirectFailure(resp, req.getContextPath());
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException
    {
        String encoding = req.getCharacterEncoding();
        String username = req.getParameter("username");
        String password = req.getParameter("password");

        logger.debug("Processing post request");

        if (username == null || password == null) {
            logger.debug("No username or password provided");
            this.redirectFailure(resp, req.getContextPath());
            return;
        }

        try {
            Authentication aresp = this.auth(username, password, encoding);
            if (aresp == null || !aresp.isSuccess()) {
                logger.debug("Authentication not successful");
                this.redirectFailure(resp, req.getContextPath());
            }
            User user = aresp.getUser();

            String url = getServletContext().getInitParameter("server-url");
            UserClient client = new UserClient(url);
            if (!client.userExists(user)) {
                logger.debug("Creating db user");
                if (!client.createUser(user)) {
                    this.redirectFailure(resp, req.getContextPath(),
                            "Could not create new user");
                }
            }

            HttpSession session = req.getSession();
            session.setAttribute("user", user);

            String uri = (String)session.getAttribute("requesturi");

            this.redirectSuccess(resp, req.getContextPath(), uri);
        }
        catch(AuthenticationException e) {
            logger.error(e);
            this.redirectFailure(resp, req.getContextPath(), e);
        }
    }

    private Authentication auth(String username, String password, String encoding)
        throws AuthenticationException, IOException
    {
        ServletContext sc = this.getServletContext();
        Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE);
        String auth = sc.getInitParameter("authentication");
        return AuthenticationFactory.getInstance(auth).auth(username, password,
                encoding, features);
    }
}

http://dive4elements.wald.intevation.org