Mercurial > dive4elements > river
view gwt-client/src/main/java/org/dive4elements/river/client/server/LoginServlet.java @ 9577:ca19b7186294
Logging saml group-name in authentication log
author | gernotbelger |
---|---|
date | Tue, 13 Nov 2018 13:02:00 +0100 |
parents | d6d5ca6d4af0 |
children |
line wrap: on
line source
/* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde * Software engineering by Intevation GmbH * * This file is Free Software under the GNU AGPL (>=v3) * and comes with ABSOLUTELY NO WARRANTY! Check out the * documentation coming with Dive4Elements River for details. */ package org.dive4elements.river.client.server; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; import org.dive4elements.river.client.server.auth.Authentication; import org.dive4elements.river.client.server.auth.AuthenticationException; import org.dive4elements.river.client.server.auth.AuthenticationFactory; import org.dive4elements.river.client.server.auth.User; import org.dive4elements.river.client.server.features.Features; public class LoginServlet extends AuthenticationServlet { private static Logger log = Logger.getLogger(LoginServlet.class); @Override protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException { final String encoding = req.getCharacterEncoding(); final String username = req.getParameter("username"); final String password = req.getParameter("password"); log.debug("Processing post request"); if (username == null || password == null) { log.debug("No username or password provided"); this.redirectFailure(resp, req.getContextPath()); return; } try { final Authentication aresp = this.auth(username, password, encoding); if (aresp == null || !aresp.isSuccess()) { log.debug("Authentication not successful"); this.redirectFailure(resp, req.getContextPath()); return; } final User user = aresp.getUser(); final String userGroup = user.getUserGroup(); log.info(String.format("Login-Authentication successfull: group = '%s'", userGroup)); this.performLogin(req, resp, user); } catch (final AuthenticationException e) { log.error(e.getMessage()); this.redirectFailure(resp, req.getContextPath(), e); } } private Authentication auth(final String username, final String password, final String encoding) throws AuthenticationException, IOException { final ServletContext sc = this.getServletContext(); final Features features = (Features) sc.getAttribute(Features.CONTEXT_ATTRIBUTE); final String auth = sc.getInitParameter("authentication"); return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features, sc); } }