bjoern@2950: package de.intevation.flys.client.server; bjoern@2950: bjoern@2950: import java.io.IOException; bjoern@2950: bjoern@2950: import javax.servlet.ServletException; bjoern@3485: import javax.servlet.ServletContext; bjoern@2950: import javax.servlet.http.HttpServlet; bjoern@2950: import javax.servlet.http.HttpServletRequest; bjoern@2950: import javax.servlet.http.HttpServletResponse; bjoern@2950: import javax.servlet.http.HttpSession; bjoern@2950: bjoern@2950: import org.apache.log4j.Logger; bjoern@2950: bjoern@2956: import de.intevation.flys.client.server.auth.Authentication; bjoern@2956: import de.intevation.flys.client.server.auth.AuthenticationException; bjoern@2956: import de.intevation.flys.client.server.auth.AuthenticationFactory; bjoern@2956: import de.intevation.flys.client.server.auth.User; bjoern@2984: import de.intevation.flys.client.server.auth.UserClient; bjoern@3485: import de.intevation.flys.client.server.features.Features; bjoern@2950: bjoern@2950: public class LoginServlet extends HttpServlet { bjoern@2950: bjoern@2950: private static Logger logger = Logger.getLogger(LoginServlet.class); bjoern@2950: bjoern@3851: private void redirectFailure(HttpServletResponse resp, String path) bjoern@3851: throws IOException { bjoern@3851: resp.sendRedirect(path + "/login.jsp"); bjoern@2950: } bjoern@2950: bjoern@3851: private void redirectFailure(HttpServletResponse resp, String path, bjoern@3851: Exception e) throws IOException { bjoern@3851: this.redirectFailure(resp, path, e.getMessage()); bjoern@2969: } bjoern@2969: bjoern@3851: private void redirectFailure(HttpServletResponse resp, String path, bjoern@3851: String message) throws IOException { bjoern@3851: resp.sendRedirect(path + "/login.jsp?error=" + message); bjoern@2984: } bjoern@3851: bjoern@3851: private void redirectSuccess(HttpServletResponse resp, String path, bjoern@3851: String uri) throws IOException { bjoern@2950: if (uri == null) { bjoern@4194: String redirecturl = getServletContext().getInitParameter("redirect-url"); bjoern@4194: bjoern@4194: uri = "/" + redirecturl; bjoern@2950: } bjoern@2950: resp.sendRedirect(uri); bjoern@2950: } bjoern@2950: bjoern@2950: @Override bjoern@2950: protected void doGet(HttpServletRequest req, HttpServletResponse resp) bjoern@2950: throws ServletException, IOException { bjoern@2950: logger.debug("Processing get request"); bjoern@3851: this.redirectFailure(resp, req.getContextPath()); bjoern@2950: } bjoern@2950: bjoern@2950: @Override bjoern@2950: protected void doPost(HttpServletRequest req, HttpServletResponse resp) sascha@3697: throws ServletException, IOException christian@3696: { bjoern@2950: String encoding = req.getCharacterEncoding(); bjoern@2950: String username = req.getParameter("username"); bjoern@2950: String password = req.getParameter("password"); bjoern@2950: bjoern@2950: logger.debug("Processing post request"); bjoern@2950: bjoern@2950: if (username == null || password == null) { bjoern@2950: logger.debug("No username or password provided"); bjoern@3851: this.redirectFailure(resp, req.getContextPath()); christian@3696: return; bjoern@2950: } sascha@3697: bjoern@2950: try { bjoern@2956: Authentication aresp = this.auth(username, password, encoding); bjoern@2956: if (aresp == null || !aresp.isSuccess()) { christian@3696: logger.debug("Authentication not successful"); bjoern@3851: this.redirectFailure(resp, req.getContextPath()); bjoern@2950: } bjoern@2984: User user = aresp.getUser(); bjoern@2984: bjoern@2984: String url = getServletContext().getInitParameter("server-url"); bjoern@2984: UserClient client = new UserClient(url); bjoern@2984: if (!client.userExists(user)) { bjoern@3503: logger.debug("Creating db user"); bjoern@2984: if (!client.createUser(user)) { bjoern@3851: this.redirectFailure(resp, req.getContextPath(), bjoern@3851: "Could not create new user"); bjoern@2984: } bjoern@2984: } bjoern@2984: bjoern@2950: HttpSession session = req.getSession(); bjoern@2950: session.setAttribute("user", user); bjoern@2950: bjoern@2950: String uri = (String)session.getAttribute("requesturi"); bjoern@2950: bjoern@3851: this.redirectSuccess(resp, req.getContextPath(), uri); bjoern@2950: } bjoern@2956: catch(AuthenticationException e) { bjoern@2970: logger.error(e); bjoern@3851: this.redirectFailure(resp, req.getContextPath(), e); bjoern@2950: } bjoern@2950: } bjoern@2950: bjoern@2956: private Authentication auth(String username, String password, String encoding) sascha@3697: throws AuthenticationException, IOException christian@3696: { bjoern@3485: ServletContext sc = this.getServletContext(); bjoern@3485: Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); bjoern@3485: String auth = sc.getInitParameter("authentication"); bjoern@3485: return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features); bjoern@2950: } bjoern@2950: }