teichmann@5861: /* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde teichmann@5861: * Software engineering by Intevation GmbH teichmann@5861: * teichmann@5861: * This file is Free Software under the GNU AGPL (>=v3) teichmann@5861: * and comes with ABSOLUTELY NO WARRANTY! Check out the teichmann@5861: * documentation coming with Dive4Elements River for details. teichmann@5861: */ teichmann@5861: teichmann@5835: package org.dive4elements.river.client.server; bjoern@2950: bjoern@2950: import java.io.IOException; bjoern@2950: bjoern@2950: import javax.servlet.ServletException; bjoern@3485: import javax.servlet.ServletContext; bjoern@2950: import javax.servlet.http.HttpServletRequest; bjoern@2950: import javax.servlet.http.HttpServletResponse; bjoern@2950: bjoern@2950: import org.apache.log4j.Logger; bjoern@2950: teichmann@5835: import org.dive4elements.river.client.server.auth.Authentication; teichmann@5835: import org.dive4elements.river.client.server.auth.AuthenticationException; teichmann@5835: import org.dive4elements.river.client.server.auth.AuthenticationFactory; teichmann@5835: import org.dive4elements.river.client.server.features.Features; bjoern@2950: bh@5953: public class LoginServlet extends AuthenticationServlet { bjoern@2950: bjoern@2950: private static Logger logger = Logger.getLogger(LoginServlet.class); bjoern@4451: bjoern@2950: @Override bjoern@2950: protected void doPost(HttpServletRequest req, HttpServletResponse resp) sascha@3697: throws ServletException, IOException christian@3696: { bjoern@2950: String encoding = req.getCharacterEncoding(); bjoern@2950: String username = req.getParameter("username"); bjoern@2950: String password = req.getParameter("password"); bjoern@2950: bjoern@2950: logger.debug("Processing post request"); bjoern@2950: bjoern@2950: if (username == null || password == null) { bjoern@2950: logger.debug("No username or password provided"); bjoern@3851: this.redirectFailure(resp, req.getContextPath()); christian@3696: return; bjoern@2950: } sascha@3697: bjoern@2950: try { bjoern@2956: Authentication aresp = this.auth(username, password, encoding); bjoern@2956: if (aresp == null || !aresp.isSuccess()) { christian@3696: logger.debug("Authentication not successful"); bjoern@3851: this.redirectFailure(resp, req.getContextPath()); bjoern@4489: return; bjoern@2950: } bh@5953: this.performLogin(req, resp, aresp.getUser()); bjoern@2950: } bjoern@2956: catch(AuthenticationException e) { bjoern@4490: logger.error(e, e); bjoern@3851: this.redirectFailure(resp, req.getContextPath(), e); bjoern@2950: } bjoern@2950: } bjoern@2950: bjoern@2956: private Authentication auth(String username, String password, String encoding) sascha@3697: throws AuthenticationException, IOException christian@3696: { bjoern@3485: ServletContext sc = this.getServletContext(); bjoern@3485: Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); bjoern@3485: String auth = sc.getInitParameter("authentication"); bjoern@4451: return AuthenticationFactory.getInstance(auth).auth(username, password, bh@5933: encoding, features, sc); bjoern@2950: } bjoern@2950: }