bjoern@2950: package de.intevation.flys.client.server;
bjoern@2950: 
bjoern@2950: import java.io.IOException;
bjoern@2950: 
bjoern@2950: import javax.servlet.ServletException;
bjoern@3485: import javax.servlet.ServletContext;
bjoern@2950: import javax.servlet.http.HttpServlet;
bjoern@2950: import javax.servlet.http.HttpServletRequest;
bjoern@2950: import javax.servlet.http.HttpServletResponse;
bjoern@2950: import javax.servlet.http.HttpSession;
bjoern@2950: 
bjoern@2950: import org.apache.log4j.Logger;
bjoern@2950: 
bjoern@2956: import de.intevation.flys.client.server.auth.Authentication;
bjoern@2956: import de.intevation.flys.client.server.auth.AuthenticationException;
bjoern@2956: import de.intevation.flys.client.server.auth.AuthenticationFactory;
bjoern@2956: import de.intevation.flys.client.server.auth.User;
bjoern@2984: import de.intevation.flys.client.server.auth.UserClient;
bjoern@3485: import de.intevation.flys.client.server.features.Features;
bjoern@2950: 
bjoern@2950: public class LoginServlet extends HttpServlet {
bjoern@2950: 
bjoern@2950:     private static Logger logger = Logger.getLogger(LoginServlet.class);
bjoern@2950: 
bjoern@2950:     private void redirectFailure(HttpServletResponse resp) throws IOException {
bjoern@2950:         resp.sendRedirect("/login.jsp");
bjoern@2950:     }
bjoern@2950: 
bjoern@2969:     private void redirectFailure(HttpServletResponse resp, Exception e) throws IOException {
bjoern@2984:         this.redirectFailure(resp, e.getMessage());
bjoern@2969:     }
bjoern@2969: 
bjoern@2984:     private void redirectFailure(HttpServletResponse resp, String message) throws IOException {
bjoern@2984:         resp.sendRedirect("/login.jsp?error=" + message);
bjoern@2984:     }
bjoern@2950:     private void redirectSuccess(HttpServletResponse resp, String uri) throws IOException {
bjoern@2950:         if (uri == null) {
bjoern@2950:             uri = "/FLYS.html";
bjoern@2950:         }
bjoern@2950:         resp.sendRedirect(uri);
bjoern@2950:     }
bjoern@2950: 
bjoern@2950:     @Override
bjoern@2950:     protected void doGet(HttpServletRequest req, HttpServletResponse resp)
bjoern@2950:     throws ServletException, IOException {
bjoern@2950:         logger.debug("Processing get request");
bjoern@2950:         this.redirectFailure(resp);
bjoern@2950:     }
bjoern@2950: 
bjoern@2950:     @Override
bjoern@2950:     protected void doPost(HttpServletRequest req, HttpServletResponse resp)
christian@3696:     throws ServletException, IOException 
christian@3696:     {
bjoern@2950:         String encoding = req.getCharacterEncoding();
bjoern@2950:         String username = req.getParameter("username");
bjoern@2950:         String password = req.getParameter("password");
bjoern@2950: 
bjoern@2950:         logger.debug("Processing post request");
bjoern@2950: 
bjoern@2950:         if (username == null || password == null) {
bjoern@2950:             logger.debug("No username or password provided");
bjoern@2950:             this.redirectFailure(resp);
christian@3696:             return;
bjoern@2950:         }
christian@3696:         
bjoern@2950:         try {
bjoern@2956:             Authentication aresp = this.auth(username, password, encoding);
bjoern@2956:             if (aresp == null || !aresp.isSuccess()) {
christian@3696:                 logger.debug("Authentication not successful");
bjoern@2950:                 this.redirectFailure(resp);
bjoern@2950:             }
bjoern@2984:             User user = aresp.getUser();
bjoern@2984: 
bjoern@2984:             String url = getServletContext().getInitParameter("server-url");
bjoern@2984:             UserClient client = new UserClient(url);
bjoern@2984:             if (!client.userExists(user)) {
bjoern@3503:                 logger.debug("Creating db user");
bjoern@2984:                 if (!client.createUser(user)) {
bjoern@2984:                     this.redirectFailure(resp, "Could not create new user");
bjoern@2984:                 }
bjoern@2984:             }
bjoern@2984: 
bjoern@2950:             HttpSession session = req.getSession();
bjoern@2950:             session.setAttribute("user", user);
bjoern@2950: 
bjoern@2950:             String uri = (String)session.getAttribute("requesturi");
bjoern@2950: 
bjoern@2950:             this.redirectSuccess(resp, uri);
bjoern@2950:         }
bjoern@2956:         catch(AuthenticationException e) {
bjoern@2970:             logger.error(e);
bjoern@2969:             this.redirectFailure(resp, e);
bjoern@2950:         }
bjoern@2950:     }
bjoern@2950: 
bjoern@2956:     private Authentication auth(String username, String password, String encoding)
christian@3696:         throws AuthenticationException, IOException 
christian@3696:     {
bjoern@3485:         ServletContext sc = this.getServletContext();
bjoern@3485:         Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE);
bjoern@3485:         String auth = sc.getInitParameter("authentication");
bjoern@3485:         return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features);
bjoern@2950:     }
bjoern@2950: }