bjoern@2950: package de.intevation.flys.client.server;
bjoern@2950: 
bjoern@2950: import java.io.IOException;
bjoern@2950: 
bjoern@2950: import javax.servlet.ServletException;
bjoern@3485: import javax.servlet.ServletContext;
bjoern@2950: import javax.servlet.http.HttpServlet;
bjoern@2950: import javax.servlet.http.HttpServletRequest;
bjoern@2950: import javax.servlet.http.HttpServletResponse;
bjoern@2950: import javax.servlet.http.HttpSession;
bjoern@2950: 
bjoern@2950: import org.apache.log4j.Logger;
bjoern@2950: 
bjoern@2956: import de.intevation.flys.client.server.auth.Authentication;
bjoern@2956: import de.intevation.flys.client.server.auth.AuthenticationException;
bjoern@2956: import de.intevation.flys.client.server.auth.AuthenticationFactory;
bjoern@2956: import de.intevation.flys.client.server.auth.User;
bjoern@2984: import de.intevation.flys.client.server.auth.UserClient;
bjoern@3485: import de.intevation.flys.client.server.features.Features;
bjoern@2950: 
bjoern@2950: public class LoginServlet extends HttpServlet {
bjoern@2950: 
bjoern@2950:     private static Logger logger = Logger.getLogger(LoginServlet.class);
bjoern@2950: 
bjoern@3851:     private void redirectFailure(HttpServletResponse resp, String path)
bjoern@3851:         throws IOException {
bjoern@3851:         resp.sendRedirect(path + "/login.jsp");
bjoern@2950:     }
bjoern@2950: 
bjoern@3851:     private void redirectFailure(HttpServletResponse resp, String path,
bjoern@3851:             Exception e) throws IOException {
bjoern@3851:         this.redirectFailure(resp, path, e.getMessage());
bjoern@2969:     }
bjoern@2969: 
bjoern@3851:     private void redirectFailure(HttpServletResponse resp, String path,
bjoern@3851:             String message) throws IOException {
bjoern@3851:         resp.sendRedirect(path + "/login.jsp?error=" + message);
bjoern@2984:     }
bjoern@3851: 
bjoern@3851:     private void redirectSuccess(HttpServletResponse resp, String path,
bjoern@3851:             String uri) throws IOException {
bjoern@2950:         if (uri == null) {
bjoern@3851:             uri = path + "/FLYS.html";
bjoern@2950:         }
bjoern@2950:         resp.sendRedirect(uri);
bjoern@2950:     }
bjoern@2950: 
bjoern@2950:     @Override
bjoern@2950:     protected void doGet(HttpServletRequest req, HttpServletResponse resp)
bjoern@2950:     throws ServletException, IOException {
bjoern@2950:         logger.debug("Processing get request");
bjoern@3851:         this.redirectFailure(resp, req.getContextPath());
bjoern@2950:     }
bjoern@2950: 
bjoern@2950:     @Override
bjoern@2950:     protected void doPost(HttpServletRequest req, HttpServletResponse resp)
sascha@3697:     throws ServletException, IOException
christian@3696:     {
bjoern@2950:         String encoding = req.getCharacterEncoding();
bjoern@2950:         String username = req.getParameter("username");
bjoern@2950:         String password = req.getParameter("password");
bjoern@2950: 
bjoern@2950:         logger.debug("Processing post request");
bjoern@2950: 
bjoern@2950:         if (username == null || password == null) {
bjoern@2950:             logger.debug("No username or password provided");
bjoern@3851:             this.redirectFailure(resp, req.getContextPath());
christian@3696:             return;
bjoern@2950:         }
sascha@3697: 
bjoern@2950:         try {
bjoern@2956:             Authentication aresp = this.auth(username, password, encoding);
bjoern@2956:             if (aresp == null || !aresp.isSuccess()) {
christian@3696:                 logger.debug("Authentication not successful");
bjoern@3851:                 this.redirectFailure(resp, req.getContextPath());
bjoern@2950:             }
bjoern@2984:             User user = aresp.getUser();
bjoern@2984: 
bjoern@2984:             String url = getServletContext().getInitParameter("server-url");
bjoern@2984:             UserClient client = new UserClient(url);
bjoern@2984:             if (!client.userExists(user)) {
bjoern@3503:                 logger.debug("Creating db user");
bjoern@2984:                 if (!client.createUser(user)) {
bjoern@3851:                     this.redirectFailure(resp, req.getContextPath(),
bjoern@3851:                             "Could not create new user");
bjoern@2984:                 }
bjoern@2984:             }
bjoern@2984: 
bjoern@2950:             HttpSession session = req.getSession();
bjoern@2950:             session.setAttribute("user", user);
bjoern@2950: 
bjoern@2950:             String uri = (String)session.getAttribute("requesturi");
bjoern@2950: 
bjoern@3851:             this.redirectSuccess(resp, req.getContextPath(), uri);
bjoern@2950:         }
bjoern@2956:         catch(AuthenticationException e) {
bjoern@2970:             logger.error(e);
bjoern@3851:             this.redirectFailure(resp, req.getContextPath(), e);
bjoern@2950:         }
bjoern@2950:     }
bjoern@2950: 
bjoern@2956:     private Authentication auth(String username, String password, String encoding)
sascha@3697:         throws AuthenticationException, IOException
christian@3696:     {
bjoern@3485:         ServletContext sc = this.getServletContext();
bjoern@3485:         Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE);
bjoern@3485:         String auth = sc.getInitParameter("authentication");
bjoern@3485:         return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features);
bjoern@2950:     }
bjoern@2950: }