teichmann@5861: /* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde teichmann@5861: * Software engineering by Intevation GmbH teichmann@5861: * teichmann@5993: * This file is Free Software under the GNU AGPL (>=v3) teichmann@5861: * and comes with ABSOLUTELY NO WARRANTY! Check out the teichmann@5993: * documentation coming with Dive4Elements River for details. teichmann@5861: */ teichmann@5861: teichmann@5835: package org.dive4elements.river.client.server; bjoern@2950: bjoern@2950: import java.io.IOException; bjoern@2950: gernotbelger@9497: import javax.servlet.ServletContext; bjoern@2950: import javax.servlet.ServletException; bjoern@2950: import javax.servlet.http.HttpServletRequest; bjoern@2950: import javax.servlet.http.HttpServletResponse; bjoern@2950: bjoern@2950: import org.apache.log4j.Logger; teichmann@5835: import org.dive4elements.river.client.server.auth.Authentication; teichmann@5835: import org.dive4elements.river.client.server.auth.AuthenticationException; teichmann@5835: import org.dive4elements.river.client.server.auth.AuthenticationFactory; gernotbelger@9497: import org.dive4elements.river.client.server.auth.User; teichmann@5835: import org.dive4elements.river.client.server.features.Features; bjoern@2950: bh@5953: public class LoginServlet extends AuthenticationServlet { bjoern@2950: teichmann@8203: private static Logger log = Logger.getLogger(LoginServlet.class); bjoern@4451: bjoern@2950: @Override gernotbelger@9497: protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException { gernotbelger@9497: final String encoding = req.getCharacterEncoding(); gernotbelger@9497: final String username = req.getParameter("username"); gernotbelger@9497: final String password = req.getParameter("password"); bjoern@2950: teichmann@8203: log.debug("Processing post request"); bjoern@2950: bjoern@2950: if (username == null || password == null) { teichmann@8203: log.debug("No username or password provided"); bjoern@3851: this.redirectFailure(resp, req.getContextPath()); christian@3696: return; bjoern@2950: } sascha@3697: bjoern@2950: try { gernotbelger@9497: final Authentication aresp = this.auth(username, password, encoding); bjoern@2956: if (aresp == null || !aresp.isSuccess()) { teichmann@8203: log.debug("Authentication not successful"); bjoern@3851: this.redirectFailure(resp, req.getContextPath()); bjoern@4489: return; bjoern@2950: } gernotbelger@9497: gernotbelger@9497: final User user = aresp.getUser(); gernotbelger@9577: gernotbelger@9497: final String userGroup = user.getUserGroup(); gernotbelger@9577: log.info(String.format("Login-Authentication successfull: group = '%s'", userGroup)); gernotbelger@9497: gernotbelger@9497: this.performLogin(req, resp, user); bjoern@2950: } gernotbelger@9497: catch (final AuthenticationException e) { tom@8399: log.error(e.getMessage()); bjoern@3851: this.redirectFailure(resp, req.getContextPath(), e); bjoern@2950: } bjoern@2950: } bjoern@2950: gernotbelger@9497: private Authentication auth(final String username, final String password, final String encoding) throws AuthenticationException, IOException { gernotbelger@9497: final ServletContext sc = this.getServletContext(); gernotbelger@9497: final Features features = (Features) sc.getAttribute(Features.CONTEXT_ATTRIBUTE); gernotbelger@9497: final String auth = sc.getInitParameter("authentication"); gernotbelger@9497: return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features, sc); bjoern@2950: } gernotbelger@9497: }