# HG changeset patch # User Bjoern Ricks # Date 1342003030 0 # Node ID 192eddbbd4cfe34f7652942eb26e2571feab74f2 # Parent abf267708672eaa65c2e976c42ac810394602be8 Implement a login page to be able to authenticate a user The username and password requested by the login.jsp are send to the LoginServlet. The credentials are afterwards used to authenticate the user against GGinA. flys-client/trunk@4928 c6561f87-3c4e-4783-a992-168aeb5c3f6f diff -r abf267708672 -r 192eddbbd4cf flys-client/ChangeLog --- a/flys-client/ChangeLog Wed Jul 11 10:29:23 2012 +0000 +++ b/flys-client/ChangeLog Wed Jul 11 10:37:10 2012 +0000 @@ -1,3 +1,11 @@ +2012-07-11 Björn Ricks + + * src/main/java/de/intevation/flys/client/server/LoginServlet.java, + src/main/webapp/login.jsp, + src/main/webapp/FLYS.css, + src/main/webapp/WEB-INF/web.xml: + Implement a login page to be able to authenticate a user. + 2012-07-11 Björn Ricks * src/main/java/de/intevation/flys/client/server/GGInATrustStrategy.java: diff -r abf267708672 -r 192eddbbd4cf flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java Wed Jul 11 10:37:10 2012 +0000 @@ -0,0 +1,126 @@ +package de.intevation.flys.client.server; + +import java.io.IOException; +import java.security.GeneralSecurityException; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.http.HttpEntity; +import org.apache.http.HttpResponse; +import org.apache.http.client.HttpClient; +import org.apache.http.conn.scheme.Scheme; +import org.apache.http.conn.ssl.SSLSocketFactory; +import org.apache.http.impl.client.DefaultHttpClient; + +import org.apache.log4j.Logger; + +import de.intevation.flys.client.server.was.Assertion; +import de.intevation.flys.client.server.was.User; +import de.intevation.flys.client.server.was.Request; +import de.intevation.flys.client.server.was.Response; +import de.intevation.flys.client.server.was.ServiceException; +import de.intevation.flys.client.server.was.Signature; + + + +public class LoginServlet extends HttpServlet { + + private static Logger logger = Logger.getLogger(LoginServlet.class); + + private void redirectFailure(HttpServletResponse resp) throws IOException { + resp.sendRedirect("/login.jsp"); + } + + private void redirectSuccess(HttpServletResponse resp, String uri) throws IOException { + if (uri == null) { + uri = "/FLYS.html"; + } + resp.sendRedirect(uri); + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + logger.debug("Processing get request"); + this.redirectFailure(resp); + } + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + String encoding = req.getCharacterEncoding(); + String username = req.getParameter("username"); + String password = req.getParameter("password"); + + logger.debug("Processing post request"); + + if (username == null || password == null) { + logger.debug("No username or password provided"); + this.redirectFailure(resp); + } + try { + Response wasresp = this.auth(username, password, encoding); + if (wasresp == null || !wasresp.isSuccess()) { + logger.debug("Athentication not successful"); + this.redirectFailure(resp); + } + HttpSession session = req.getSession(); + User user = new User(username, password); + session.setAttribute("user", user); + + String uri = (String)session.getAttribute("requesturi"); + + this.redirectSuccess(resp, uri); + + /* Assertion assertion = wasresponse.getAssertion(); */ + /* System.out.println("ID: " + assertion.getID()); */ + /* System.out.println("UserID: " + assertion.getUserID()); */ + /* System.out.println("NameID: " + assertion.getNameID()); */ + /* System.out.println("GroupID: " + assertion.getGroupID()); */ + /* System.out.println("GroupName: " + assertion.getGroupName()); */ + /* System.out.println("From: " + assertion.getFrom()); */ + /* System.out.println("Until: " + assertion.getUntil()); */ + /* for(String role : assertion.getRoles()) { */ + /* System.out.println("Role: " + role); */ + /* } */ + /* Signature signature = assertion.getSiganture(); */ + /* System.out.println("Cert:"); */ + /* System.out.println(signature.getCertificate()); */ + /* System.out.println("Value: " + signature.getValue()); */ + /* System.out.println("Digest: " + signature.getDigestValue()); */ + /* System.out.println("Reference: " + signature.getReference()); */ + + } + catch(ServiceException e) { + //TODO User could not be authenticated + throw new ServletException(e); + } + catch(GeneralSecurityException e) { + throw new ServletException(e); + } + } + + private Response auth(String username, String password, String encoding) + throws IOException, ServiceException, GeneralSecurityException { + SSLSocketFactory sf = new SSLSocketFactory( + new GGInATrustStrategy()); + Scheme https = new Scheme("https", 443, sf); + HttpClient httpclient = new DefaultHttpClient(); + httpclient.getConnectionManager().getSchemeRegistry().register(https); + + Request httpget = new Request("https://geoportal.bafg.de/" + + "administration/WAS", username, password, encoding); + HttpResponse response = httpclient.execute(httpget); + HttpEntity entity = response.getEntity(); + if (entity == null) { + return null; + } + else { + return new Response(entity); + } + } +} diff -r abf267708672 -r 192eddbbd4cf flys-client/src/main/webapp/WEB-INF/web.xml --- a/flys-client/src/main/webapp/WEB-INF/web.xml Wed Jul 11 10:29:23 2012 +0000 +++ b/flys-client/src/main/webapp/WEB-INF/web.xml Wed Jul 11 10:37:10 2012 +0000 @@ -7,7 +7,7 @@ server-url - http://localhost:8181 + http://localhost:8188 @@ -468,10 +468,25 @@ /flys/themelisting + + login + de.intevation.flys.client.server.LoginServlet + + + + login + /flys/login + + GGInAFilter de.intevation.flys.client.server.GGInAFilter + + deactivate + 0 + + GGInAFilter /* diff -r abf267708672 -r 192eddbbd4cf flys-client/src/main/webapp/login.jsp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/flys-client/src/main/webapp/login.jsp Wed Jul 11 10:37:10 2012 +0000 @@ -0,0 +1,25 @@ + + + + FLYS - Login + + + + +
+

FLYS Anmeldung

+
Bitte geben Sie eine Benutzerkennung und ein Passwort ein.
+ + + + + + + + + +
+ +
+ +