Mercurial > dive4elements > river
changeset 2950:192eddbbd4cf
Implement a login page to be able to authenticate a user
The username and password requested by the login.jsp are send to
the LoginServlet. The credentials are afterwards used to authenticate
the user against GGinA.
flys-client/trunk@4928 c6561f87-3c4e-4783-a992-168aeb5c3f6f
| author | Bjoern Ricks <bjoern.ricks@intevation.de> |
|---|---|
| date | Wed, 11 Jul 2012 10:37:10 +0000 |
| parents | abf267708672 |
| children | 20ae06d2eeff |
| files | flys-client/ChangeLog flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java flys-client/src/main/webapp/WEB-INF/web.xml flys-client/src/main/webapp/login.jsp |
| diffstat | 4 files changed, 175 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/flys-client/ChangeLog Wed Jul 11 10:29:23 2012 +0000 +++ b/flys-client/ChangeLog Wed Jul 11 10:37:10 2012 +0000 @@ -1,3 +1,11 @@ +2012-07-11 Björn Ricks <bjoern.ricks@intevation.de> + + * src/main/java/de/intevation/flys/client/server/LoginServlet.java, + src/main/webapp/login.jsp, + src/main/webapp/FLYS.css, + src/main/webapp/WEB-INF/web.xml: + Implement a login page to be able to authenticate a user. + 2012-07-11 Björn Ricks <bjoern.ricks@intevation.de> * src/main/java/de/intevation/flys/client/server/GGInATrustStrategy.java:
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java Wed Jul 11 10:37:10 2012 +0000 @@ -0,0 +1,126 @@ +package de.intevation.flys.client.server; + +import java.io.IOException; +import java.security.GeneralSecurityException; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.http.HttpEntity; +import org.apache.http.HttpResponse; +import org.apache.http.client.HttpClient; +import org.apache.http.conn.scheme.Scheme; +import org.apache.http.conn.ssl.SSLSocketFactory; +import org.apache.http.impl.client.DefaultHttpClient; + +import org.apache.log4j.Logger; + +import de.intevation.flys.client.server.was.Assertion; +import de.intevation.flys.client.server.was.User; +import de.intevation.flys.client.server.was.Request; +import de.intevation.flys.client.server.was.Response; +import de.intevation.flys.client.server.was.ServiceException; +import de.intevation.flys.client.server.was.Signature; + + + +public class LoginServlet extends HttpServlet { + + private static Logger logger = Logger.getLogger(LoginServlet.class); + + private void redirectFailure(HttpServletResponse resp) throws IOException { + resp.sendRedirect("/login.jsp"); + } + + private void redirectSuccess(HttpServletResponse resp, String uri) throws IOException { + if (uri == null) { + uri = "/FLYS.html"; + } + resp.sendRedirect(uri); + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + logger.debug("Processing get request"); + this.redirectFailure(resp); + } + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + String encoding = req.getCharacterEncoding(); + String username = req.getParameter("username"); + String password = req.getParameter("password"); + + logger.debug("Processing post request"); + + if (username == null || password == null) { + logger.debug("No username or password provided"); + this.redirectFailure(resp); + } + try { + Response wasresp = this.auth(username, password, encoding); + if (wasresp == null || !wasresp.isSuccess()) { + logger.debug("Athentication not successful"); + this.redirectFailure(resp); + } + HttpSession session = req.getSession(); + User user = new User(username, password); + session.setAttribute("user", user); + + String uri = (String)session.getAttribute("requesturi"); + + this.redirectSuccess(resp, uri); + + /* Assertion assertion = wasresponse.getAssertion(); */ + /* System.out.println("ID: " + assertion.getID()); */ + /* System.out.println("UserID: " + assertion.getUserID()); */ + /* System.out.println("NameID: " + assertion.getNameID()); */ + /* System.out.println("GroupID: " + assertion.getGroupID()); */ + /* System.out.println("GroupName: " + assertion.getGroupName()); */ + /* System.out.println("From: " + assertion.getFrom()); */ + /* System.out.println("Until: " + assertion.getUntil()); */ + /* for(String role : assertion.getRoles()) { */ + /* System.out.println("Role: " + role); */ + /* } */ + /* Signature signature = assertion.getSiganture(); */ + /* System.out.println("Cert:"); */ + /* System.out.println(signature.getCertificate()); */ + /* System.out.println("Value: " + signature.getValue()); */ + /* System.out.println("Digest: " + signature.getDigestValue()); */ + /* System.out.println("Reference: " + signature.getReference()); */ + + } + catch(ServiceException e) { + //TODO User could not be authenticated + throw new ServletException(e); + } + catch(GeneralSecurityException e) { + throw new ServletException(e); + } + } + + private Response auth(String username, String password, String encoding) + throws IOException, ServiceException, GeneralSecurityException { + SSLSocketFactory sf = new SSLSocketFactory( + new GGInATrustStrategy()); + Scheme https = new Scheme("https", 443, sf); + HttpClient httpclient = new DefaultHttpClient(); + httpclient.getConnectionManager().getSchemeRegistry().register(https); + + Request httpget = new Request("https://geoportal.bafg.de/" + + "administration/WAS", username, password, encoding); + HttpResponse response = httpclient.execute(httpget); + HttpEntity entity = response.getEntity(); + if (entity == null) { + return null; + } + else { + return new Response(entity); + } + } +}
--- a/flys-client/src/main/webapp/WEB-INF/web.xml Wed Jul 11 10:29:23 2012 +0000 +++ b/flys-client/src/main/webapp/WEB-INF/web.xml Wed Jul 11 10:37:10 2012 +0000 @@ -7,7 +7,7 @@ <context-param> <param-name>server-url</param-name> - <param-value>http://localhost:8181</param-value> + <param-value>http://localhost:8188</param-value> </context-param> <!-- Servlets --> @@ -468,10 +468,25 @@ <url-pattern>/flys/themelisting</url-pattern> </servlet-mapping> + <servlet> + <servlet-name>login</servlet-name> + <servlet-class>de.intevation.flys.client.server.LoginServlet</servlet-class> + </servlet> + + <servlet-mapping> + <servlet-name>login</servlet-name> + <url-pattern>/flys/login</url-pattern> + </servlet-mapping> + <filter> <filter-name>GGInAFilter</filter-name> <filter-class>de.intevation.flys.client.server.GGInAFilter</filter-class> + <init-param> + <param-name>deactivate</param-name> + <param-value>0</param-value> + </init-param> </filter> + <filter-mapping> <filter-name>GGInAFilter</filter-name> <url-pattern>/*</url-pattern>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/flys-client/src/main/webapp/login.jsp Wed Jul 11 10:37:10 2012 +0000 @@ -0,0 +1,25 @@ +<!DOCTYPE html> +<html> + <head> + <title>FLYS - Login</title> + <link href="FLYS.css" type="text/css" rel="stylesheet"> + </head> + + <body> + <form method="POST" action="/flys/login" id="authentication"> + <h1>FLYS Anmeldung</h1> + <div>Bitte geben Sie eine Benutzerkennung und ein Passwort ein.</div> + <table> + <tr> + <td><label for="username">Benutzername: </label></td> + <td><input type="text" name="username" /></td> + </tr> + <tr> + <td><label for="password">Passwort: </label></td> + <td><input type="password" name="password" /></td> + </tr> + </table> + <input type="submit" class="sendButton" value="Anmelden"/> + </form> + </body> +</html>