KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > jdon > security > web > LoginServlet


1 /**
2  * Copyright 2003-2006 the original author or authors.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6
7  http://www.apache.org/licenses/LICENSE-2.0
8
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15
16 package com.jdon.security.web;
17
18 import java.io.IOException JavaDoc;
19
20 import javax.servlet.ServletException JavaDoc;
21 import javax.servlet.http.HttpServlet JavaDoc;
22 import javax.servlet.http.HttpServletRequest JavaDoc;
23 import javax.servlet.http.HttpServletResponse JavaDoc;
24
25 import com.jdon.util.Debug;
26 import com.jdon.util.RequestUtil;
27 import com.jdon.util.StringUtil;
28
29 /**
30  * web.xml:
31  * <servlet> <servlet-name>jaaslogin</servlet-name>
32  * <servlet-class>com.jdon.security.web.LoginServlet</servlet-class>
33  * <init-param> <param-name>login</param-name> <param-value>/account/login.jsp</param-value>
34  * </init-param> <init-param> <param-name>logout</param-name>
35  * <param-value>/account/logout.jsp</param-value> </init-param>
36  * <load-on-startup>2</load-on-startup> </servlet>
37  *
38  * <servlet-mapping> <servlet-name>jaaslogin</servlet-name> <url-pattern>/jaaslogin</url-pattern>
39  * </servlet-mapping>
40  *
41  * <login-config> <auth-method>FORM</auth-method> <form-login-config>
42  * <form-login-page>/jaaslogin</form-login-page>
43  * <form-error-page>/account/login_error.jsp</form-error-page>
44  * </form-login-config> </login-config>
45  *
46  * login.jsp: <form method="POST" action="<%=request.getContextPath()%>/login"
47  * ..... </form>
48  *
49  * logout url: /login?logout
50  *
51  * @author banq
52  * @version 1.0
53  */
54 public class LoginServlet extends HttpServlet JavaDoc {
55     private final static String JavaDoc module = LoginServlet.class.getName();
56
57     public final static String JavaDoc form_login_page_param = "login";
58
59     public final static String JavaDoc form_error_page_param = "login_error";
60
61     public final static String JavaDoc logout_param = "logout";
62     
63
64     public void doGet(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
65             throws IOException JavaDoc, ServletException JavaDoc {
66         doPost(request, response);
67     }
68
69     public void doPost(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
70             throws ServletException JavaDoc, IOException JavaDoc {
71         Debug.logVerbose("[JdonFramework]enter LoginServlet" , module);
72         initCharacterEncoding(request, response);
73         String JavaDoc username = request.getParameter("j_username");
74         String JavaDoc password = request.getParameter("j_password");
75         if ((username != null) && (password != null)) {
76             Debug.logVerbose("[JdonFramework] username and password is not null", module);
77             if (request.getParameter("rememberMe") != null) {
78                 saveCookie(username, password, request, response);
79             }
80         } else {
81             Debug.logVerbose("[JdonFramework] check cookie", module);
82             if (request.getParameterMap().containsKey(logout_param)) {// /login?logout
83 logout(request, response);
84             } else {// call /login
85 username = CookieUtil.getUsername(request);
86                 password = CookieUtil.getPassword(request);
87                 Debug.logVerbose("[JdonFramework]get username from cookie username=" + username, module);
88                 if ((username == null) || (password == null)) {// no cookie, push login.jsp
89 forwardLogin(request, response);
90                 }
91             }
92         }
93         String JavaDoc route = request.getContextPath()
94                 + "/j_security_check?j_username=" + username + "&j_password="
95                 + password;
96         Debug.logVerbose("[JdonFramework] forward " + route, module);
97         response.sendRedirect(response.encodeRedirectURL(route));
98     }
99     
100     private void initCharacterEncoding(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response){
101         if (request.getCharacterEncoding() != null){
102             response.setCharacterEncoding(request.getCharacterEncoding());
103         }else{
104             response.setCharacterEncoding("UTF-8");
105         }
106     }
107     
108     private void saveCookie(String JavaDoc username , String JavaDoc password, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response){
109         Debug.logVerbose("[JdonFramework] save cookie", module);
110         RequestUtil.setCookie(response, "rememberMe", "true", "/");
111         RequestUtil.setCookie(response, "username", StringUtil
112                 .encodeString(username), "/");
113         RequestUtil.setCookie(response, "password", StringUtil
114                 .encodeString(password), "/");
115     }
116     
117     private void logout(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response){
118         Debug.logVerbose("[JdonFramework]logout, session.invalidate ", module);
119         try {
120             request.getSession().invalidate();
121             CookieUtil.deleteAllCookie(request, response);
122             String JavaDoc logoutUrl = this.getInitParameter(logout_param);
123             Debug.logVerbose("[JdonFramework]delete all cookie, push logout jsp=" + logoutUrl, module);
124             //request.getRequestDispatcher(logoutUrl).forward(request, response);
125 response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + logoutUrl));
126         } catch (IOException JavaDoc e) {
127             Debug.logError(e, module);
128         }
129     }
130     
131     private void forwardLogin(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response){
132         String JavaDoc loginUrl = this.getInitParameter(form_login_page_param);
133         Debug.logVerbose("[JdonFramework] not found cookie= push login jsp=" + loginUrl, module);
134         try {
135             response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + loginUrl));
136         } catch (IOException JavaDoc e) {
137             Debug.logError(e, module);
138         }
139     }
140
141 }
142
Popular Tags