AuthAction


1   /* 
2    * Copyright (C) 2006 Methodhead Software LLC.  All rights reserved.
3    * 
4    * This file is part of TransferCM.
5    * 
6    * TransferCM is free software; you can redistribute it and/or modify it under the
7    * terms of the GNU General Public License as published by the Free Software
8    * Foundation; either version 2 of the License, or (at your option) any later
9    * version.
10   * 
11   * TransferCM is distributed in the hope that it will be useful, but WITHOUT ANY
12   * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13   * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
14   * details.
15   * 
16   * You should have received a copy of the GNU General Public License along with
17   * TransferCM; if not, write to the Free Software Foundation, Inc., 51 Franklin St,
18   * Fifth Floor, Boston, MA  02110-1301  USA
19   */
20  
21  package com.methodhead.auth;
22  
23  import javax.servlet.http.HttpServletRequest  ;
24  import javax.servlet.http.HttpServletResponse  ;
25  import javax.servlet.http.Cookie  ;
26  
27  import org.apache.struts.action.Action;
28  import org.apache.struts.action.ActionForm;
29  import org.apache.struts.action.ActionForward;
30  import org.apache.struts.action.ActionMapping;
31  import com.methodhead.util.StrutsUtil;
32  
33  /**
34   * <tt>AuthAction</tt> makes sure a user is logged in before calling {@link
35   * #doExecute doExecute()}.  <tt>AuthAction</tt> checks for a user in the
36   * session using {@link com.methodhead.auth.AuthUtil#getUser
37   * AuthUtil.getUser()}.  If if no such user is in the session, the url is
38   * stored in the <tt>AuthGlobals.URL_KEY</tt> request attribute and the
39   * <tt>loginForm</tt> forward is returned.  If a user is in the session,
40   * <tt>doExecute()</tt> is called.
41   */
42  public abstract class AuthAction
43  extends
44    Action {
45  
46    // constructors /////////////////////////////////////////////////////////////
47  
48    // constants ////////////////////////////////////////////////////////////////
49  
50    // classes //////////////////////////////////////////////////////////////////
51  
52    // methods //////////////////////////////////////////////////////////////////
53  
54    public ActionForward execute(
55      ActionMapping mapping,
56      ActionForm form,
57      HttpServletRequest   request,
58      HttpServletResponse   response )
59    throws
60      Exception   {
61  
62      //
63      // see if a user is logged in
64      //
65      AuthUser user = AuthUtil.getUser( request );
66    
67      if ( user == null ) {
68  
69        //
70        // remember me?
71        //
72        Cookie  [] cookies = request.getCookies();
73  
74        if ( cookies != null ) {
75          for ( int i = 0; i < cookies.length; i++ ) {
76            if ( cookies[ i ].getName().equals( "rememberme" ) ) {
77              String  [] parts = cookies[ i ].getValue().split( ":" );
78  
79              //
80              // get policy
81              //
82              AuthPolicy policy = ( AuthPolicy )StrutsUtil.getPolicy( mapping );
83  
84              user = policy.newUser();
85  
86              if ( user.loadForLogin( parts[ 0 ] ) ) {
87  
88                if ( user.getPublicSecret().equals( parts[ 1 ] ) ) {
89  
90                  //
91                  // process auto login
92                  //
93                  if ( !policy.autoLogin( user, request, form ) ) {
94  
95                    //
96                    // make a note of the destination
97                    //
98                    request.setAttribute(
99                      AuthGlobals.URL_KEY, AuthUtil.getRelativeUrl( request ) );
100 
101                   return StrutsUtil.findForward( mapping, "loginForm" );
102                 }
103 
104                 //
105                 // log the user in
106                 //
107                 AuthUtil.setUser( request, user );
108 
109                 //
110                 // perform the action
111                 //
112                 return doExecute( mapping, form, request, response );
113               }
114             }
115           }
116         }
117       }
118 
119       //
120       // make a note of the destination
121       //
122       StringBuffer   url = request.getRequestURL();
123       url.append( request.getQueryString() == null ? "" : "?" + request.getQueryString() );
124       request.setAttribute( AuthGlobals.URL_KEY, url.toString() );
125 
126       //
127       // forward to the login form
128       //
129       return StrutsUtil.findForward( mapping, "loginForm" );
130     }
131 
132     //
133     // execute the action
134     //
135     return doExecute( mapping, form, request, response );
136   }
137 
138   /**
139    * Executes the action.
140    */
141   protected abstract ActionForward doExecute(
142     ActionMapping mapping,
143     ActionForm form,
144     HttpServletRequest   request,
145     HttpServletResponse   response )
146   throws
147     Exception  ;
148 
149   // properties ///////////////////////////////////////////////////////////////
150 
151   // attributes ///////////////////////////////////////////////////////////////
152 }
153
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags