PromptForSessionPasswordDispatchAction


1   /*
2    *  SSL-Explorer
3    *
4    *  Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5    *
6    *  This program is free software; you can redistribute it and/or
7    *  modify it under the terms of the GNU General Public License
8    *  as published by the Free Software Foundation; either version 2 of
9    *  the License, or (at your option) any later version.
10   *  This program is distributed in the hope that it will be useful,
11   *  but WITHOUT ANY WARRANTY; without even the implied warranty of
12   *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13   *  GNU General Public License for more details.
14   *
15   *  You should have received a copy of the GNU General Public
16   *  License along with this program; if not, write to the Free Software
17   *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18   */
19              
20  package com.sslexplorer.security.actions;
21  
22  import javax.servlet.http.HttpServletRequest  ;
23  import javax.servlet.http.HttpServletResponse  ;
24  
25  import org.apache.commons.logging.Log;
26  import org.apache.commons.logging.LogFactory;
27  import org.apache.struts.Globals;
28  import org.apache.struts.action.ActionForm;
29  import org.apache.struts.action.ActionForward;
30  import org.apache.struts.action.ActionMapping;
31  import org.apache.struts.action.ActionMessage;
32  import org.apache.struts.action.ActionMessages;
33  
34  import com.sslexplorer.core.CoreUtil;
35  import com.sslexplorer.core.UserDatabaseManager;
36  import com.sslexplorer.core.actions.AuthenticatedDispatchAction;
37  import com.sslexplorer.core.forms.CoreForm;
38  import com.sslexplorer.security.AuthenticationScheme;
39  import com.sslexplorer.security.Constants;
40  import com.sslexplorer.security.InvalidLoginCredentialsException;
41  import com.sslexplorer.security.PasswordCredentials;
42  import com.sslexplorer.security.SessionInfo;
43  import com.sslexplorer.security.UserDatabase;
44  import com.sslexplorer.security.forms.PromptForSessionPasswordForm;
45  
46  /**
47   * <p>
48   * Action to prompt the currently logged on user to enter their session
49   * password.
50   * 
51   * @author James D Robinson <a HREF="mailto:james@3sp.com">&lt;james@3sp.com&gt;</a>
52   * 
53   * 
54   */
55  public class PromptForSessionPasswordDispatchAction extends AuthenticatedDispatchAction {
56      final static Log log = LogFactory.getLog(SetPasswordAction.class);
57  
58      /**
59       * Constructor.
60       */
61      public PromptForSessionPasswordDispatchAction() {
62          super();
63      }
64  
65      /*
66       * (non-Javadoc)
67       * 
68       * @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
69       *      org.apache.struts.action.ActionForm,
70       *      javax.servlet.http.HttpServletRequest,
71       *      javax.servlet.http.HttpServletResponse)
72       */
73      public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest   request,
74                      HttpServletResponse   response) throws Exception   {
75          ((CoreForm) form).setReferer(CoreUtil.getReferer(request));
76          ((PromptForSessionPasswordForm)form).setForwardTo(request.getParameter("forwardTo"));
77          ((PromptForSessionPasswordForm)form).setTarget(request.getParameter("target"));
78          ((PromptForSessionPasswordForm)form).setFolder(request.getParameter("folder"));
79          return mapping.findForward("display");
80      }
81  
82      /**
83       * Commit the passphrase change.
84       * 
85       * @param mapping mappng
86       * @param form form
87       * @param request request
88       * @param response response
89       * @return forward
90       * @throws Exception
91       */
92      public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response)
93                      throws Exception   {
94          PromptForSessionPasswordForm pfspf = (PromptForSessionPasswordForm) form;
95          AuthenticationScheme scheme = (AuthenticationScheme) getSessionInfo(request).getHttpSession().getAttribute(Constants.AUTH_SESSION);
96          try {
97              SessionInfo session = getSessionInfo(request);
98              UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(session.getUser().getRealm());
99              String   username = session.getUser().getPrincipalName();
100             if (!udb.checkPassword(username, pfspf.getPassword())) {
101                 throw new Exception  ("Incorrect password.");
102             }
103             scheme.addCredentials(new PasswordCredentials(username, pfspf.getPassword().toCharArray()));
104             request.setAttribute(Constants.REQ_ATTR_FORWARD_TO, ((PromptForSessionPasswordForm)form).getForwardTo());
105             request.setAttribute(Constants.REQ_ATTR_TARGET, ((PromptForSessionPasswordForm)form).getTarget());
106             request.setAttribute(Constants.REQ_ATTR_FOLDER, ((PromptForSessionPasswordForm)form).getFolder());
107             return mapping.findForward("redirect");
108         } catch (InvalidLoginCredentialsException e) {
109             ActionMessages mesgs = new ActionMessages();
110             mesgs.add(Globals.ERROR_KEY, new ActionMessage("promptForSessionPassword.invalidCredentials"));
111             saveErrors(request, mesgs);
112             return mapping.findForward("display");
113         }
114     }
115 
116     /**
117      * Cancel and logout.
118      * 
119      * @param mapping mappng
120      * @param form form
121      * @param request request
122      * @param response response
123      * @return forward
124      * @throws Exception
125      */
126     public ActionForward cancel(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response)
127                     throws Exception   {
128         return new ActionForward(((CoreForm) form).getReferer(), true);
129     }
130 
131     /*
132      * (non-Javadoc)
133      * 
134      * @see com.sslexplorer.core.actions.CoreAction#getNavigationContext(org.apache.struts.action.ActionMapping,
135      *      org.apache.struts.action.ActionForm,
136      *      javax.servlet.http.HttpServletRequest,
137      *      javax.servlet.http.HttpServletResponse)
138      */
139     public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response) {
140         return SessionInfo.USER_CONSOLE_CONTEXT | SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
141     }
142 
143 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags