KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > security > actions > PromptForSessionPasswordDispatchAction


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */

19             
20 package com.sslexplorer.security.actions;
21
22 import javax.servlet.http.HttpServletRequest JavaDoc;
23 import javax.servlet.http.HttpServletResponse JavaDoc;
24
25 import org.apache.commons.logging.Log;
26 import org.apache.commons.logging.LogFactory;
27 import org.apache.struts.Globals;
28 import org.apache.struts.action.ActionForm;
29 import org.apache.struts.action.ActionForward;
30 import org.apache.struts.action.ActionMapping;
31 import org.apache.struts.action.ActionMessage;
32 import org.apache.struts.action.ActionMessages;
33
34 import com.sslexplorer.core.CoreUtil;
35 import com.sslexplorer.core.UserDatabaseManager;
36 import com.sslexplorer.core.actions.AuthenticatedDispatchAction;
37 import com.sslexplorer.core.forms.CoreForm;
38 import com.sslexplorer.security.AuthenticationScheme;
39 import com.sslexplorer.security.Constants;
40 import com.sslexplorer.security.InvalidLoginCredentialsException;
41 import com.sslexplorer.security.PasswordCredentials;
42 import com.sslexplorer.security.SessionInfo;
43 import com.sslexplorer.security.UserDatabase;
44 import com.sslexplorer.security.forms.PromptForSessionPasswordForm;
45
46 /**
47  * <p>
48  * Action to prompt the currently logged on user to enter their session
49  * password.
50  *
51  * @author James D Robinson <a HREF="mailto:james@3sp.com">&lt;james@3sp.com&gt;</a>
52  *
53  *
54  */

55 public class PromptForSessionPasswordDispatchAction extends AuthenticatedDispatchAction {
56     final static Log log = LogFactory.getLog(SetPasswordAction.class);
57
58     /**
59      * Constructor.
60      */

61     public PromptForSessionPasswordDispatchAction() {
62         super();
63     }
64
65     /*
66      * (non-Javadoc)
67      *
68      * @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
69      * org.apache.struts.action.ActionForm,
70      * javax.servlet.http.HttpServletRequest,
71      * javax.servlet.http.HttpServletResponse)
72      */

73     public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request,
74                     HttpServletResponse JavaDoc response) throws Exception JavaDoc {
75         ((CoreForm) form).setReferer(CoreUtil.getReferer(request));
76         ((PromptForSessionPasswordForm)form).setForwardTo(request.getParameter("forwardTo"));
77         ((PromptForSessionPasswordForm)form).setTarget(request.getParameter("target"));
78         ((PromptForSessionPasswordForm)form).setFolder(request.getParameter("folder"));
79         return mapping.findForward("display");
80     }
81
82     /**
83      * Commit the passphrase change.
84      *
85      * @param mapping mappng
86      * @param form form
87      * @param request request
88      * @param response response
89      * @return forward
90      * @throws Exception
91      */

92     public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
93                     throws Exception JavaDoc {
94         PromptForSessionPasswordForm pfspf = (PromptForSessionPasswordForm) form;
95         AuthenticationScheme scheme = (AuthenticationScheme) getSessionInfo(request).getHttpSession().getAttribute(Constants.AUTH_SESSION);
96         try {
97             SessionInfo session = getSessionInfo(request);
98             UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(session.getUser().getRealm());
99             String JavaDoc username = session.getUser().getPrincipalName();
100             if (!udb.checkPassword(username, pfspf.getPassword())) {
101                 throw new Exception JavaDoc("Incorrect password.");
102             }
103             scheme.addCredentials(new PasswordCredentials(username, pfspf.getPassword().toCharArray()));
104             request.setAttribute(Constants.REQ_ATTR_FORWARD_TO, ((PromptForSessionPasswordForm)form).getForwardTo());
105             request.setAttribute(Constants.REQ_ATTR_TARGET, ((PromptForSessionPasswordForm)form).getTarget());
106             request.setAttribute(Constants.REQ_ATTR_FOLDER, ((PromptForSessionPasswordForm)form).getFolder());
107             return mapping.findForward("redirect");
108         } catch (InvalidLoginCredentialsException e) {
109             ActionMessages mesgs = new ActionMessages();
110             mesgs.add(Globals.ERROR_KEY, new ActionMessage("promptForSessionPassword.invalidCredentials"));
111             saveErrors(request, mesgs);
112             return mapping.findForward("display");
113         }
114     }
115
116     /**
117      * Cancel and logout.
118      *
119      * @param mapping mappng
120      * @param form form
121      * @param request request
122      * @param response response
123      * @return forward
124      * @throws Exception
125      */

126     public ActionForward cancel(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
127                     throws Exception JavaDoc {
128         return new ActionForward(((CoreForm) form).getReferer(), true);
129     }
130
131     /*
132      * (non-Javadoc)
133      *
134      * @see com.sslexplorer.core.actions.CoreAction#getNavigationContext(org.apache.struts.action.ActionMapping,
135      * org.apache.struts.action.ActionForm,
136      * javax.servlet.http.HttpServletRequest,
137      * javax.servlet.http.HttpServletResponse)
138      */

139     public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) {
140         return SessionInfo.USER_CONSOLE_CONTEXT | SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
141     }
142
143 }
Popular Tags