CheckLoginTag


1   /*
2    * This software was designed and created by Jason Carroll.
3    * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4    * The author can be reached at jcarroll@cowsultants.com
5    * ITracker website: http://www.cowsultants.com
6    * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7    *
8    * This program is free software; you can redistribute it and/or modify
9    * it only under the terms of the GNU General Public License as published by
10   * the Free Software Foundation; either version 2 of the License, or
11   * (at your option) any later version.
12   *
13   * This program is distributed in the hope that it will be useful,
14   * but WITHOUT ANY WARRANTY; without even the implied warranty of
15   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   * GNU General Public License for more details.
17   */
18  
19  package cowsultants.itracker.web.taglib;
20  
21  import java.io.*;
22  import java.rmi.*;
23  import java.net.*;
24  import java.util.*;
25  import javax.ejb.*;
26  import javax.rmi.*;
27  import javax.naming.*;
28  import javax.servlet.*;
29  import javax.servlet.http.*;
30  import javax.servlet.jsp.JspException  ;
31  import javax.servlet.jsp.tagext.TagSupport  ;
32  
33  import org.apache.struts.Globals;
34  import org.apache.struts.action.*;
35  import org.apache.struts.config.ModuleConfig;
36  
37  import cowsultants.itracker.ejb.client.interfaces.*;
38  import cowsultants.itracker.ejb.client.models.*;
39  import cowsultants.itracker.ejb.client.resources.*;
40  import cowsultants.itracker.ejb.client.util.*;
41  import cowsultants.itracker.web.actions.*;
42  import cowsultants.itracker.web.util.*;
43  
44  public final class CheckLoginTag extends TagSupport   {
45      private static boolean allowSaveLogin = true;
46      private String   name = Constants.USER_KEY;
47      private String   page = "/login.jsp";
48      private int permission = -1;
49  
50      static {
51          try {
52              InitialContext ic = new InitialContext();
53              Object   scRef = ic.lookup("java:comp/env/" + SystemConfiguration.JNDI_NAME);
54              SystemConfigurationHome scHome = (SystemConfigurationHome) PortableRemoteObject.narrow(scRef, SystemConfigurationHome.class);
55              SystemConfiguration sc = scHome.create();
56  
57              allowSaveLogin = sc.getBooleanProperty("allow_save_login", true);
58          } catch(CreateException ce) {
59          } catch(NamingException ne) {
60          }
61      }
62  
63      public String   getName() {
64          return name;
65      }
66  
67      public void setName(String   value) {
68          name = value;
69      }
70  
71      public String   getPage() {
72          return page;
73      }
74  
75      public void setPage(String   value) {
76            page = value;
77      }
78  
79      public int getPermission() {
80          return permission;
81      }
82  
83      public void setPermission(int value) {
84            permission = value;
85      }
86  
87      public int doStartTag() throws JspException   {
88            return (SKIP_BODY);
89      }
90  
91      public int doEndTag() throws JspException   {
92          HttpServletRequest request = (HttpServletRequest) pageContext.getRequest();
93          HttpServletResponse response = (HttpServletResponse) pageContext.getResponse();
94          String   requestPath = request.getRequestURI();
95          String   redirectURL = request.getRequestURI().substring(request.getContextPath().length()) +
96                               (request.getQueryString() != null ? "?" + request.getQueryString() : "");
97  
98            HttpSession session = pageContext.getSession();
99  
100         try {
101             if(session == null) {
102                 //pageContext.setAttribute("redirect", URLEncoder.encode(redirectURL));
103                 pageContext.getRequest().setAttribute(Constants.AUTH_REDIRECT_KEY, redirectURL);
104                 pageContext.forward(getPage());
105                 return SKIP_PAGE;
106             }
107 
108             UserModel user = (UserModel) session.getAttribute(Constants.USER_KEY);
109             String   login = (user == null ? null : user.getLogin());
110             HashMap permissions = (HashMap) session.getAttribute(Constants.PERMISSIONS_KEY);
111 
112             if(login == null || "".equals(login)) {
113                 if(LoginUtilities.checkAutoLogin(request, allowSaveLogin)) {
114                     pageContext.forward("/loginauto.do");
115                     return SKIP_PAGE;
116                 }
117 
118                 if(! requestPath.endsWith("/login.jsp")) {
119                     Logger.logDebug("Request for page " + requestPath + " attempted by unknown user.");
120                     request.setAttribute(Constants.AUTH_REDIRECT_KEY, redirectURL);
121                     Logger.logDebug("Setting redirect url to " + request.getAttribute(Constants.AUTH_REDIRECT_KEY));
122                     pageContext.forward(getPage());
123                     return SKIP_PAGE;
124                 }
125             } else {
126                 if(SessionManager.getSessionNeedsReset(login)) {
127                     // Reset the session stuff
128                     session.removeAttribute(Constants.USER_KEY);
129                     session.removeAttribute(Constants.PERMISSIONS_KEY);
130                     user = null;
131 
132                     LoginAction action = new LoginAction();
133 
134                     user = action.setupSession(login, request, response);
135 
136                     if(user == null || user.getStatus() != UserUtilities.STATUS_ACTIVE) {
137                         ActionErrors errors = new ActionErrors();
138                         errors.add(ActionErrors.GLOBAL_ERROR, new ActionError("itracker.web.login.error.inactive"));
139                         request.setAttribute(Globals.ERROR_KEY, errors);
140                         pageContext.forward(getPage());
141                         return SKIP_BODY;
142                     }
143                 }
144             }
145 
146             if(user == null) {
147                 request.setAttribute(Constants.AUTH_REDIRECT_KEY, redirectURL);
148                 pageContext.forward(getPage());
149                 return SKIP_PAGE;
150             } else {
151                 permissions = (HashMap) session.getAttribute(Constants.PERMISSIONS_KEY);
152                 SessionManager.updateSessionLastAccess(login);
153 
154                 boolean hasGlobalPermission = true;
155                 if(getPermission() >= 0) {
156                     if(! UserUtilities.hasPermission(permissions, getPermission())) {
157                         hasGlobalPermission = false;
158                         if(! requestPath.endsWith("/unauthorized.jsp")) {
159                             pageContext.forward("/unauthorized.jsp");
160                             return SKIP_PAGE;
161                         }
162                     }
163                 }
164             }
165         } catch(IOException ioe) {
166             Logger.logError("IOException while checking login. " + ioe.getMessage());
167             return SKIP_BODY;
168         } catch(ServletException se) {
169             Logger.logError("ServletException while checking login. " + se.getMessage());
170             return SKIP_BODY;
171         }
172 
173         clearState();
174         return EVAL_PAGE;
175     }
176 
177     public void release() {
178         super.release();
179         clearState();
180     }
181 
182     private void clearState() {
183         name = Constants.USER_KEY;
184         page = "/login.jsp";
185     }
186 }
187
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags