KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > cowsultants > itracker > web > util > LoginUtilities


1 /*
2  * This software was designed and created by Jason Carroll.
3  * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4  * The author can be reached at jcarroll@cowsultants.com
5  * ITracker website: http://www.cowsultants.com
6  * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it only under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 2 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU General Public License for more details.
17  */

18
19 package cowsultants.itracker.web.util;
20
21 import javax.servlet.*;
22 import javax.servlet.http.*;
23
24 import cowsultants.itracker.ejb.client.util.*;
25
26 public class LoginUtilities {
27
28     public static boolean checkAutoLogin(HttpServletRequest request, boolean allowSaveLogin) {
29         boolean foundLogin = false;
30
31         if(request != null) {
32             int authType = getRequestAuthType(request);
33
34             // Check for auto login in request
35
if(! foundLogin) {
36                 if(authType == AuthenticationConstants.AUTH_TYPE_REQUEST) {
37                     String JavaDoc redirectURL = request.getRequestURI().substring(request.getContextPath().length()) +
38                                          (request.getQueryString() != null ? "?" + request.getQueryString() : "");
39                     request.setAttribute(Constants.AUTH_TYPE_KEY, new Integer JavaDoc(AuthenticationConstants.AUTH_TYPE_REQUEST));
40                     request.setAttribute(Constants.AUTH_REDIRECT_KEY, redirectURL);
41                     request.setAttribute("processLogin", "true");
42                     foundLogin = true;
43                 }
44             }
45
46             // Add in check for client certs
47

48             // Check for auto login with cookies, this will only happen if users are allowed to save
49
// their logins to cookies
50
if(allowSaveLogin && ! foundLogin) {
51                 Cookie[] cookies = request.getCookies();
52                 if(cookies != null) {
53                     for(int i = 0; i < cookies.length; i++) {
54                         if(Constants.COOKIE_NAME.equals(cookies[i].getName())) {
55                             int seperator = cookies[i].getValue().indexOf('~');
56                             if(seperator > 0) {
57                                 if(Logger.isLoggingDebug()) {
58                                     Logger.logDebug("Attempting autologin for user " + cookies[i].getValue().substring(0,seperator) + ".");
59                                 }
60
61                                 String JavaDoc redirectURL = request.getRequestURI().substring(request.getContextPath().length()) +
62                                                      (request.getQueryString() != null ? "?" + request.getQueryString() : "");
63                                 request.setAttribute(Constants.AUTH_LOGIN_KEY, cookies[i].getValue().substring(0,seperator));
64                                 request.setAttribute(Constants.AUTH_TYPE_KEY, new Integer JavaDoc(AuthenticationConstants.AUTH_TYPE_PASSWORD_ENC));
65                                 request.setAttribute(Constants.AUTH_VALUE_KEY, cookies[i].getValue().substring(seperator + 1));
66                                 request.setAttribute(Constants.AUTH_REDIRECT_KEY, redirectURL);
67                                 request.setAttribute("processLogin", "true");
68                                 foundLogin = true;
69                             }
70                         }
71                     }
72                 }
73             }
74
75 /*
76             // If we haven't found any explicit type, try doing a login with an unknown type, just in case
77             // This will allow authenticators to check whatever they want for an auto login
78             if(! foundLogin) {
79                 String redirectURL = request.getRequestURI().substring(request.getContextPath().length()) +
80                                      (request.getQueryString() != null ? "?" + request.getQueryString() : "");
81                 request.setAttribute(Constants.AUTH_TYPE_KEY, new Integer(AuthenticationConstants.AUTH_TYPE_UNKNOWN));
82                 request.setAttribute(Constants.AUTH_REDIRECT_KEY, redirectURL);
83                 request.setAttribute("processLogin", "true");
84                 foundLogin = true;
85             }
86 */

87         }
88
89         return foundLogin;
90     }
91
92     public static int getRequestAuthType(HttpServletRequest request) {
93         int authType = AuthenticationConstants.AUTH_TYPE_UNKNOWN;
94
95         try {
96             if(request.getAttribute(Constants.AUTH_TYPE_KEY) != null) {
97                 authType = ((Integer JavaDoc) request.getAttribute(Constants.AUTH_TYPE_KEY)).intValue();
98             }
99             if(request.getParameter(Constants.AUTH_TYPE_KEY) != null) {
100                 authType = Integer.parseInt(request.getParameter(Constants.AUTH_TYPE_KEY));
101             }
102         } catch(Exception JavaDoc e) {
103             Logger.logDebug("Error retrieving auth type while checking auto login. " + e.getMessage());
104         }
105
106         return authType;
107     }
108 }
109
Popular Tags