LoginCommand


1   /***********************************************************************
2    * Copyright (c) 2000-2004 The Apache Software Foundation.             *
3    * All rights reserved.                                                *
4    * ------------------------------------------------------------------- *
5    * Licensed under the Apache License, Version 2.0 (the "License"); you *
6    * may not use this file except in compliance with the License. You    *
7    * may obtain a copy of the License at:                                *
8    *                                                                     *
9    *     http://www.apache.org/licenses/LICENSE-2.0                      *
10   *                                                                     *
11   * Unless required by applicable law or agreed to in writing, software *
12   * distributed under the License is distributed on an "AS IS" BASIS,   *
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or     *
14   * implied.  See the License for the specific language governing       *
15   * permissions and limitations under the License.                      *
16   ***********************************************************************/
17  
18  package org.apache.james.imapserver.commands;
19  
20  import org.apache.james.imapserver.AuthenticationException;
21  import org.apache.james.imapserver.ImapRequest;
22  import org.apache.james.imapserver.ImapSession;
23  import org.apache.james.imapserver.ImapSessionState;
24  
25  import java.util.StringTokenizer  ;
26  import java.util.List  ;
27  
28  class LoginCommand extends NonAuthenticatedStateCommand
29  {
30      LoginCommand()
31      {
32          this.commandName = "LOGIN";
33  
34          this.getArgs().add( new AstringArgument( "username" ) );
35          this.getArgs().add( new AstringArgument( "password" ) );
36      }
37  
38      protected boolean doProcess( ImapRequest request, ImapSession session, List   argValues )
39      {
40          String   userName = (String  ) argValues.get(0);
41          String   password = (String  ) argValues.get(1);
42  
43          session.setCurrentUser( userName );
44          if ( session.getUsers().test( session.getCurrentUser(), password ) ) {
45              session.getSecurityLogger().info( "Login successful for " + session.getCurrentUser() + " from  "
46                                   + session.getRemoteHost() + "(" + session.getRemoteIP() + ")" );
47              // four possibilites handled:
48              // private mail: isLocal, is Remote
49              // other mail (shared, news, etc.) is Local, is Remote
50  
51              if ( session.getImapHost().isHomeServer( session.getCurrentUser() ) ) {
52                  session.okResponse( request.getCommand() );
53                  session.setState( ImapSessionState.AUTHENTICATED );
54  
55              }
56              else {
57                  String   remoteServer = null;
58                  try {
59                      remoteServer
60                              = session.getImapSystem().getHomeServer( session.getCurrentUser() );
61                  }
62                  catch ( AuthenticationException ae ) {
63                      session.setConnectionClosed( session.closeConnection( TAGGED_NO,
64                                                 " cannot find your inbox, closing connection",
65                                                 "" ) );
66                      return false;
67                  }
68  
69                  if ( session.getImapHost().hasLocalAccess( session.getCurrentUser() ) ) {
70                      session.okResponse( "[REFERRAL "
71                                                 + remoteServer + "]" + SP
72                                                 + "Your home server is remote, other mailboxes available here" );
73                      session.setState( ImapSessionState.AUTHENTICATED );
74  
75                  }
76                  else {
77                      session.closeConnection( TAGGED_NO, " [REFERRAL" + SP
78                                                  + remoteServer + "]" + SP
79                                                  + "No mailboxes available here, try remote server", "" );
80                      return false;
81                  }
82              }
83              session.setCurrentNamespace( session.getImapHost().getDefaultNamespace( session.getCurrentUser() ) );
84              session.setCurrentSeperator( session.getImapSystem().getHierarchySeperator( session.getCurrentNamespace() ) );
85              // position at root of default Namespace,
86              // which is not actually a folder
87              session.setCurrentFolder( session.getCurrentNamespace() + session.getCurrentSeperator() + "" );
88              getLogger().debug( "Current folder for user " + session.getCurrentUser() + " from "
89                                 + session.getRemoteHost() + "(" + session.getRemoteIP() + ") is "
90                                 + session.getCurrentFolder() );
91              return true;
92  
93  
94          } // failed password test
95  
96          // We should add ability to monitor attempts to login
97          session.noResponse( request.getCommand() );
98          session.getSecurityLogger().error( "Failed attempt to use Login command for account "
99                                + session.getCurrentUser() + " from " + session.getRemoteHost() + "(" + session.getRemoteIP()
100                               + ")" );
101         return true;
102     }
103 }
104
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags