KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > turbine > modules > actions > LogoutUser


1 package org.apache.turbine.modules.actions;
2
3 /* ====================================================================
4  * The Apache Software License, Version 1.1
5  *
6  * Copyright (c) 2001 The Apache Software Foundation. All rights
7  * reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  *
13  * 1. Redistributions of source code must retain the above copyright
14  * notice, this list of conditions and the following disclaimer.
15  *
16  * 2. Redistributions in binary form must reproduce the above copyright
17  * notice, this list of conditions and the following disclaimer in
18  * the documentation and/or other materials provided with the
19  * distribution.
20  *
21  * 3. The end-user documentation included with the redistribution,
22  * if any, must include the following acknowledgment:
23  * "This product includes software developed by the
24  * Apache Software Foundation (http://www.apache.org/)."
25  * Alternately, this acknowledgment may appear in the software itself,
26  * if and wherever such third-party acknowledgments normally appear.
27  *
28  * 4. The names "Apache" and "Apache Software Foundation" and
29  * "Apache Turbine" must not be used to endorse or promote products
30  * derived from this software without prior written permission. For
31  * written permission, please contact apache@apache.org.
32  *
33  * 5. Products derived from this software may not be called "Apache",
34  * "Apache Turbine", nor may "Apache" appear in their name, without
35  * prior written permission of the Apache Software Foundation.
36  *
37  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
38  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
39  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
40  * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
41  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
43  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
44  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
46  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
47  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
48  * SUCH DAMAGE.
49  * ====================================================================
50  *
51  * This software consists of voluntary contributions made by many
52  * individuals on behalf of the Apache Software Foundation. For more
53  * information on the Apache Software Foundation, please see
54  * <http://www.apache.org/>.
55  */

56
57 import javax.servlet.http.HttpSession JavaDoc;
58
59 import org.apache.turbine.Turbine;
60 import org.apache.turbine.RunData;
61 import org.apache.turbine.modules.Action;
62 import org.apache.fulcrum.security.entity.User;
63 import org.apache.fulcrum.security.TurbineSecurity;
64 import org.apache.fulcrum.security.util.AccessControlList;
65
66 /**
67  * This action removes a user from the session. It makes sure to save
68  * the User object in the session.
69  *
70  * @author <a HREF="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
71  * @version $Id: LogoutUser.java,v 1.5 2002/04/23 16:03:33 dlr Exp $
72  */

73 public class LogoutUser
74     extends Action
75 {
76     /**
77      * Clears the RunData user object back to an anonymous status not
78      * logged in, and with a null ACL. If the tr.props ACTION_LOGIN
79      * is anthing except "LogoutUser", flow is transfered to the
80      * SCREEN_HOMEPAGE
81      *
82      * If this action name is the value of action.logout then we are
83      * being run before the session validator, so we don't need to
84      * set the screen (we assume that the session validator will handle
85      * that). This is basically still here simply to preserve old behaviour
86      * - it is recommended that action.logout is set to "LogoutUser" and
87      * that the session validator does handle setting the screen/template
88      * for a logged out (read not-logged-in) user.
89      *
90      * @param data Turbine information.
91      * @exception Exception a generic exception.
92      */

93     public void doPerform( RunData data )
94         throws Exception JavaDoc
95     {
96         User user = data.getUser();
97
98         if ( user != null )
99         {
100             // Make sure that the user has really logged in...
101
if (!user.hasLoggedIn() )
102                 return;
103
104             user.setHasLoggedIn( new Boolean JavaDoc(false) );
105             TurbineSecurity.saveUser( user );
106         }
107
108         data.setMessage(Turbine.getConfiguration().getString(
109             Turbine.LOGOUT_MESSAGE));
110
111         // This will cause the acl to be removed from the session in
112
// the Turbine servlet code.
113
data.setACL(null);
114
115         // Retrieve an anonymous user.
116
data.setUser( TurbineSecurity.getAnonymousUser() );
117         data.save();
118
119         // In the event that the current screen or related navigations
120
// require acl info, we cannot wait for Turbine to handle
121
// regenerating acl.
122
HttpSession JavaDoc session = data.getSession();
123         if (session != null)
124         {
125             try
126             {
127                 session.removeAttribute(AccessControlList.SESSION_KEY);
128             }
129             catch (IllegalStateException JavaDoc invalidatedSession)
130             {
131             }
132         }
133
134         // If this action name is the value of action.logout then we are
135
// being run before the session validator, so we don't need to
136
// set the screen (we assume that the session validator will handle
137
// that). This is basically still here simply to preserve old behaviour
138
// - it is recommended that action.logout is set to "LogoutUser" and
139
// that the session validator does handle setting the screen/template
140
// for a logged out (read not-logged-in) user.
141
if (!Turbine.getConfiguration().getString(Turbine.ACTION_LOGOUT, "")
142                 .equals("LogoutUser"))
143         {
144             data.setTarget(Turbine.getConfiguration().getString(
145                 Turbine.TEMPLATE_HOMEPAGE));
146         }
147     }
148 }
149
Popular Tags