KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > compiere > wstore > LoginServlet


1 /******************************************************************************
2  * The contents of this file are subject to the Compiere License Version 1.1
3  * ("License"); You may not use this file except in compliance with the License
4  * You may obtain a copy of the License at http://www.compiere.org/license.html
5  * Software distributed under the License is distributed on an "AS IS" basis,
6  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
7  * the specific language governing rights and limitations under the License.
8  * The Original Code is Compiere ERP & CRM Smart Business Solution
9  * The Initial Developer of the Original Code is Jorg Janke and ComPiere, Inc.
10  * Portions created by Jorg Janke are Copyright (C) 1999-2003 Jorg Janke, parts
11  * created by ComPiere are Copyright (C) ComPiere, Inc.; All Rights Reserved.
12  * Contributor(s): ______________________________________.
13  *****************************************************************************/
14 package org.compiere.wstore;
15
16 import javax.servlet.*;
17 import javax.servlet.http.*;
18 import java.io.*;
19 import java.util.*;
20 import java.sql.*;
21
22 import org.apache.ecs.*;
23 import org.apache.ecs.xhtml.*;
24 import org.apache.log4j.Logger;
25
26 import org.compiere.util.EMail;
27 import org.compiere.www.*;
28
29 /**
30  * Web User Login.
31  * <pre>
32  * User posts Login
33  * - OK = forward
34  * - Did not find user
35  * - Invalid Password
36  * </pre>
37  * @author Jorg Janke
38  * @version $Id: LoginServlet.java,v 1.22 2003/08/31 06:51:26 jjanke Exp $
39  */
40 public class LoginServlet extends HttpServlet
41 {
42     /** Logging */
43     private Logger log = Logger.getLogger(getClass());
44     /** Name */
45     static public final String JavaDoc NAME = "loginServlet";
46
47     /**
48      * Initialize global variables
49      *
50      * @param config Configuration
51      * @throws ServletException
52      */
53     public void init(ServletConfig config)
54         throws ServletException
55     {
56         super.init(config);
57         if (!WEnv.initWeb(config))
58             throw new ServletException("LoginServlet.init");
59     } // init
60
61     /**
62      * Get Servlet information
63      * @return Info
64      */
65     public String JavaDoc getServletInfo()
66     {
67         return "Compiere Web Login Servlet";
68     } // getServletInfo
69
70     /**
71      * Clean up resources
72      */
73     public void destroy()
74     {
75         log.debug("destroy");
76     } // destroy
77
78     public static final String JavaDoc P_ForwardTo = "ForwardTo";
79     public static final String JavaDoc LOGIN_JSP = "login.jsp";
80
81     /**
82      * Process the HTTP Get request.
83      * (logout, deleteCookie)
84      * Sends Web Request Page
85      *
86      * @param request request
87      * @param response response
88      * @throws ServletException
89      * @throws IOException
90      */
91     public void doGet(HttpServletRequest request, HttpServletResponse response)
92         throws ServletException, IOException
93     {
94         log.info("doGet from " + request.getRemoteHost() + " - " + request.getRemoteAddr());
95         HttpSession session = request.getSession(true);
96         session.removeAttribute(JSPEnv.HDR_MESSAGE);
97         //
98 // WEnv.dump(request);
99
100         // save forward parameter
101 String JavaDoc forward = request.getParameter(P_ForwardTo); // get forward from request
102 if (forward != null)
103             session.setAttribute(P_ForwardTo, forward);
104         //
105 String JavaDoc url = LOGIN_JSP;
106         // Mode
107 String JavaDoc mode = request.getParameter("mode");
108         boolean deleteCookie = "deleteCookie".equals(mode);
109         boolean logout = "logout".equals(mode);
110         if (deleteCookie)
111         {
112             log.debug("** deleteCookie");
113             JSPEnv.deleteCookieWebUser (request, response);
114         }
115         if (logout || deleteCookie)
116         {
117             log.debug("** logout");
118             if (session != null)
119             {
120                 WebUser wu = (WebUser)session.getAttribute(WebUser.NAME);
121                 if (wu != null)
122                     wu.logout();
123                 session.setMaxInactiveInterval(1);
124                 session.invalidate ();
125             }
126             // Forward to unsecure /
127 WUtil.createForwardPage(response, "Logout", "http://" + request.getServerName() + "/");
128             return;
129         }
130
131         log.info ("doGet - Forward to " + url);
132         RequestDispatcher dispatcher = getServletContext ().getRequestDispatcher (url);
133         dispatcher.forward (request, response);
134         return;
135     } // doGet
136
137     /**
138      * Process the HTTP Post request
139      *
140      * @param request request
141      * @param response response
142      * @throws ServletException
143      * @throws IOException
144      */
145     public void doPost(HttpServletRequest request, HttpServletResponse response)
146         throws ServletException, IOException
147     {
148         log.info("doPost from " + request.getRemoteHost() + " - " + request.getRemoteAddr());
149         Properties ctx = JSPEnv.getCtx(request);
150         HttpSession session = request.getSession(true);
151         session.removeAttribute(JSPEnv.HDR_MESSAGE);
152     // WEnv.dump(session);
153 // WEnv.dump(request);
154
155         int AD_Client_ID = 0;
156         String JavaDoc s = request.getParameter("AD_Client_ID");
157         if (s != null)
158             AD_Client_ID = Integer.parseInt(s);
159
160         // Forward URL
161 String JavaDoc url = request.getParameter(P_ForwardTo); // get forward from request
162 boolean checkOut = "Y".equals(session.getAttribute(CheckOutServlet.ATTR_CHECKOUT));
163         // Set in login.jsp & addressInfo.jsp
164 boolean addressConfirm = "Y".equals(request.getParameter("AddressConfirm"));
165         if (checkOut)
166         {
167             if (addressConfirm)
168                 url = "orderServlet";
169             else
170                 url = "addressInfo.jsp";
171         }
172         else
173             addressConfirm = false;
174         if (url == null || url.length() == 0)
175         {
176             url = (String JavaDoc)session.getAttribute(P_ForwardTo); // get from session
177 if (url == null || url.length() == 0)
178                 url = "index.jsp";
179         }
180         else
181             session.setAttribute(P_ForwardTo, url); // save for log in issues
182 //
183 String JavaDoc mode = request.getParameter("Mode");
184         log.debug("- targeting url=" + url + " - mode=" + mode);
185
186         // Web User
187 WebUser wu = (WebUser)session.getAttribute(WebUser.NAME);
188
189         // Get Base Info
190 String JavaDoc email = request.getParameter("EMail");
191         if (email == null)
192             email = "";
193         email = email.trim();
194         String JavaDoc password = request.getParameter("Password");
195         if (password == null)
196             password = ""; // null loads w/o check
197 password = password.trim();
198
199         // Send EMail *** Send Password EMail Request
200 if ("SendEMail".equals(mode))
201         {
202             log.info("** send mail");
203             wu = WebUser.get (ctx, email); // find it
204 if (!wu.isEMailValid())
205                 wu.setPasswordMessage("EMail not found in system");
206             else
207             {
208                 wu.setPassword(); // set password to current
209 String JavaDoc context = request.getServerName() + request.getContextPath() + "/";
210                 StringBuffer JavaDoc sb = new StringBuffer JavaDoc("http://").append(context)
211                     .append(" received a Send Password request from\n" + request.getRemoteHost() + " - " + request.getRemoteAddr()
212                     + ".\n\nYour password is: ").append(wu.getPassword())
213                     .append("\n\nThank you for using ")
214                     .append(context);
215                 EMail em = new EMail (ctx, true, // fromCurrentOrRequest
216 email, context + " Password request", sb.toString());
217                 String JavaDoc msg = em.send();
218                 if (EMail.SENT_OK.equals(msg))
219                     wu.setPasswordMessage ("EMail sent");
220                 else
221                     wu.setPasswordMessage ("Problem sending EMail: " + msg);
222             }
223             url = LOGIN_JSP;
224         } // SendEMail
225
226         // Login
227 else if ("Login".equals(mode))
228         {
229             log.info("** login " + email + "/" + password);
230             // add Cookie
231 JSPEnv.addCookieWebUser(request, response, email);
232
233             // Always re-query
234 wu = WebUser.get (ctx, email, password, false);
235             wu.login(password);
236             // Password valid
237 if (wu.isLoggedIn())
238             {
239                 if (url.equals(LOGIN_JSP))
240                     url = "index.jsp";
241             }
242             else
243             {
244                 url = LOGIN_JSP;
245                 log.debug("- PasswordMessage=" + wu.getPasswordMessage());
246             }
247             session.setAttribute (WebUser.NAME, wu);
248             session.setAttribute (Info.NAME, new Info (ctx, wu.getC_BPartner_ID(), wu.getAD_User_ID()));
249         } // Login
250
251         // Login New
252 else if ("LoginNew".equals(mode))
253         {
254             log.info("** loginNew");
255             JSPEnv.addCookieWebUser(request, response, "");
256             wu = WebUser.get (ctx, "");
257             session.setAttribute(WebUser.NAME, wu);
258             url = LOGIN_JSP;
259         }
260
261         // Submit - update/new Contact
262 else if ("Submit".equals(mode))
263         {
264             log.info("** submit " + email + "/" + password + " - AddrConf=" + addressConfirm);
265             // we have a record for address update
266 if (wu != null && wu.isLoggedIn() && addressConfirm) // address update
267 ;
268             else // Submit - always re-load user record
269 wu = WebUser.get (ctx, email, null, false); // load w/o password check direct
270 //
271 if (wu.getAD_User_ID() != 0) // existing BPC
272 {
273                 String JavaDoc passwordNew = request.getParameter("PasswordNew");
274                 if (passwordNew == null)
275                     passwordNew = "";
276                 boolean passwordChange = passwordNew.length() > 0 && !passwordNew.equals(password);
277                 if (addressConfirm || wu.login (password))
278                 {
279                     if (passwordChange)
280                         log.debug("- update Pwd " + email + ", Old=" + password + ", DB=" + wu.getPassword() + ", New=" + passwordNew);
281                     if (updateFields(request, wu, passwordChange))
282                     {
283                         if (passwordChange)
284                             session.setAttribute(JSPEnv.HDR_MESSAGE, "Password changed");
285                         session.setAttribute (WebUser.NAME, wu);
286                         session.setAttribute (Info.NAME, new Info (ctx, wu.getC_BPartner_ID(), wu.getAD_User_ID()));
287                     }
288                     else
289                     {
290                         url = LOGIN_JSP;
291                         log.warn(" - update not done");
292                     }
293                 }
294                 else
295                 {
296                     url = LOGIN_JSP;
297                     session.setAttribute(JSPEnv.HDR_MESSAGE, "Email/Password not correct");
298                     log.warn(" - update not confirmed");
299                 }
300             }
301             else // new
302 {
303                 log.debug("- new " + email + "/" + password);
304                 wu.setEmail (email);
305                 wu.setPassword (password);
306                 if (updateFields (request, wu, true))
307                 {
308                     if (wu.login(password))
309                     {
310                         session.setAttribute (WebUser.NAME, wu);
311                         session.setAttribute (Info.NAME, new Info (ctx, wu.getC_BPartner_ID(), wu.getAD_User_ID()));
312                     }
313                     else
314                         url = LOGIN_JSP;
315                 }
316                 else
317                 {
318                     log.debug("- failed - " + wu.getSaveErrorMessage() + " - " + wu.getPasswordMessage());
319                     url = LOGIN_JSP;
320                 }
321             } // new
322
323         } // Submit
324 else
325             log.error("doPost - Unknown request - " + mode);
326
327         log.info("doPost - Forward to " + url);
328         RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(url);
329         dispatcher.forward(request, response);
330     } // doPost
331
332
333     /**
334      * Update Web User
335      * @param request request
336      * @param wu user
337      * @param updateEMailPwd if true, change email/password
338      * @return true if saved
339      */
340     private boolean updateFields (HttpServletRequest request, WebUser wu, boolean updateEMailPwd)
341     {
342         if (updateEMailPwd)
343         {
344             String JavaDoc s = request.getParameter ("PasswordNew");
345             wu.setPasswordMessage (null);
346             wu.setPassword (s);
347             if (wu.getPasswordMessage () != null)
348                 return false;
349             //
350 s = request.getParameter ("EMail");
351             if (!WUtil.isEmailValid (s))
352             {
353                 wu.setPasswordMessage ("EMail Invalid");
354                 return false;
355             }
356             wu.setEmail (s.trim());
357         }
358         //
359 StringBuffer JavaDoc mandatory = new StringBuffer JavaDoc();
360         String JavaDoc s = request.getParameter("Name");
361         if (s != null && s.length() != 0)
362             wu.setName(s.trim());
363         else
364             mandatory.append(" - Name");
365         s = request.getParameter("Company");
366         if (s != null && s.length() != 0)
367             wu.setCompany(s);
368         s = request.getParameter("Title");
369         if (s != null && s.length() != 0)
370             wu.setTitle(s);
371         //
372 s = request.getParameter("Address");
373         if (s != null && s.length() != 0)
374             wu.setAddress(s);
375         else
376             mandatory.append(" - Address");
377         s = request.getParameter("Address2");
378         if (s != null && s.length() != 0)
379             wu.setAddress2(s);
380         //
381 s = request.getParameter("City");
382         if (s != null && s.length() != 0)
383             wu.setCity(s);
384         else
385             mandatory.append(" - City");
386         s = request.getParameter("Postal");
387         if (s != null && s.length() != 0)
388             wu.setPostal(s);
389         else
390             mandatory.append(" - Postal");
391         //
392 s = request.getParameter("C_Country_ID");
393         if (s != null && s.length() != 0)
394             wu.setC_Country_ID(s);
395         s = request.getParameter("C_Region_ID");
396         if (s != null && s.length() != 0)
397             wu.setC_Region_ID(s);
398         s = request.getParameter("RegionName");
399         if (s != null && s.length() != 0)
400             wu.setRegionName(s);
401         //
402 s = request.getParameter("Phone");
403         if (s != null && s.length() != 0)
404             wu.setPhone(s);
405         s = request.getParameter("Phone2");
406         if (s != null && s.length() != 0)
407             wu.setPhone2(s);
408         s = request.getParameter("Fax");
409         if (s != null && s.length() != 0)
410             wu.setFax(s);
411         //
412 if (mandatory.length() > 0)
413         {
414             mandatory.insert(0, "Enter Mandatory");
415             wu.setSaveErrorMessage(mandatory.toString());
416             return false;
417         }
418         return wu.save();
419     } // updateFields
420
421     /**
422      * Send Account EMail.
423      * @param request request
424      * @param ctx context
425      * @param wu web user
426      */
427     private void sendEMail (HttpServletRequest request, Properties ctx, WebUser wu)
428     {
429         String JavaDoc subject = "Compiere Web - Account " + wu.getEmail();
430         String JavaDoc message = "Thank you for your setting up an account at http://"
431             + request.getServerName()
432             + request.getContextPath() + "/";
433
434         String JavaDoc SMTPHost = ctx.getProperty("SMTPHost", "localhost");
435         String JavaDoc RequestEMail = ctx.getProperty("RequestEMail");
436         String JavaDoc RequestUser = ctx.getProperty("RequestUser");
437         String JavaDoc RequestUserPw = ctx.getProperty("RequestUserPw");
438         //
439 EMail em = new EMail(SMTPHost, RequestEMail, wu.getEmail(), subject, message);
440         em.setEMailUser(RequestUser, RequestUserPw);
441         //
442 // String webOrderEMail = ctx.getProperty("webOrderEMail");
443 // em.addBcc(webOrderEMail);
444 //
445 em.send();
446
447         /**
448         Name=GardenWorld
449         webDir=compiere,
450         Description=GardenWorld
451         **/
452
453     } // sendEMail
454
455 } // LoginServlet
456
Popular Tags