1 14 package org.compiere.wstore; 15 16 import javax.servlet.*; 17 import javax.servlet.http.*; 18 import java.io.*; 19 import java.util.*; 20 import java.sql.*; 21 22 import org.apache.ecs.*; 23 import org.apache.ecs.xhtml.*; 24 import org.apache.log4j.Logger; 25 26 import org.compiere.util.EMail; 27 import org.compiere.www.*; 28 29 40 public class LoginServlet extends HttpServlet 41 { 42 43 private Logger log = Logger.getLogger(getClass()); 44 45 static public final String NAME = "loginServlet"; 46 47 53 public void init(ServletConfig config) 54 throws ServletException 55 { 56 super.init(config); 57 if (!WEnv.initWeb(config)) 58 throw new ServletException("LoginServlet.init"); 59 } 61 65 public String getServletInfo() 66 { 67 return "Compiere Web Login Servlet"; 68 } 70 73 public void destroy() 74 { 75 log.debug("destroy"); 76 } 78 public static final String P_ForwardTo = "ForwardTo"; 79 public static final String LOGIN_JSP = "login.jsp"; 80 81 91 public void doGet(HttpServletRequest request, HttpServletResponse response) 92 throws ServletException, IOException 93 { 94 log.info("doGet from " + request.getRemoteHost() + " - " + request.getRemoteAddr()); 95 HttpSession session = request.getSession(true); 96 session.removeAttribute(JSPEnv.HDR_MESSAGE); 97 100 String forward = request.getParameter(P_ForwardTo); if (forward != null) 103 session.setAttribute(P_ForwardTo, forward); 104 String url = LOGIN_JSP; 106 String mode = request.getParameter("mode"); 108 boolean deleteCookie = "deleteCookie".equals(mode); 109 boolean logout = "logout".equals(mode); 110 if (deleteCookie) 111 { 112 log.debug("** deleteCookie"); 113 JSPEnv.deleteCookieWebUser (request, response); 114 } 115 if (logout || deleteCookie) 116 { 117 log.debug("** logout"); 118 if (session != null) 119 { 120 WebUser wu = (WebUser)session.getAttribute(WebUser.NAME); 121 if (wu != null) 122 wu.logout(); 123 session.setMaxInactiveInterval(1); 124 session.invalidate (); 125 } 126 WUtil.createForwardPage(response, "Logout", "http://" + request.getServerName() + "/"); 128 return; 129 } 130 131 log.info ("doGet - Forward to " + url); 132 RequestDispatcher dispatcher = getServletContext ().getRequestDispatcher (url); 133 dispatcher.forward (request, response); 134 return; 135 } 137 145 public void doPost(HttpServletRequest request, HttpServletResponse response) 146 throws ServletException, IOException 147 { 148 log.info("doPost from " + request.getRemoteHost() + " - " + request.getRemoteAddr()); 149 Properties ctx = JSPEnv.getCtx(request); 150 HttpSession session = request.getSession(true); 151 session.removeAttribute(JSPEnv.HDR_MESSAGE); 152 155 int AD_Client_ID = 0; 156 String s = request.getParameter("AD_Client_ID"); 157 if (s != null) 158 AD_Client_ID = Integer.parseInt(s); 159 160 String url = request.getParameter(P_ForwardTo); boolean checkOut = "Y".equals(session.getAttribute(CheckOutServlet.ATTR_CHECKOUT)); 163 boolean addressConfirm = "Y".equals(request.getParameter("AddressConfirm")); 165 if (checkOut) 166 { 167 if (addressConfirm) 168 url = "orderServlet"; 169 else 170 url = "addressInfo.jsp"; 171 } 172 else 173 addressConfirm = false; 174 if (url == null || url.length() == 0) 175 { 176 url = (String )session.getAttribute(P_ForwardTo); if (url == null || url.length() == 0) 178 url = "index.jsp"; 179 } 180 else 181 session.setAttribute(P_ForwardTo, url); String mode = request.getParameter("Mode"); 184 log.debug("- targeting url=" + url + " - mode=" + mode); 185 186 WebUser wu = (WebUser)session.getAttribute(WebUser.NAME); 188 189 String email = request.getParameter("EMail"); 191 if (email == null) 192 email = ""; 193 email = email.trim(); 194 String password = request.getParameter("Password"); 195 if (password == null) 196 password = ""; password = password.trim(); 198 199 if ("SendEMail".equals(mode)) 201 { 202 log.info("** send mail"); 203 wu = WebUser.get (ctx, email); if (!wu.isEMailValid()) 205 wu.setPasswordMessage("EMail not found in system"); 206 else 207 { 208 wu.setPassword(); String context = request.getServerName() + request.getContextPath() + "/"; 210 StringBuffer sb = new StringBuffer ("http://").append(context) 211 .append(" received a Send Password request from\n" + request.getRemoteHost() + " - " + request.getRemoteAddr() 212 + ".\n\nYour password is: ").append(wu.getPassword()) 213 .append("\n\nThank you for using ") 214 .append(context); 215 EMail em = new EMail (ctx, true, email, context + " Password request", sb.toString()); 217 String msg = em.send(); 218 if (EMail.SENT_OK.equals(msg)) 219 wu.setPasswordMessage ("EMail sent"); 220 else 221 wu.setPasswordMessage ("Problem sending EMail: " + msg); 222 } 223 url = LOGIN_JSP; 224 } 226 else if ("Login".equals(mode)) 228 { 229 log.info("** login " + email + "/" + password); 230 JSPEnv.addCookieWebUser(request, response, email); 232 233 wu = WebUser.get (ctx, email, password, false); 235 wu.login(password); 236 if (wu.isLoggedIn()) 238 { 239 if (url.equals(LOGIN_JSP)) 240 url = "index.jsp"; 241 } 242 else 243 { 244 url = LOGIN_JSP; 245 log.debug("- PasswordMessage=" + wu.getPasswordMessage()); 246 } 247 session.setAttribute (WebUser.NAME, wu); 248 session.setAttribute (Info.NAME, new Info (ctx, wu.getC_BPartner_ID(), wu.getAD_User_ID())); 249 } 251 else if ("LoginNew".equals(mode)) 253 { 254 log.info("** loginNew"); 255 JSPEnv.addCookieWebUser(request, response, ""); 256 wu = WebUser.get (ctx, ""); 257 session.setAttribute(WebUser.NAME, wu); 258 url = LOGIN_JSP; 259 } 260 261 else if ("Submit".equals(mode)) 263 { 264 log.info("** submit " + email + "/" + password + " - AddrConf=" + addressConfirm); 265 if (wu != null && wu.isLoggedIn() && addressConfirm) ; 268 else wu = WebUser.get (ctx, email, null, false); if (wu.getAD_User_ID() != 0) { 273 String passwordNew = request.getParameter("PasswordNew"); 274 if (passwordNew == null) 275 passwordNew = ""; 276 boolean passwordChange = passwordNew.length() > 0 && !passwordNew.equals(password); 277 if (addressConfirm || wu.login (password)) 278 { 279 if (passwordChange) 280 log.debug("- update Pwd " + email + ", Old=" + password + ", DB=" + wu.getPassword() + ", New=" + passwordNew); 281 if (updateFields(request, wu, passwordChange)) 282 { 283 if (passwordChange) 284 session.setAttribute(JSPEnv.HDR_MESSAGE, "Password changed"); 285 session.setAttribute (WebUser.NAME, wu); 286 session.setAttribute (Info.NAME, new Info (ctx, wu.getC_BPartner_ID(), wu.getAD_User_ID())); 287 } 288 else 289 { 290 url = LOGIN_JSP; 291 log.warn(" - update not done"); 292 } 293 } 294 else 295 { 296 url = LOGIN_JSP; 297 session.setAttribute(JSPEnv.HDR_MESSAGE, "Email/Password not correct"); 298 log.warn(" - update not confirmed"); 299 } 300 } 301 else { 303 log.debug("- new " + email + "/" + password); 304 wu.setEmail (email); 305 wu.setPassword (password); 306 if (updateFields (request, wu, true)) 307 { 308 if (wu.login(password)) 309 { 310 session.setAttribute (WebUser.NAME, wu); 311 session.setAttribute (Info.NAME, new Info (ctx, wu.getC_BPartner_ID(), wu.getAD_User_ID())); 312 } 313 else 314 url = LOGIN_JSP; 315 } 316 else 317 { 318 log.debug("- failed - " + wu.getSaveErrorMessage() + " - " + wu.getPasswordMessage()); 319 url = LOGIN_JSP; 320 } 321 } 323 } else 325 log.error("doPost - Unknown request - " + mode); 326 327 log.info("doPost - Forward to " + url); 328 RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(url); 329 dispatcher.forward(request, response); 330 } 332 333 340 private boolean updateFields (HttpServletRequest request, WebUser wu, boolean updateEMailPwd) 341 { 342 if (updateEMailPwd) 343 { 344 String s = request.getParameter ("PasswordNew"); 345 wu.setPasswordMessage (null); 346 wu.setPassword (s); 347 if (wu.getPasswordMessage () != null) 348 return false; 349 s = request.getParameter ("EMail"); 351 if (!WUtil.isEmailValid (s)) 352 { 353 wu.setPasswordMessage ("EMail Invalid"); 354 return false; 355 } 356 wu.setEmail (s.trim()); 357 } 358 StringBuffer mandatory = new StringBuffer (); 360 String s = request.getParameter("Name"); 361 if (s != null && s.length() != 0) 362 wu.setName(s.trim()); 363 else 364 mandatory.append(" - Name"); 365 s = request.getParameter("Company"); 366 if (s != null && s.length() != 0) 367 wu.setCompany(s); 368 s = request.getParameter("Title"); 369 if (s != null && s.length() != 0) 370 wu.setTitle(s); 371 s = request.getParameter("Address"); 373 if (s != null && s.length() != 0) 374 wu.setAddress(s); 375 else 376 mandatory.append(" - Address"); 377 s = request.getParameter("Address2"); 378 if (s != null && s.length() != 0) 379 wu.setAddress2(s); 380 s = request.getParameter("City"); 382 if (s != null && s.length() != 0) 383 wu.setCity(s); 384 else 385 mandatory.append(" - City"); 386 s = request.getParameter("Postal"); 387 if (s != null && s.length() != 0) 388 wu.setPostal(s); 389 else 390 mandatory.append(" - Postal"); 391 s = request.getParameter("C_Country_ID"); 393 if (s != null && s.length() != 0) 394 wu.setC_Country_ID(s); 395 s = request.getParameter("C_Region_ID"); 396 if (s != null && s.length() != 0) 397 wu.setC_Region_ID(s); 398 s = request.getParameter("RegionName"); 399 if (s != null && s.length() != 0) 400 wu.setRegionName(s); 401 s = request.getParameter("Phone"); 403 if (s != null && s.length() != 0) 404 wu.setPhone(s); 405 s = request.getParameter("Phone2"); 406 if (s != null && s.length() != 0) 407 wu.setPhone2(s); 408 s = request.getParameter("Fax"); 409 if (s != null && s.length() != 0) 410 wu.setFax(s); 411 if (mandatory.length() > 0) 413 { 414 mandatory.insert(0, "Enter Mandatory"); 415 wu.setSaveErrorMessage(mandatory.toString()); 416 return false; 417 } 418 return wu.save(); 419 } 421 427 private void sendEMail (HttpServletRequest request, Properties ctx, WebUser wu) 428 { 429 String subject = "Compiere Web - Account " + wu.getEmail(); 430 String message = "Thank you for your setting up an account at http://" 431 + request.getServerName() 432 + request.getContextPath() + "/"; 433 434 String SMTPHost = ctx.getProperty("SMTPHost", "localhost"); 435 String RequestEMail = ctx.getProperty("RequestEMail"); 436 String RequestUser = ctx.getProperty("RequestUser"); 437 String RequestUserPw = ctx.getProperty("RequestUserPw"); 438 EMail em = new EMail(SMTPHost, RequestEMail, wu.getEmail(), subject, message); 440 em.setEMailUser(RequestUser, RequestUserPw); 441 em.send(); 446 447 452 453 } 455 } | Popular Tags |