ExtranetLoginAction


1   /* ===============================================================================
2    *
3    * Part of the InfoGlue Content Management Platform (www.infoglue.org)
4    *
5    * ===============================================================================
6    *
7    *  Copyright (C)
8    * 
9    * This program is free software; you can redistribute it and/or modify it under
10   * the terms of the GNU General Public License version 2, as published by the
11   * Free Software Foundation. See the file LICENSE.html for more information.
12   * 
13   * This program is distributed in the hope that it will be useful, but WITHOUT
14   * ANY WARRANTY, including the implied warranty of MERCHANTABILITY or FITNESS
15   * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16   * 
17   * You should have received a copy of the GNU General Public License along with
18   * this program; if not, write to the Free Software Foundation, Inc. / 59 Temple
19   * Place, Suite 330 / Boston, MA 02111-1307 / USA.
20   *
21   * ===============================================================================
22   */
23  
24  package org.infoglue.deliver.applications.actions;
25  
26  import java.net.URLEncoder  ;
27  import java.security.Principal  ;
28  import java.util.Map  ;
29  
30  import javax.servlet.http.Cookie  ;
31  import javax.servlet.http.HttpServletRequest  ;
32  import javax.servlet.http.HttpServletResponse  ;
33  
34  import org.infoglue.cms.applications.common.actions.InfoGlueAbstractAction;
35  import org.infoglue.cms.security.AuthenticationModule;
36  import org.infoglue.cms.util.CmsPropertyHandler;
37  import org.infoglue.cms.util.DesEncryptionHelper;
38  import org.infoglue.deliver.controllers.kernel.impl.simple.ExtranetController;
39  import org.infoglue.deliver.util.HttpUtilities;
40  
41  /**
42   * This class is meant to be the authentication central for extranet users.
43   * It has methods for login-forms, authenticate-methods and much more.
44   */
45   
46  public final class ExtranetLoginAction extends InfoGlueAbstractAction
47  {
48      private String   userName         = null;
49      private String   password         = null;
50      private String   errorMessage     = "";
51      private String   returnAddress    = null;
52      private String   referer          = null;
53      private String   storeUserInfoCookie = null;
54      
55      public String   doExecute() throws Exception   
56      {
57          return "success";
58      }   
59  
60      public String   doLoginForm() throws Exception   
61      {
62          return "loginForm";
63      }   
64  
65      public String   doNoAccess() throws Exception   
66      {
67          return "noAccess";
68      }
69      
70      public String   doInvalidLogin() throws Exception   
71      {
72          return "invalidLogin";
73      }
74      
75      // To check access 
76      public String   doCheckUser() throws Exception  
77      {
78          Map   arguments = HttpUtilities.requestToHashtable((HttpServletRequest  )this.getRequest());
79  
80          if(ExtranetController.getController().getAuthenticatedPrincipal(arguments)!=null)
81              return "granted";
82          else
83              return "denied";
84      }
85      
86      public String   doAuthenticateUser() throws Exception   
87      {
88          boolean isAuthenticated = false;
89          
90          HttpServletRequest   hreq  = this.getRequest();
91          HttpServletResponse   hres = this.getResponse();
92          
93          Principal   principal = null;
94          try
95          {
96              Map   arguments = HttpUtilities.requestToHashtable(hreq);
97              
98              principal = ExtranetController.getController().getAuthenticatedPrincipal(arguments);
99          }
100         catch(Exception   e)
101         {
102             
103         }
104         
105         if(principal != null) 
106         {
107             isAuthenticated = true;
108         }
109 
110         //System.out.println("isAuthenticated:" + isAuthenticated);     
111         if(isAuthenticated)
112         {
113             //System.out.println("Yes - we try to send the user back to:" + this.returnAddress);        
114             this.getHttpSession().setAttribute("infogluePrincipal", principal);
115             this.getHttpSession().setAttribute("infoglueRemoteUser", principal.getName());
116 
117             handleCookies();
118             
119             this.getResponse().sendRedirect(this.returnAddress);
120         }
121         else
122         {
123             //getLogger().info("No - we try to send the back to the lofin screen.");        
124             errorMessage = "The logon information given was incorrect, please verify and try again.";
125             return "invalidLogin";
126         }
127         
128         return NONE;
129     }   
130     
131     /**
132      * This command invalidates the current session and then calls the authentication module logout method so it can
133      * do it's stuff. Sometimes it involves redirecting the user somewhere and then we returns nothing in this method.
134      */
135 
136     public String   doLogout() throws Exception  
137     {
138         getHttpSession().invalidate();
139         
140         AuthenticationModule authenticationModule = AuthenticationModule.getAuthenticationModule(null, null);
141         boolean redirected = authenticationModule.logoutUser(getRequest(), getResponse());
142         
143         if(redirected)
144         {
145             return NONE;
146         }
147         else
148         {
149             this.getResponse().sendRedirect(this.returnAddress);
150             return NONE;
151         }
152     }
153 
154     public String   urlEncode(String   string, String   encoding)
155     {
156         String   endodedString = string;
157         try
158         {
159             endodedString = URLEncoder.encode(string, encoding);
160         }
161         catch(Exception   e)
162         {
163             e.printStackTrace();
164         }
165         
166         return endodedString;
167     }
168     
169     /**
170      * This method gets if extranet cookies are allowed or not.
171      * @return
172      */
173     
174     public boolean getEnableExtranetCookies()
175     {
176         boolean enableExtranetCookies = false;
177         String   enableExtranetCookiesString = CmsPropertyHandler.getEnableExtranetCookies();
178         if(enableExtranetCookiesString != null && enableExtranetCookiesString.equalsIgnoreCase("true"))
179         {
180             enableExtranetCookies = true;
181         }
182         
183         return enableExtranetCookies;
184     }
185     
186     public void setUserName(String   userName)
187     {
188         this.userName = userName;
189     }
190     
191     public String   getUserName()
192     {
193         return this.userName;
194     }
195 
196     public void setPassword(String   password)
197     {
198         this.password = password;
199     }
200     
201     public String   getPassword()
202     {
203         return this.password;
204     }
205     
206     public void setJ_username(String   userName)
207     {
208         this.userName = userName;
209     }
210     
211     public String   getJ_username()
212     {
213         return this.userName;
214     }
215 
216     public void setJ_password(String   password)
217     {
218         this.password = password;
219     }
220     
221     public String   getJ_password()
222     {
223         return this.password;
224     }
225 
226     public String   getErrorMessage()
227     {
228         return this.errorMessage;
229     }
230 
231     public String   getReturnAddress()
232     {
233         return this.returnAddress;
234     }
235 
236     public void setReturnAddress(String   returnAddress)
237     {
238         this.returnAddress = returnAddress;
239     }
240 
241     public String   getReferer()
242     {
243         return referer;
244     }
245 
246     public void setReferer(String   referer)
247     {
248         this.referer = referer;
249     }
250 
251     private void handleCookies()
252     {
253         if(storeUserInfoCookie == null || !storeUserInfoCookie.equalsIgnoreCase("true"))
254             return;
255         
256         boolean enableExtranetCookies = getEnableExtranetCookies();
257         int extranetCookieTimeout = 43200; //30 days default
258         String   extranetCookieTimeoutString = CmsPropertyHandler.getExtranetCookieTimeout();
259         if(extranetCookieTimeoutString != null)
260         {
261             try
262             {
263                 extranetCookieTimeout = Integer.parseInt(extranetCookieTimeoutString.trim());
264             }
265             catch(Exception   e) {}
266         }
267     
268         if(enableExtranetCookies )
269         {
270             DesEncryptionHelper encHelper = new DesEncryptionHelper();
271     
272             String   userName = this.getRequest().getParameter("j_username");
273             String   encryptedName = encHelper.encrypt(userName);
274             Cookie   cookie_userid = new Cookie  ("igextranetuserid", encryptedName);
275             cookie_userid.setMaxAge(30 * 24 * 60 * 60); //30 days
276             this.getResponse().addCookie(cookie_userid);
277             
278             String   password = this.getRequest().getParameter("j_password");
279             String   encryptedPassword = encHelper.encrypt(password);
280             Cookie   cookie_password = new Cookie   ("igextranetpassword", encryptedPassword);
281             cookie_password.setMaxAge(30 * 24 * 60 * 60);  //30 days
282             this.getResponse().addCookie(cookie_password);
283         }
284     }
285     
286     public void setStoreUserInfoCookie(String   storeUserInfoCookie)
287     {
288         this.storeUserInfoCookie = storeUserInfoCookie;
289     }
290 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags