LoginServlet


1   /*****************************************
2    *                                       *
3    *  JBoss Portal: The OpenSource Portal  *
4    *                                       *
5    *   Distributable under LGPL license.   *
6    *   See terms of license at gnu.org.    *
7    *                                       *
8    *****************************************/
9   package org.jboss.portal.core.servlet;
10  
11  import java.io.IOException  ;
12  
13  import javax.servlet.ServletException  ;
14  import javax.servlet.http.HttpServlet  ;
15  import javax.servlet.http.HttpServletRequest  ;
16  import javax.servlet.http.HttpServletResponse  ;
17  
18  import org.jboss.portal.common.util.Tools;
19  import org.jboss.portal.common.util.UUIDGenerator;
20  import org.jboss.portal.core.CoreConstants;
21  import org.jboss.portal.core.security.jaas.CacheLoginModule;
22  
23  /**
24   * Perform the first pass of the sign in protocol.
25   *
26   * @author <a HREF="mailto:julien@jboss.org">Julien Viet</a>
27   * @version $Revision: 1.6 $
28   */
29  public class LoginServlet extends HttpServlet  
30  {
31  
32     private UUIDGenerator generator = new UUIDGenerator();
33     
34     protected void doGet(HttpServletRequest   req, HttpServletResponse   resp) throws ServletException  , IOException  
35     {
36        doPost(req, resp);
37     }
38  
39     protected void doPost(HttpServletRequest   req, HttpServletResponse   resp) throws ServletException  , IOException  
40     {
41        // Get data from request
42        String   username = (String  )req.getAttribute("username");
43        String   password = (String  )req.getAttribute("password");
44        String   redirect = (String  )req.getAttribute("redirect");
45  
46        // Or as parameters
47        if (username == null || password == null)
48        {
49           username = req.getParameter("username");
50           password = req.getParameter("password");
51           redirect = req.getParameter("redirect");
52        }
53  
54        // Need non null username/password to try authentication
55        if (username == null)
56        {
57           throw new ServletException  ("No username specified");
58        }
59        if (password == null)
60        {
61           throw new ServletException  ("No password specified");
62        }
63  
64        String   hash = Tools.md5AsHexString(generator.generateKey());
65        CacheLoginModule.Handle handle = CacheLoginModule.cache(hash, username, password);
66  
67        // Store in the session so it will not be removed from the weak map right now
68        req.getSession().setAttribute(CoreConstants.SES_SECURITY_HANDLE, handle);
69  
70        // Compute the redirect string
71        StringBuffer   buffer = new StringBuffer  ();
72        buffer.append(req.getContextPath()).
73        append("/authentication?username=").
74        append(Tools.createXWWWFormURLEncoded(username)).
75        append("&password=").
76        append(Tools.createXWWWFormURLEncoded(hash));
77        if (redirect != null)
78        {
79           buffer.append("&redirect=").
80                  append(Tools.createXWWWFormURLEncoded(redirect));
81        }
82  
83        // Perform redirect
84        String   url = buffer.toString();
85        resp.sendRedirect(url);
86     }
87  }
88
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags