KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > web > tomcat > security > FormAuthValve


1 /*
2 * JBoss, Home of Professional Open Source
3 * Copyright 2005, JBoss Inc., and individual contributors as indicated
4 * by the @authors tag. See the copyright.txt in the distribution for a
5 * full listing of individual contributors.
6 *
7 * This is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as
9 * published by the Free Software Foundation; either version 2.1 of
10 * the License, or (at your option) any later version.
11 *
12 * This software is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this software; if not, write to the Free
19 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21 */
22 package org.jboss.web.tomcat.security;
23
24 import java.io.IOException JavaDoc;
25 import javax.servlet.ServletException JavaDoc;
26 import javax.servlet.http.HttpSession JavaDoc;
27
28 import org.apache.catalina.connector.Request;
29 import org.apache.catalina.connector.Response;
30 import org.apache.catalina.valves.ValveBase;
31 import org.jboss.logging.Logger;
32
33 /** A valve that associates the j_username with the session under the attribute
34  * name j_username for use by form login/error pages. If the includePassword
35  * attribute is true, the j_password value is also included in the session
36  * under the attribute name j_password. In addition, it maps any
37  * authentication exception found in the SecurityAssociation to the session
38  * attribute name j_exception.
39  *
40  * @author Scott.Stark@jboss.org
41  * @version $Revision: 37459 $
42  */
43 public class FormAuthValve
44    extends ValveBase
45 {
46    private static Logger log = Logger.getLogger(FormAuthValve.class);
47    private static boolean trace = log.isTraceEnabled();
48    private boolean includePassword;
49
50    public boolean isIncludePassword()
51    {
52       return includePassword;
53    }
54    public void setIncludePassword(boolean includePassword)
55    {
56       this.includePassword = includePassword;
57    }
58
59    public void invoke(Request request, Response response)
60       throws IOException JavaDoc, ServletException JavaDoc
61    {
62       String JavaDoc username = request.getParameter("j_username");
63       HttpSession JavaDoc session = request.getSession(false);
64       if( trace )
65          log.trace("Enter, j_username="+username);
66       if( session != null )
67       {
68          if( username != null )
69             session.setAttribute("j_username", username);
70          if( includePassword )
71          {
72             Object JavaDoc pass = request.getParameter("j_password");
73             if( pass != null )
74                session.setAttribute("j_password", pass);
75          }
76       }
77
78       getNext().invoke(request, response);
79
80       username = request.getParameter("j_username");
81       session = request.getSession(false);
82       if( session != null )
83       {
84          if( trace )
85            log.trace("SessionID: "+session.getId());
86          if( username != null )
87             session.setAttribute("j_username", username);
88          // Check the SecurityAssociation context exception
89 Throwable JavaDoc t = (Throwable JavaDoc) SecurityAssociationActions.getAuthException();
90          if( trace )
91            log.trace("SecurityAssociation.exception: "+t);
92          if( t != null )
93             session.setAttribute("j_exception", t);
94       }
95       if( trace )
96          log.trace("Exit, username: "+username);
97    }
98 }
99
Popular Tags