KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > web > tomcat > security > authenticators > ExtendedJASPIFormAuthenticator


1 /*
2 * JBoss, Home of Professional Open Source
3 * Copyright 2005, JBoss Inc., and individual contributors as indicated
4 * by the @authors tag. See the copyright.txt in the distribution for a
5 * full listing of individual contributors.
6 *
7 * This is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as
9 * published by the Free Software Foundation; either version 2.1 of
10 * the License, or (at your option) any later version.
11 *
12 * This software is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this software; if not, write to the Free
19 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21 */

22 package org.jboss.web.tomcat.security.authenticators;
23
24 import javax.servlet.http.HttpSession JavaDoc;
25
26 import org.apache.catalina.deploy.LoginConfig;
27 import org.apache.catalina.connector.Request;
28 import org.apache.catalina.connector.Response;
29 import org.jboss.logging.Logger;
30
31 //$Id: ExtendedJASPIFormAuthenticator.java 45272 2006-05-26 14:50:58Z asaldhana $
32

33 /**
34  * An extension of the form authenticator that associates the j_username with
35  * the session under the attribute name j_username for use by form login/error
36  * pages. If the includePassword attribute is true, the j_password value is
37  * also included in the session under the attribute name j_password. In
38  * addition, it maps any authentication exception found in the
39  * SecurityAssociation to the session attribute name j_exception.
40  * Based on the JASPIFormAuthenticator
41  *
42  * @author Scott.Stark@jboss.org
43  * @author Anil.Saldhana@jboss.org
44  * @version $Revision: 45272 $
45  */

46 public class ExtendedJASPIFormAuthenticator extends JASPIFormAuthenticator
47 {
48    private static Logger log = Logger.getLogger(ExtendedJASPIFormAuthenticator.class);
49    private static boolean trace = log.isTraceEnabled();
50    private boolean includePassword;
51
52    public boolean isIncludePassword()
53    {
54       return includePassword;
55    }
56    public void setIncludePassword(boolean includePassword)
57    {
58       this.includePassword = includePassword;
59    }
60
61    /**
62     * Dispatch to the form error-page
63     *
64     * @param request Request we are processing
65     * @param response Response we are creating
66     * @param config Login configuration describing how authentication should
67     * be performed
68     */

69    protected void forwardToErrorPage(Request request, Response response,LoginConfig config)
70    {
71       if( trace )
72          log.trace("forwardToErrorPage");
73       populateSession(request);
74       super.forwardToErrorPage(request, response,config);
75       SecurityAssociationActions.clearAuthException();
76    }
77
78    /**
79     * Dispatch to the form login-page
80     *
81     * @param request Request we are processing
82     * @param response Response we are creating
83     * @param config Login configuration describing how authentication should
84     * be performed
85     */

86    protected void forwardToLoginPage(LoginConfig config,
87       Request request, Response response)
88    {
89       if( trace )
90          log.trace("forwardToLoginPage");
91       populateSession(request);
92       super.forwardToLoginPage(request, response,config);
93    }
94
95    protected void populateSession(Request request)
96    {
97       String JavaDoc username = request.getParameter("j_username");
98       HttpSession JavaDoc session = request.getSession(false);
99       if( trace )
100          log.trace("Enter, j_username="+username);
101       if( session != null )
102       {
103          if( username != null )
104             session.setAttribute("j_username", username);
105          if( includePassword )
106          {
107             Object JavaDoc pass = request.getParameter("j_password");
108             if( pass != null )
109                session.setAttribute("j_password", pass);
110          }
111       }
112
113       username = request.getParameter("j_username");
114       session = request.getSession(false);
115       if( session != null )
116       {
117          if( trace )
118            log.trace("SessionID: "+session.getId());
119          if( username != null )
120             session.setAttribute("j_username", username);
121          // Check the SecurityAssociation context exception
122
Throwable JavaDoc t = (Throwable JavaDoc) SecurityAssociationActions.getAuthException();
123          if( trace )
124            log.trace("SecurityAssociation.exception: "+t);
125          if( t != null )
126             session.setAttribute("j_exception", t);
127       }
128       if( trace )
129          log.trace("Exit, username: "+username);
130    }
131 }
132
Popular Tags