KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > mmbase > bridge > jsp > taglib > CloudTag


1 /*
2
3 This software is OSI Certified Open Source Software.
4 OSI Certified is a certification mark of the Open Source Initiative.
5
6 The license (Mozilla version 1.0) can be read at the MMBase site.
7 See http://www.MMBase.org/license
8
9 */

10 package org.mmbase.bridge.jsp.taglib;
11
12 import org.mmbase.bridge.jsp.taglib.util.Attribute;
13 import java.io.IOException JavaDoc;
14 import java.io.File JavaDoc;
15
16 import java.util.*;
17
18 import javax.servlet.http.*;
19 import javax.servlet.jsp.*;
20 import javax.servlet.RequestDispatcher JavaDoc;
21
22 import org.mmbase.bridge.*;
23 import org.mmbase.bridge.ContextProvider;
24 import org.mmbase.security.*; // hmm, not from bridge, but we do need it anyway
25
import org.mmbase.util.functions.*;
26
27
28 import org.mmbase.util.StringSplitter;
29
30 import org.mmbase.util.logging.Logger;
31 import org.mmbase.util.logging.Logging;
32
33 /**
34  * Creates a cloud object (pulling it from if session necessary). While
35  * creating a cloud object one also has to authenticate itself, so this
36  * functionality is also in this tag.
37  *
38  * @author Pierre van Rooden
39  * @author Michiel Meeuwissen
40  * @author Vincent van der Locht
41  * @version $Id: CloudTag.java,v 1.144.2.1 2006/10/06 12:30:52 michiel Exp $
42  */

43
44 public class CloudTag extends ContextReferrerTag implements CloudProvider, ParamHandler {
45
46
47     private static String JavaDoc INITIAL_REALM_PREFIX = "initial-";
48
49     /**
50      * Constants needed for the loginpage attribute functionality
51      */

52     private static final String JavaDoc LOGINPAGE_COMMAND_PARAMETER = "command";
53     private static final String JavaDoc LOGINPAGE_COMMAND_LOGIN = "login";
54     private static final String JavaDoc LOGINPAGE_COMMAND_LOGOUT = "logout";
55     private static final String JavaDoc LOGINPAGE_AUTHENTICATE_PARAMETER = "authenticate";
56     private static final String JavaDoc LOGINPAGE_CLOUD_PARAMETER = "cloud";
57
58     private static final String JavaDoc LOGINPAGE_DENYREASON_NEED = "please";
59     private static final String JavaDoc LOGINPAGE_DENYREASON_FAIL = "failed";
60     private static final String JavaDoc LOGINPAGE_DENYREASON_RANKTOOLOW = "rank";
61
62     private static final int DENYREASON_FAIL = 1;
63     private static final int DENYREASON_RANKTOOLOW = 2;
64
65     private static final Logger log = Logging.getLoggerInstance(CloudTag.class);
66
67     private static final String JavaDoc DEFAULT_CLOUD_NAME = "mmbase";
68
69     private static final String JavaDoc REALM = "realm_";
70
71
72     private String JavaDoc jspVar;
73
74     private Cookie[] cookies;
75
76     private CloudContext cloudContext;
77
78     private Attribute cloudName = Attribute.NULL;
79     private Attribute cloudURI = Attribute.NULL;
80     private Cloud cloud;
81
82     /**
83      * @since MMBase-1.7
84      */

85     private boolean sessionCloud = true;
86
87     private Attribute authenticate = Attribute.NULL;
88
89     private Attribute loginpage = Attribute.NULL;
90
91     //private int method = CloudContext.METHOD_UNSET; // how to log on, method can eg be 'http'.
92
private Attribute method = Attribute.NULL;
93     private Attribute logonatt = Attribute.NULL;
94     private List logon;
95     private Attribute pwd = Attribute.NULL;
96     private Attribute rank = Attribute.NULL;
97     private Attribute sessionName = Attribute.NULL;
98
99     private Attribute onfail = Attribute.NULL;
100
101     private HttpSession session;
102     private HttpServletRequest request;
103     private HttpServletResponse response;
104     private Locale locale;
105
106     /**
107      * @return the default cloud context
108      **/

109     public CloudContext getDefaultCloudContext() throws JspTagException {
110         if (cloudContext == null) {
111             cloudContext = ContextProvider.getCloudContext(cloudURI.getString(this));
112         }
113         return cloudContext;
114     }
115
116     public void setUri(String JavaDoc uri) throws JspTagException {
117         cloudURI = getAttribute(uri);
118     }
119
120     public void setName(String JavaDoc name) throws JspTagException {
121         cloudName = getAttribute(name);
122     }
123
124     protected String JavaDoc getName() throws JspTagException {
125         if (cloudName == Attribute.NULL) {
126             return DEFAULT_CLOUD_NAME;
127         }
128         return cloudName.getString(this);
129     }
130
131     public void setLogon(String JavaDoc l) throws JspTagException {
132         logonatt = getAttribute(l);
133     }
134     public void setPwd(String JavaDoc pwd) throws JspTagException {
135         this.pwd = getAttribute(pwd);
136     }
137
138     /**
139      * Synonym for setLogon. Don't mix.
140      */

141     public void setUsername(String JavaDoc l) throws JspTagException {
142         logonatt = getAttribute(l);
143     }
144
145     /**
146      * Synonym for setPwd. Don't mix.
147      */

148     public void setPassword(String JavaDoc pwd) throws JspTagException {
149         this.pwd = getAttribute(pwd);
150     }
151
152     public void setRank(String JavaDoc r) throws JspTagException {
153         rank = getAttribute(r);
154     }
155
156     /**
157      * Gives the configured rank as a Rank object
158      */

159
160     protected Rank getRank() throws JspTagException {
161         String JavaDoc s = rank.getString(this);
162         Rank r = Rank.getRank(s);
163         if (r == null) {
164             throw new JspTagException("Unknown rank '" + s + "'");
165         }
166         return r;
167     }
168
169     /**
170      * @since MMBase-1.7
171      */

172     public void setOnfail(String JavaDoc of) throws JspTagException {
173         onfail = getAttribute(of);
174     }
175
176     // javadoc inherited (from ParameterHandler)
177
public void addParameter(String JavaDoc key, Object JavaDoc value) {
178         if (cloud != null) {
179             cloud.setProperty(key, value);
180         }
181     }
182
183     /**
184      * If this cloud is 'anonymous' according to rank attribute.
185      * @since MMBase-1.7
186      */

187     private boolean rankAnonymous() throws JspTagException {
188         if (rank == Attribute.NULL) {
189             return true;
190         }
191         String JavaDoc rankString = rank.getString(this);
192         return rankString.equals("") || rankString.equals(Rank.ANONYMOUS.toString());
193     }
194
195     public void setJspvar(String JavaDoc jv) {
196         jspVar = jv;
197     }
198
199     public void setAuthenticate(String JavaDoc authenticate) throws JspTagException {
200         if (!"".equals(authenticate)) { // this makes it easier to ignore.
201
this.authenticate = getAttribute(authenticate);
202         } else {
203             this.authenticate = Attribute.NULL;
204         }
205     }
206
207     protected String JavaDoc getAuthenticate() throws JspTagException {
208         String JavaDoc a = authenticate.getString(this);
209         if (a.equals("")) {
210             return cloudContext.getAuthentication().getTypes(getMethod())[0];
211         }
212         return a;
213     }
214
215     public void setMethod(String JavaDoc mm) throws JspTagException {
216         method = getAttribute(mm);
217     }
218
219     protected int getMethod() throws JspTagException {
220         String JavaDoc m = method.getString(this);
221         int r = cloudContext.getAuthentication().getMethod(m);
222         if (log.isDebugEnabled()) {
223             log.debug("method '" + m + "' -> " + r);
224         }
225         return r;
226     }
227
228     /**
229      * @return The login-method, or METHOD_LOGINPAGE if loginpage was specified, or the default method of the authentication implemnetation if also that was not specified.
230      * @since MMBase-1.8
231      */

232     protected int getMethodOrDefault() throws JspTagException {
233         int m = getMethod();
234         if (m == AuthenticationData.METHOD_UNSET) {
235             if (! "".equals(loginpage.getString(this))) {
236                 return AuthenticationData.METHOD_LOGINPAGE;
237             } else if (logonatt != Attribute.NULL && pwd != Attribute.NULL) {
238                 return AuthenticationData.METHOD_SESSIONLOGON;
239             } else {
240                 return cloudContext.getAuthentication().getDefaultMethod(request.getProtocol());
241             }
242         } else {
243             return m;
244         }
245     }
246
247     public Cloud getCloudVar() {
248         return cloud;
249     }
250
251     public void setCloudVar(Cloud c) {
252         cloud = c;
253     }
254
255     public void setSessionname(String JavaDoc s) throws JspTagException {
256         if (!s.equals("")) {
257             sessionName = getAttribute(s);
258         }
259     }
260
261     public void setLoginpage(String JavaDoc loginpage) throws JspTagException {
262         this.loginpage = getAttribute(loginpage);
263     }
264
265     /**
266      * @return The cookie with the sessionname.
267      */

268
269     private Cookie searchCookie() throws JspTagException {
270         String JavaDoc cookie = REALM + getSessionName();
271         if (log.isDebugEnabled()) {
272             log.debug("Searching cookie " + cookie);
273         }
274         if (cookies != null) {
275             for (int i = 0; i < cookies.length; i++) {
276                 if (cookies[i].getName().equals(cookie) && (!"".equals(cookies[i].getValue()))) {
277                     return cookies[i];
278                 }
279             }
280         }
281         log.debug("Cookie not found");
282         return null;
283     }
284
285     /**
286      * Sets the 'realm' to r, and write it to the session, or if not possible in a cookie.
287      * Changing the realm makes it possible to 'logout' when using http-authentication.
288      * @return false on failure
289      */

290     private boolean setRealm(String JavaDoc r) throws JspTagException {
291         log.debug("setting realm in cookie");
292         Cookie c = searchCookie();
293         if (c == null) {
294             c = new Cookie(REALM + getSessionName(), r);
295         } else {
296             c.setValue(r);
297         }
298         String JavaDoc path = request.getContextPath();
299         if (path.equals("")) path = "/";
300         c.setPath(path);
301         c.setMaxAge((int) (60 * 60 * 24 * 365.25)); // one year
302

303         if (cookies.length == 0) {
304             cookies = new Cookie[1];
305         }
306         cookies[0] = c;
307         response.addCookie(c);
308
309         if (session != null) {
310             session.setAttribute(REALM + getSessionName(), r);
311             if (session.isNew()) {
312                 log.debug("New session!? That is very suspicious. Perhaps URL was not encoded, and cookies disabled, sending redirect to make sure the url is encoded.");
313                 String JavaDoc query = request.getQueryString();
314                 String JavaDoc thisPage = request.getRequestURI() + (query == null ? "" : "?" + query);
315                 try {
316                     String JavaDoc url = response.encodeRedirectURL(thisPage);
317                     log.debug("Redirecting to " + url);
318                     response.sendRedirect(url);
319                 } catch (IOException JavaDoc e) {
320                     throw new TaglibException(e);
321                 }
322             }
323
324             if (log.isDebugEnabled()) {
325                 log.debug("Setting realm " + r + " in session " + REALM + getSessionName());
326             }
327         }
328         return true;
329     }
330     /**
331      * Removing the realm will cause a new one to be created, and if
332      * you have a good browser, it will pop up a new 'login' screen (when using http-authentication).
333      */

334
335     private void removeRealm() throws JspTagException {
336         log.debug("Removing realm");
337         String JavaDoc currentRealm = getRealm();
338         if (currentRealm != null && ! currentRealm.startsWith(INITIAL_REALM_PREFIX)) { // just authenticated, so don't unauthenticate now
339
String JavaDoc cookie = REALM + getSessionName();
340             log.debug("removing cookie");
341             if (cookies != null) {
342                 for (int i = 0; i < cookies.length; i++) {
343                     String JavaDoc path = request.getContextPath();
344                     if (path.equals("")) path = "/";
345                     if (cookies[i].getName().equals(cookie)) {
346                         if (log.isDebugEnabled()) {
347                             log.debug("removing cookie with value " + cookies[i]);
348                         }
349                         cookies[i].setValue("");
350                         cookies[i].setMaxAge(0); // remove
351
cookies[i].setPath(path);
352                         response.addCookie(cookies[i]);
353                     }
354                 }
355             }
356             if (session != null) {
357                 log.debug("Removing from session too");
358                 session.removeAttribute(REALM + getSessionName());
359             }
360         }
361     }
362     /**
363      * Gets the current realm in use for http-authentication.
364      */

365     private String JavaDoc getRealm() throws JspTagException {
366         Cookie c = searchCookie();
367         if (c != null) {
368             if (log.isDebugEnabled()) {
369                 log.debug("found cookie on path = " + c.getPath() + " -> " + c.getValue());
370             }
371             return c.getValue();
372         }
373         if (session != null) {
374             String JavaDoc realm = (String JavaDoc) session.getAttribute(REALM + getSessionName());
375             if (log.isDebugEnabled()) {
376                 log.debug("Getting realm from session " + REALM + getSessionName() + " --> " + realm);
377             }
378             return realm;
379         }
380         return null;
381     }
382
383
384     private String JavaDoc getRealmName() {
385         String JavaDoc contextPath = request.getContextPath().replace('/', '_');
386         return "MMBase" + contextPath + "@" + request.getServerName();
387     }
388
389     /**
390      * Deny access to this page.
391      *
392      * @param A message to provide to the user if she does not accepts authorization (enters 'cancel')
393      *
394      * REMARK: Perhaps we should do some i18n on this message
395      *
396      * @return SKIP_BDDY;
397      */

398     private int denyHTTP(String JavaDoc message) throws JspTagException {
399         log.debug("sending deny");
400
401
402         if (response.isCommitted()) {
403             throw new JspTagException("Response is commited already, cannot send a deny");
404         }
405
406         response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
407
408         String JavaDoc realm = getRealm();
409
410         if (realm == null) {
411             realm = getRealmName();
412             if (!setRealm(INITIAL_REALM_PREFIX + realm)) {
413                 return SKIP_PAGE;
414             }
415         } else {
416
417         }
418
419         if (log.isDebugEnabled()) {
420             log.debug("Setting header WWW-Authenticate: " + realm);
421         }
422         response.setHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
423
424         //res.setHeader("Authorization", logon); would ne nice...
425
//keesj:look at the php3 tutorial for an example
426

427         // if cancel
428
// this cannot be done with an exception (which can be a redirect), because the page must
429
// flow ahead, to give the popup opportunity to pop up.
430
try {
431             ResourceBundle bundle = ResourceBundle.getBundle("org.mmbase.bridge.jsp.taglib.resources.messages", getLocale());
432             pageContext.getOut().print("<h1 class=\"mm_cloud\">" + bundle.getString("cloudtag.fail") + "</h1><p class=\"mm_cloud\">" + message + "</p>");
433         } catch (IOException JavaDoc ioe) {
434             throw new TaglibException(ioe);
435         }
436         setAnonymousCloud(); // there must also be _some_ cloud, to avoid exception on
437
evalBody(); // register var
438
return SKIP_BODY;
439     }
440
441     private boolean setAnonymousCloud() throws JspTagException {
442         return setAnonymousCloud(null);
443     }
444
445     /**
446      * Sets the cloud member variable to an anonymous cloud.
447      * @return logoutInfo A map containing information for actual logout.
448      * @return true on success (cloud is set), false on failure (cloud is set to null)
449      */

450
451     private boolean setAnonymousCloud(Parameters logoutInfo) throws JspTagException {
452         try {
453             // request/response information is not needed for mmbase-only implementation.
454
// but when using 'delegated' login-method, you might also want to delegate logout.
455
if (log.isDebugEnabled()) {
456                 log.debug("creating an anonymous cloud for cloud '" + getName() + "' (with " + logoutInfo + ")");
457             }
458             // removeCloud(); // should not remove existing cloud from session
459
if (logoutInfo != null) logoutInfo.checkRequiredParameters();
460             cloud = getDefaultCloudContext().getCloud(getName(), "anonymous", logoutInfo == null ? null : logoutInfo.toMap());
461             if (locale != null) {
462                 cloud.setLocale(locale);
463             }
464             return true;
465         } catch (java.lang.SecurityException JavaDoc e) {
466             // login failed for anymous ?! That's odd, provide null.
467
log.info("Could not create anonymous cloud because " + e.toString());
468             cloud = null;
469             return false;
470         } catch (NotFoundException nfe) {
471             try {
472                 if (!response.isCommitted()) {
473                     response.setHeader("Retry-After", "60");
474                     response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, nfe.getMessage());
475                 }
476                 return false;
477             } catch (IOException JavaDoc ioe) {
478                 throw new TaglibException(ioe);
479             }
480         } catch (Throwable JavaDoc t) {
481             throw new TaglibException("Could not create anonymous cloud because " + t.getClass().getName() + ": " + t.getMessage(), t);
482         }
483     }
484
485
486     public String JavaDoc getSessionName() throws JspTagException {
487         String JavaDoc sn = sessionName.getString(this);
488         if (sn.equals("")) {
489             return "cloud_" + getName();
490         } else {
491             return sn;
492         }
493     }
494
495     /**
496      * If the 'cloud' member is set, and everything is ok, then this function is called in doStartTag()
497      * @return EVAL_BODY or SKIP_BODY if cloud is null (which normally means that no anonymous is present)
498      */

499
500     private int evalBody() throws JspTagException {
501
502         if (getId() != null) { // writeclou to context.
503
getContextProvider().getContextContainer().register(getId(), cloud);
504         }
505
506         if (cloud == null) {
507             return SKIP_BODY;
508         }
509         cloud.setProperty("request", request);
510         cloud.setProperty(LocaleTag.TZ_KEY, getTimeZone());
511
512         if (jspVar != null) {
513             log.debug("Setting jspVar " + jspVar);
514             Object JavaDoc was = pageContext.getAttribute(jspVar);
515             if (was != null && ! was.equals(cloud)) {
516                 throw new JspTagException("Jsp-var '" + jspVar + "' already in pagecontext! (" + was + "), can't write " + cloud + " in it. This may be a backwards-compatibility issue. This may be a backwards-compatibility issue. Change jspvar name or switch on backwards-compatibility mode (in your web.xml)");
517             }
518             pageContext.setAttribute(jspVar, cloud);
519         }
520
521         if (locale != null) {
522             cloud.setLocale(locale);
523         }
524
525         // the surround context tag sometimes also want so server information from the cloud context.
526
getContextTag().setCloudContext(cloud.getCloudContext());
527
528         ContentTag tag = (ContentTag) findParentTag(ContentTag.class, null, false);
529         if (tag != null) {
530             UserContext user = cloud.getUser();
531             if (sessionCloud && ! user.getRank().equals(org.mmbase.security.Rank.ANONYMOUS)) {
532                 tag.setUser(cloud.getUser());
533             }
534         }
535
536         return EVAL_BODY;
537     }
538
539     /**
540      * Checks if this is a 'reuse' of the cloud tag (using the referid
541      * attribute), and sets the cloud member variable if this is the
542      * cases
543      *
544      * @return true if this is a reuse (the caller returns eval-body) and false otherwise (the caller continues).
545      */

546
547     private final boolean checkReuse() throws JspTagException {
548         if (getReferid() != null) {
549             int method = getMethod();
550             if ((method != AuthenticationData.METHOD_UNSET &&
551                  method != AuthenticationData.METHOD_PAGELOGON &&
552                  method != AuthenticationData.METHOD_SESSIONLOGON) ||
553                 logonatt != Attribute.NULL) { // probably add some more
554
throw new JspTagException("The 'referid' attribute of cloud cannot be used together with 'method' or 'logon' attributes");
555             }
556             log.debug("found cloud with referid");
557             cloud = (Cloud) getContextProvider().getContextContainer().getObject(getReferid());
558             if (method == AuthenticationData.METHOD_SESSIONLOGON) {
559                 session = request.getSession(true);
560                 if (session == null) {
561                     throw new JspTagException("No session, cannot store cloud in session");
562                 }
563                 String JavaDoc sn = getSessionName();
564                 cloud.setProperty(Cloud.PROP_SESSIONNAME, sn);
565                 session.setAttribute(sn, cloud);
566             }
567             return true;
568         }
569         return false;
570     }
571
572     /**
573      * Checks if an anonymous cloud is requested. If so, set the cloud variable accordingly.
574      * @return true if cloud must be anonymous (the caller returns eval-body) and false otherwise (the caller continues).
575      */

576
577     private final boolean checkAnonymous() throws JspTagException {
578         try {
579             int m = getMethod();
580             if ((m == AuthenticationData.METHOD_UNSET && logon == null && rankAnonymous() && loginpage == Attribute.NULL) || m == AuthenticationData.METHOD_ANONYMOUS) { // anonymous cloud:
581
log.debug("Implicitely requested anonymous cloud. Not using session");
582                 setAnonymousCloud();
583                 return true;
584             } else {
585                 return false;
586             }
587         } catch (NotFoundException nfe) {
588             try {
589                 if (!response.isCommitted()) {
590                     response.setHeader("Retry-After", "60");
591                     response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, nfe.getMessage());
592                 }
593                 return true;
594             } catch (IOException JavaDoc ioe) {
595                 throw new TaglibException(ioe);
596             }
597         }
598     }
599
600     /**
601      * Checks if the cloud of the session is requested to be 'logged out'.
602      */

603     private final boolean checkLogoutLoginPage() throws JspTagException {
604         if (loginpage != Attribute.NULL && LOGINPAGE_COMMAND_LOGOUT.equals(request.getParameter(LOGINPAGE_COMMAND_PARAMETER))) {
605             log.debug("request to log out, remove session atributes, give anonymous cloud.");
606             if (cloud != null) {
607                 removeRealm();
608                 if (session != null) {
609                     log.debug("ok. session is not null");
610                     session.removeAttribute(getSessionName()); // remove cloud itself
611
}
612             }
613             setAnonymousCloud();
614             return true;
615         }
616         return false;
617     }
618
619     /**
620      * Checks if the cloud of the session if requested to be 'logged out'.
621      */

622     private final boolean checkLogoutMethod() throws JspTagException {
623         if (getMethod() == AuthenticationData.METHOD_LOGOUT) {
624             log.debug("Requested logout");
625             removeRealm();
626             if (cloud != null) { // if cloud already null, don't do it, otherwise login method="http" on same page doesnt work
627

628                 if (session != null) {
629                     log.debug("ok. session is not null");
630                     session.removeAttribute(getSessionName()); // remove cloud itself
631
}
632             } else {
633                 log.debug("No cloud, so no need to log out");
634             }
635             // add some information for actual logout
636
// Logout is loging in with 'anonymous' with some extra info.
637
Parameters logoutInfo = cloudContext.getAuthentication().createParameters("anonymous");
638             fillStandardParameters(logoutInfo);
639             if (cloud != null) {
640                 String JavaDoc authenticate = cloud.getUser().getAuthenticationType();
641                 logoutInfo.setIfDefined(AuthenticationData.PARAMETER_AUTHENTICATE, authenticate);
642             }
643             logoutInfo.setIfDefined(AuthenticationData.PARAMETER_LOGOUT, Boolean.TRUE);
644             setAnonymousCloud(logoutInfo);
645             return true;
646         } else {
647             return false;
648         }
649     }
650
651     /**
652      * Creates the getAumember variables session and cookies variables member
653      */

654     private final void setupSession() throws JspTagException {
655         cookies = request.getCookies();
656         if (cookies == null) {
657             cookies = new Cookie[0];
658         }
659         if (log.isDebugEnabled()) {
660             log.debug("getting (thus creating) session now: " + session);
661         }
662         session = request.getSession(false);
663         if (session != null) { // some people like to disable their session
664
String JavaDoc sessionName = getSessionName();
665             Object JavaDoc c = session.getAttribute(sessionName);
666             if (c != null && ! (c instanceof Cloud)) {
667                 throw new TaglibException("The session variable '" + sessionName + "' is not of type Cloud (but it is a '" + c.getClass().getName() + "'), and perhaps is used for another goal. This error could be avoided by use of the 'sessionname' attribute of the cloud-tag.");
668             }
669             cloud = (Cloud) c;
670             if (cloud != null) {
671                 if (cloud.getUser().isValid()) {
672                     if (log.isDebugEnabled()) {
673                         log.debug("Created/found a session. Cloud '" + sessionName + "' in it is of: " + cloud.getUser());
674                     }
675
676                 } else {
677                     if (log.isDebugEnabled()) {
678                         log.debug("Found invalid cloud in session variable '" + sessionName + "' of '" + cloud.getUser() + "'. Discarding.");
679                     }
680                     cloud = null;
681                 }
682             } else {
683                 log.debug("No cloud found in session variable '" + sessionName + "'");
684             }
685
686         } else {
687             log.debug("Not succeeded creating a session");
688         }
689
690     }
691
692     /**
693      * Checks if there is a NEW locale set and sets the 'locale' member variable accordingly.
694      * The 'locale' member variable will later be assigned to the cloud.
695      */

696     private final void checkLocale() throws JspTagException {
697         Locale l = getLocaleFromContext();
698         // only set the locale when found.
699
if (l != null) {
700             locale = l;
701         }
702     }
703
704
705     /**
706      * Checks wether the cloud is requested 'as is', meaning that is must be tried to get it from the session.
707      *
708      */

709
710     private final boolean checkAsis() throws JspTagException {
711         if (getMethod() == AuthenticationData.METHOD_ASIS) {
712             session = request.getSession(false);
713             if (session != null) {
714                 cloud = (Cloud) session.getAttribute(getSessionName());
715             }
716             if (cloud == null) {
717                 setAnonymousCloud();
718             }
719             if (cloud != null) {
720                 checkValid();
721             }
722             checkCloud();
723             return true;
724         }
725         return false;
726
727     }
728
729     /**
730
731      */

732
733     private final void checkValid() {
734         if (!cloud.getUser().isValid()) {
735             log.debug("found a cloud in the session, but is was expired, throwing it away");
736             cloud = null;
737         }
738     }
739
740     /**
741      * @since MMBase-1.7
742      */

743     private final void removeCloud() throws JspTagException {
744         cloud = null;
745         if (session != null) {
746             session.removeAttribute(getSessionName());
747         }
748     }
749
750     /**
751      * Checks if the current cloud satisfies the other conditions set
752      * on it (method=anonymous, logon, rank attribute). If not the
753      * cloud member variable is made null.
754      */

755     private final void checkCloud() throws JspTagException {
756
757         if (cloud == null) {
758             log.debug("Cloud is null, cannot check it");
759             removeCloud();
760             return;
761         }
762         // we have a cloud, check if it is a desired one
763
// otherwise make it null.
764
if (log.isDebugEnabled()) {
765             log.debug("found cloud m: " + method + " l: " + logon + ". Checking it.");
766         }
767         if (cloud.getUser() == null) {
768             log.debug("found a cloud in the session, but is has no user, throwing it away");
769             removeCloud();
770             return;
771         }
772
773
774         if (!cloud.getUser().isValid()) {
775             // Makes the cloud variable null (may not be null already) if it
776
// is 'expired'. This means normally that the security
777
// configuration has been changed, or MMBase restarted or
778
// something like that. This means that the cloud (probably gotten
779
// from the session), cannot be used anymore.
780
log.debug("found a cloud in the session, but is was expired, throwing it away");
781             removeCloud();
782             return;
783         }
784
785         int meth = getMethod();
786         if (logon == null && rank == Attribute.NULL && meth != AuthenticationData.METHOD_UNSET && meth != AuthenticationData.METHOD_ASIS) {
787             // authorisation was requested, but not indicated for whom
788
if (log.isDebugEnabled()) {
789                 log.debug("Implicitily requested non-anonymous (by method) cloud. Current user: " + cloud.getUser().getIdentifier());
790             }
791             if (cloud.getUser().getRank().equals(Rank.ANONYMOUS)) { // so it simply may not be anonymous
792
log.debug("there was a cloud, but anonymous. log it on");
793                 removeCloud();
794                 return;
795             }
796
797         } else if (logon != null && cloud != null) {
798             if (log.isDebugEnabled()) {
799                 log.debug("Explicitily requested non-anonymous cloud (by logon = '" + logon + "'). Current user: " + cloud.getUser().getIdentifier());
800             }
801             // a logon name was given, check if logged on as the right one
802
if (!logon.contains(cloud.getUser().getIdentifier())) { // no!
803
log.debug("logged on, but as wrong user. log out first.");
804                 removeCloud();
805                 return;
806             } else {
807                 log.debug("Cloud is ok already");
808             }
809         }
810         if (!rankAnonymous()) {
811             if (log.isDebugEnabled()) {
812                 log.debug("Explicitily requested non-anonymous cloud (by rank). Current user: " + cloud.getUser());
813             }
814             Rank curRank = cloud.getUser().getRank();
815             if (curRank.getInt() < getRank().getInt()) {
816                 if (log.isDebugEnabled()) {
817                     log.debug("logged on, but rank of user (" + curRank.toString() + ") is too low (must be " + getRank().toString() + "). log out first.");
818                 }
819                 removeCloud();
820                 return;
821             } else {
822                 log.debug("Cloud is ok already");
823             }
824
825         }
826         if (meth != AuthenticationData.METHOD_UNSET &&
827             meth != AuthenticationData.METHOD_ASIS &&
828             cloud != null &&
829             authenticate != Attribute.NULL &&
830             (!cloud.getUser().getAuthenticationType().equals(getAuthenticate()))) {
831             log.debug("Cloud was logged on with different authentication type ('" + cloud.getUser().getAuthenticationType()
832                       + "' in stead of the requested '" + getAuthenticate() + "'. Should do procedure again.");
833             removeCloud();
834             return;
835         } else {
836             log.debug("Cloud was logged with same authentication type -> ok");
837         }
838
839     }
840
841     /**
842      * Sets logon and password using http-authentication in the Map argument.
843      * @param uses A Map which will be passed to the security system.
844      * @return SKIP_BODY if a deny was sent, the caller must not
845      * continue then. EVAL_BODY otherwise (can be ignored).
846      */

847
848     private final int doHTTPAuthentication(Parameters user) throws JspTagException {
849         log.debug("with http");
850         ResourceBundle bundle = ResourceBundle.getBundle("org.mmbase.bridge.jsp.taglib.resources.messages", getLocale());
851
852         String JavaDoc realm = getRealm();
853         if (realm == null ) {
854             log.debug("no realm found, need to log on again");
855             return denyHTTP("<h2 class=\"mm_cloud\">" + bundle.getString("cloudtag.again") + "</h2><p class=\"mm_cloud\">" + bundle.getString("cloudtag.logout") + "</p>");
856         }
857         if (realm.startsWith(INITIAL_REALM_PREFIX)) {
858             realm = realm.substring(INITIAL_REALM_PREFIX.length());
859             if (! setRealm(realm)) {
860                 return SKIP_PAGE;
861             }
862         }
863         String JavaDoc mime_line = request.getHeader("Authorization");
864         if (log.isDebugEnabled()) {
865             log.debug("authent: " + request.getHeader("WWW-Authenticate") + " realm: " + realm + " authorization " + mime_line);
866         }
867         // find logon, password with http authentication
868
String JavaDoc userName = null;
869         String JavaDoc password = null;
870         try {
871             if (mime_line != null) {
872                 String JavaDoc user_password = org.mmbase.util.Encode.decode("BASE64", mime_line.substring(6));
873                 StringTokenizer t = new StringTokenizer(user_password, ":");
874                 if (t.countTokens() == 2) {
875                     userName = t.nextToken();
876                     password = t.nextToken();
877                 }
878             }
879         } catch (Exception JavaDoc e) {
880             log.error(e);
881         }
882         // Authenticate user
883
if (log.isDebugEnabled()) {
884             log.debug("u " + userName + " p " + password);
885         }
886
887         if (logon != null) { // if there was a username specified as well, it must be the same
888
log.debug("http with username");
889             if (!logon.contains(userName)) {
890                 log.debug("username not correct");
891                 return denyHTTP("<h2 class=\"mm_cloud\">" + bundle.getString("cloudtag.wronguser") + "</h2><p class\"mm_cloud\">" + bundle.getString("cloudtag.mustbe") + logon + "</p>");
892             } else {
893                 logon = new ArrayList();
894                 logon.add(userName);
895             }
896         } else { // logon == null
897
log.debug("http without username");
898             if (userName == null) { // there must be at least known a username...
899
log.debug("no username known");
900                 return denyHTTP("<h2 class=\"mm_cloud\">" + bundle.getString("cloudtag.nouser") + "</h2>");
901             }
902             /*
903               logon = new ArrayList();
904               logon.add(userName); why is this..
905             */

906         }
907         user.set(AuthenticationData.PARAMETER_USERNAME, userName);
908         user.set(AuthenticationData.PARAMETER_PASSWORD, password);
909         return EVAL_BODY;
910
911     }
912
913
914
915
916     /**
917      * Sets logon-variables using the login page (with the loginpage attribute) in the Map argument.
918      * @param uses A Map which will be passed to the security system,.
919      * @return SKIP_BODY if a redirect was given (to the login page),
920      * the caller must not continue then. EVAL_BODY otherwise
921      * (can be ignored).
922      */

923
924     private int doLoginPage(Parameters user) throws JspTagException {
925         log.debug("login page required to acces this cloud data!");
926
927         // look if we need to login(param command='login') with methods and with the params...
928
// otherwise redirect!
929
if (LOGINPAGE_COMMAND_LOGIN.equals(request.getParameter(LOGINPAGE_COMMAND_PARAMETER))) {
930
931             if (log.isDebugEnabled()) {
932                 log.debug("Request to login with loginpage, trying to perform an login");
933             }
934             // now pass all the attributes to the cloud-login method of the cloudcontext!
935
String JavaDoc authenticatePassed = request.getParameter(LOGINPAGE_AUTHENTICATE_PARAMETER);
936             if (authenticatePassed != null) {
937                 setAuthenticate(authenticatePassed); // THIS SEEMS DANGEROUS
938
}
939             String JavaDoc cloudNamePassed = request.getParameter(LOGINPAGE_CLOUD_PARAMETER);
940             if (cloudNamePassed != null) {
941                 setName(cloudNamePassed); // THIS SEEM DANGEROUS
942
}
943             user.setAutoCasting(true);
944             Enumeration enumeration = request.getParameterNames();
945             while (enumeration.hasMoreElements()) {
946                 String JavaDoc key = (String JavaDoc) enumeration.nextElement();
947                 String JavaDoc value = (String JavaDoc) org.mmbase.bridge.jsp.taglib.util.ContextContainer.fixEncoding(request.getParameter(key), pageContext);
948                 if (log.isDebugEnabled()) {
949                     log.debug("security info --> key:" + key + " value:" + value);
950                 }
951                 user.setIfDefined(key, value);
952             }
953             fillStandardParameters(user);
954             return EVAL_BODY;
955         } else {
956             // no command give, send redirect to specified login page
957
return denyLoginPage(LOGINPAGE_DENYREASON_NEED, "");
958         }
959     }
960
961     /**
962      * Denies access to this page and sends are redirect to the login-page (given by login page attribute).
963      * @param reason The reason for deny, can be LOGINPAGE_DENYREASON_NEED or LOGINPAGE_DENYREASON_FAIL.
964      * @param excactReason A further specification of the reason (any String)
965      * @return SKIP_BODY
966      */

967     private int denyLoginPage(String JavaDoc reason, String JavaDoc exactReason) throws JspTagException {
968         log.debug("Denying to login-page");
969         try {
970
971             // find this page relative to login-page
972
String JavaDoc referrerPage = null;
973
974             String JavaDoc requestURI = request.getRequestURI();
975             if (requestURI.endsWith("/")) {
976                 referrerPage = ".";
977             } else {
978                 referrerPage = new File JavaDoc(requestURI).getName();
979             }
980
981
982             /*
983             if (1 == 0) {
984                 // XXXXX hmm, should test this in freeze
985                 // making relative urls'.
986
987                 String toDir = new File(toFile).getParent();
988                 if (toDir == null) {
989                     toDir = ".";
990                 }
991                 File servletPath = new File(request.getServletPath());
992
993                 String thisDir = servletPath.getParent();
994                 if (thisDir == null) {
995                     thisDir = ".";
996                 }
997
998                 String thisFile = servletPath.getName();
999
1000                if (toDir.startsWith("/")) {
1001                    referrerPage = org.mmbase.util.UriParser.makeRelative(toDir, thisDir) + "/" + thisFile;
1002                } else {
1003                    referrerPage = org.mmbase.util.UriParser.makeRelative(thisDir + "/" + toDir, toDir) + "/" + thisFile;
1004                }
1005            }
1006            */

1007
1008
1009
1010            String JavaDoc toFile = loginpage.getString(this);
1011
1012            String JavaDoc referrer = null;
1013
1014            // if a 'referrer' is explicitely mentioned in the 'loginpage' attribute (e.g. on a 'dologin' page), we try to honour it.
1015
int existingQueryPosition = toFile.indexOf('?');
1016            if (existingQueryPosition > 0) {
1017                String JavaDoc existingQuery = toFile.substring(existingQueryPosition + 1);
1018                log.debug("Found existing query " + existingQuery);
1019                String JavaDoc[] parameters = existingQuery.split("&");
1020                for (int i = 0; i < parameters.length; i++) {
1021                    if (parameters[i].startsWith("referrer=")) {
1022                        referrer = org.mmbase.util.Encode.decode("escape_url", parameters[i].substring(9));
1023                        if (referrer.startsWith("?")) referrer = "." + referrer; // tomcat 5, referrerPage can be "", which is inconvenient, because using it as action for login.jsp whill be empty string, will post to login.jsp again
1024
log.debug("Found existing referrer " + referrer);
1025                        break;
1026                    }
1027                }
1028            }
1029            if (referrer == null) {
1030                if (request.getQueryString() != null) {
1031                    referrer = referrerPage + "?" + request.getQueryString();
1032                } else {
1033                    referrer = referrerPage;
1034                }
1035            }
1036            log.debug("Using " + referrer);
1037            if (! response.isCommitted()) {
1038                //reference = org.mmbase.util.Encode.encode("ESCAPE_URL_PARAM", reference);
1039
RequestDispatcher JavaDoc rd = request.getRequestDispatcher(toFile);
1040                request.setAttribute("referrerpage", referrerPage);
1041                request.setAttribute("referrer", referrer);
1042                request.setAttribute("reason", reason);
1043                request.setAttribute("exactreason", exactReason);
1044                request.setAttribute("usernames", logon);
1045                rd.forward(request, response);
1046            }
1047            return SKIP_BODY;
1048        } catch (javax.servlet.ServletException JavaDoc ioe) {
1049            throw new TaglibException("error sending redirect", ioe);
1050        } catch (java.io.IOException JavaDoc ioe) {
1051            throw new TaglibException("error sending redirect", ioe);
1052        }
1053    }
1054
1055    private final int deny(int reason, String JavaDoc exactReason) throws JspTagException {
1056        int meth = getMethodOrDefault();
1057        // did not succeed, so problably the password was wrong.
1058
switch(meth){
1059        case AuthenticationData.METHOD_HTTP: // give a deny, people can retry the password then.
1060
ResourceBundle bundle = ResourceBundle.getBundle("org.mmbase.bridge.jsp.taglib.resources.messages", getLocale());
1061            switch (reason) {
1062            case DENYREASON_RANKTOOLOW :
1063                return denyHTTP("<h2 class=\"mm_cloud\">" + bundle.getString("cloudtag.ranktoolow") + " (" + bundle.getString("cloudtag.mustbeatleast") + getRank().toString() + ")</h2>");
1064            case DENYREASON_FAIL :
1065            default :
1066                return denyHTTP("<h2 class=\"mm_cloud\">" + bundle.getString("cloudtag.authentication") + "</h2>");
1067            }
1068        case AuthenticationData.METHOD_LOGINPAGE:
1069            switch (reason) {
1070            case DENYREASON_RANKTOOLOW :
1071                return denyLoginPage(LOGINPAGE_DENYREASON_RANKTOOLOW, exactReason);
1072            case DENYREASON_FAIL :
1073            default :
1074                return denyLoginPage(LOGINPAGE_DENYREASON_FAIL, exactReason);
1075            }
1076        case AuthenticationData.METHOD_DELEGATE:
1077        case AuthenticationData.METHOD_SESSIONDELEGATE:
1078            switch (reason) {
1079            case DENYREASON_RANKTOOLOW :
1080                // throw new JspTagException("Rank too low");
1081
case DENYREASON_FAIL :
1082            default :
1083                return SKIP_BODY;
1084            }
1085        default:
1086            // strange, no method given, password wrong (or missing), that's really wrong.
1087
switch (reason) {
1088            case DENYREASON_FAIL : {
1089                if ("name/password".equals(getAuthenticate())) {
1090                    throw new JspTagException("Logon of with "
1091                                              + (logon != null && logon.size() > 0 ? "'" + logon.get(0) + "'" : "''")
1092                                              + " failed."
1093                                              + (pwd == Attribute.NULL ? " (no password given)" : " (wrong password)"));
1094                } else {
1095                    throw new JspTagException("Authentication ('" + getAuthenticate() + "') failed");
1096                }
1097            }
1098            case DENYREASON_RANKTOOLOW : {
1099                throw new JspTagException("Rank too low");
1100            }
1101            default :
1102                throw new JspTagException("Denied for unknown reason");
1103            }
1104        }
1105    }
1106
1107    /**
1108     * Performs logging in the bridge and sets the cloud variable, using the provided Map argument.
1109     *
1110     * @return SKIP_BODY on fail and EVAL_BODY otherwise.
1111     *
1112     */

1113    private final int doLogin(Parameters user) throws JspTagException {
1114        log.debug("Username found. logging in");
1115        try {
1116            user.checkRequiredParameters();
1117            cloud = getDefaultCloudContext().getCloud(getName(), getAuthenticate(), user == null ? null : user.toMap());
1118            log.debug("Logged in " );
1119            if (!cloud.getUser().isValid()) {
1120                log.warn("Just acquired user " + cloud.getUser().getIdentifier() + " is not valid!");
1121                return deny(DENYREASON_FAIL, "Just acquired user " + cloud.getUser().getIdentifier() + " is not valid!");
1122            }
1123            // ok, logging on work, now check rank if necessary
1124
if (rank != Attribute.NULL) {
1125                log.debug("Checking for rank");
1126                Rank curRank = cloud.getUser().getRank();
1127                if (curRank == null) {
1128                    throw new RuntimeException JavaDoc ("The user " + cloud.getUser() + " had rank 'null'");
1129                }
1130                Rank r = getRank();
1131                if (curRank.getInt() < r.getInt()) {
1132                    if (log.isDebugEnabled()) {
1133                        log.debug("logged on, but rank of user is too low (" + cloud.getUser().getRank() + ". log out first.");
1134                    }
1135                    cloud = null;
1136                    if (session != null) {
1137                        session.removeAttribute(getSessionName());
1138                    }
1139                    log.debug("rank too low");
1140                    return deny(DENYREASON_RANKTOOLOW, "" + curRank + " < " + r);
1141                }
1142            }
1143            return EVAL_BODY;
1144        } catch (java.lang.SecurityException JavaDoc e) {
1145            if (log.isDebugEnabled()) {
1146                log.debug("Failed to log in with " + user + " because " + e.toString());
1147            }
1148            return deny(DENYREASON_FAIL, e.getMessage());
1149        }
1150    }
1151
1152    /**
1153     * Makes a logged-in cloud.
1154     * @return SKIP_BODY if failed to do so. EVAL_BODY otherwise.
1155     */

1156
1157    private final int makeCloud() throws JspTagException {
1158        Parameters user = null;
1159        int meth = getMethodOrDefault();
1160        if (log.isDebugEnabled()) {
1161            log.debug("Creating the cloud with method " + meth);
1162        }
1163
1164        // check how to log on:
1165
switch(meth) {
1166
1167        case AuthenticationData.METHOD_SESSIONDELEGATE:
1168        case AuthenticationData.METHOD_DELEGATE:
1169            if (log.isDebugEnabled()) {
1170                log.debug("delegate for " + getAuthenticate());
1171            }
1172            user = cloudContext.getAuthentication().createParameters(getAuthenticate());
1173            if (logon != null) {
1174                user.setIfDefined(AuthenticationData.PARAMETER_USERNAMES, logon);
1175            }
1176            if (rank != Attribute.NULL) {
1177                user.setIfDefined(AuthenticationData.PARAMETER_RANK, getRank());
1178            }
1179            sessionCloud = meth == AuthenticationData.METHOD_SESSIONDELEGATE;
1180            break;
1181        case AuthenticationData.METHOD_HTTP:
1182            log.debug("http");
1183            user = cloudContext.getAuthentication().createParameters(getAuthenticate());
1184            sessionCloud = true;
1185            if (doHTTPAuthentication(user) == SKIP_BODY) {
1186                return SKIP_BODY;
1187            }
1188            break;
1189        case AuthenticationData.METHOD_LOGINPAGE:
1190            log.debug("loginpage for " + getAuthenticate());
1191            user = cloudContext.getAuthentication().createParameters(getAuthenticate());
1192            sessionCloud = true;
1193            if (doLoginPage(user) == SKIP_BODY) {
1194                return SKIP_BODY;
1195            }
1196            break;
1197        default:
1198            log.debug("default");
1199            if (logon != null && pwd != Attribute.NULL) {
1200                user = cloudContext.getAuthentication().createParameters(getAuthenticate());
1201                user.set(AuthenticationData.PARAMETER_USERNAME, logon.get(0));
1202                user.set(AuthenticationData.PARAMETER_PASSWORD, pwd.getString(this));
1203                if (meth == AuthenticationData.METHOD_PAGELOGON) {
1204                    sessionCloud = false;
1205                } else {
1206                    if (meth != AuthenticationData.METHOD_SESSIONLOGON) {
1207                        log.warn("Using logon/pwd (or username/password) attributes on page '" + request.getRequestURI() + "' without specifying method='[pagelogon|sessionlogon]', defaulting to 'sessionlogon'. Be aware that users of this page now are authenticated in their session!");
1208                    }
1209                    sessionCloud = true;
1210                }
1211            } else {
1212                sessionCloud = false;
1213            }
1214        }
1215
1216        // do the MMCI cloud logging on
1217
if (user != null) {
1218            fillStandardParameters(user);
1219            if (doLogin(user) == SKIP_BODY) {
1220                return SKIP_BODY;
1221            }
1222        } else {
1223            log.debug("no login given, creating anonymous cloud");
1224            // no logon, create an anonymous cloud.
1225
setAnonymousCloud();
1226        }
1227        checkCloud(); // perhaps the just created cloud does not satifisfy other conditions? (rank)
1228
if (cloud == null) { // stil null, give it up then...
1229
/*
1230            user = new HashMap();
1231            if (doHTTPAuthentication(user) == SKIP_BODY) {
1232                return SKIP_BODY;
1233            }
1234            */

1235
1236            log.debug("Could not create Cloud.");
1237            // throw new JspTagException("Could not create cloud (even not anonymous)");
1238
return SKIP_BODY;
1239        } else {
1240            if (sessionCloud) {
1241                if (session == null) session = request.getSession(true);
1242                if (session != null) {
1243                    String JavaDoc sn = getSessionName();
1244                    cloud.setProperty(Cloud.PROP_SESSIONNAME, sn);
1245                    log.debug("Setting cloud in session variable '" + sn + "'");
1246                    session.setAttribute(sn, cloud);
1247                }
1248            } else {
1249                log.debug("Not storing cloud because session: " + (session != null) + " put cloud " + sessionCloud);
1250            }
1251        }
1252        return EVAL_BODY;
1253    }
1254
1255    /**
1256     * request and response can be determined once a page..
1257     */

1258
1259    public void setPageContext(PageContext pc) {
1260        super.setPageContext(pc);
1261        request = (HttpServletRequest) pageContext.getRequest();
1262        response = (HttpServletResponse) pageContext.getResponse();
1263        if (log.isDebugEnabled()) {
1264            log.debug("Got a " + response.getClass().getName() + " (commited: " + response.isCommitted() + ")");
1265        }
1266    }
1267
1268
1269    /**
1270     * Sets the cloud variable considering all requirements. SKIP_BODY if this can not be done.
1271     *
1272     */

1273    public int doStartTag() throws JspTagException {
1274        //log.info("" + Collections.list(pageContext.setAttributeNamesInScope(PageContext.PAGE_SCOPE)));
1275
checkLocale();
1276
1277        {
1278            String JavaDoc s = logonatt.getString(this);
1279            logon = s.equals("") ? null : StringSplitter.split(s);
1280        }
1281
1282        getDefaultCloudContext();
1283        if (checkReuse()) { // referid
1284
return evalBody();
1285        }
1286        if (checkAnonymous()) { // check if requested, and create
1287
if (cloud == null) { // could not be created!
1288
// what can we do now?
1289
return SKIP_BODY;
1290            } else {
1291                // yes, found
1292
log.debug("Implicitely requested anonymous cloud. Will not use session");
1293                return evalBody();
1294            }
1295        }
1296        if (checkAsis()) { // checks if request 'asis'
1297
if (cloud == null) { // could not even make anonymous
1298
return SKIP_BODY;
1299            } else {
1300                return evalBody();
1301            }
1302        }
1303        setupSession(); // might need session now
1304
if (log.isDebugEnabled()) {
1305            log.debug("startTag " + cloud);
1306        }
1307        if (checkLogoutLoginPage()) {
1308            // TODO: find a better page to redirect to!
1309
try {
1310                String JavaDoc url = request.getRequestURI();
1311                response.sendRedirect(url);
1312            } catch (java.io.IOException JavaDoc ioe) {
1313                throw new TaglibException(ioe);
1314            }
1315            return SKIP_BODY;
1316        }
1317        if (checkLogoutMethod()) {
1318            return evalBody();
1319        }
1320
1321        if (cloud != null) {
1322            checkCloud();
1323        }
1324        if (cloud == null) {
1325            if (makeCloud() == SKIP_BODY) { // we did't have a cloud, or it was not a good one:
1326
return SKIP_BODY;
1327            }
1328        }
1329        //pwd = Attribute.NULL; // could not be right. Using cloud-tag twice in same page might not work then
1330

1331        return evalBody();
1332    }
1333
1334    public int doEndTag() throws JspTagException {
1335        return super.doEndTag();
1336    }
1337
1338    public void doFinally() {
1339        // can be cleaned for gc:
1340
super.doFinally();
1341        cookies = null;
1342        cloudContext = null;
1343        cloud = null;
1344        logon = null;
1345        session = null;
1346        request = null;
1347        response = null;
1348    }
1349
1350    // if EVAL_BODY == EVAL_BODY_BUFFERED
1351
public int doAfterBody() throws JspTagException {
1352
1353        if (EVAL_BODY == EVAL_BODY_BUFFERED) {
1354            try {
1355                if (bodyContent != null) {
1356                    bodyContent.writeOut(bodyContent.getEnclosingWriter());
1357                }
1358            } catch (IOException JavaDoc ioe) {
1359                throw new TaglibException(ioe);
1360            }
1361        }
1362        return SKIP_BODY;
1363    }
1364
1365}
1366
Popular Tags