KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > openlaszlo > auth > HTTPAuthentication


1 /* *****************************************************************************
2  * HTTPAuthentication.java
3 * ****************************************************************************/
4
5 /* J_LZ_COPYRIGHT_BEGIN *******************************************************
6 * Copyright 2001-2004 Laszlo Systems, Inc. All Rights Reserved. *
7 * Use is subject to license terms. *
8 * J_LZ_COPYRIGHT_END *********************************************************/
9
10 package org.openlaszlo.auth;
11
12 import org.openlaszlo.data.*;
13 import org.openlaszlo.server.*;
14 import org.openlaszlo.servlets.*;
15 import org.openlaszlo.utils.*;
16 import java.io.*;
17 import java.net.*;
18 import java.security.*;
19 import java.util.*;
20 import javax.servlet.http.*;
21 import org.apache.commons.httpclient.*;
22 import org.apache.commons.httpclient.methods.*;
23 import org.apache.log4j.*;
24 import org.jdom.*;
25 import org.jdom.input.*;
26
27
28 /**
29  * HTTP implementation of Authentication.
30  *
31  * This class implements the Authentication interface
32  * methods. Every public member is an implementation of
33  * the Authentication interface.
34  **/
35 public class HTTPAuthentication implements Authentication
36 {
37     /** Default URL */
38     private String JavaDoc mDefaultURL = null;
39
40     /** Builder to create documents with */
41     private SAXBuilder mBuilder = new SAXBuilder();
42
43     /** HTTPAuthentication logger */
44     protected static Logger mLogger = Logger.getLogger(HTTPAuthentication.class);
45
46     public void init(Properties prop)
47     {
48         mDefaultURL = prop.getProperty("httpauthentication.url");
49         mLogger.debug("default url: " + mDefaultURL);
50     }
51
52
53     /**
54      * ?rt=login&usr=username&pwd=password
55      *
56      * [successful login]
57      * <authentication>
58      * <response type="login">
59      * <status code="0" msg="ok"/>
60      * <username>username</username>
61      * </response>
62      * </authentication>
63      *
64      * [login failure]
65      * <authentication>
66      * <response type="login">
67      * <status code="3" msg="invalid"/>
68      * </response>
69      * </authentication>
70      */
71     public int login(HttpServletRequest req, HttpServletResponse res,
72                      HashMap param, StringBuffer JavaDoc xmlResponse)
73         throws AuthenticationException {
74
75         mLogger.debug("login(req,res,param,xmlResponse)");
76         int code=1;
77         String JavaDoc usr = req.getParameter("usr");
78         String JavaDoc pwd = req.getParameter("pwd");
79         String JavaDoc query = "rt=login&usr=" + usr + "&pwd=" + pwd;
80         callAuthenticationServer(req, res, param, query, xmlResponse);
81         if (xmlResponse.toString().indexOf("code=\"0\"") != -1)
82             code = 0;
83         return code;
84     }
85
86
87     /**
88      * ?rt=logout
89      *
90      * [logout w/valid session]
91      * <authentication>
92      * <response type="logout">
93      * <status code="0" msg="ok"/>
94      * </response>
95      * </authentication>
96      *
97      * [logout w/invalid session]
98      * <authentication>
99      * <response type="logout">
100      * <status code="4" msg="invalid session"/>
101      * </response>
102      * </authentication>
103      */
104     public int logout(HttpServletRequest req, HttpServletResponse res,
105                       HashMap param, StringBuffer JavaDoc xmlResponse)
106         throws AuthenticationException {
107
108         mLogger.debug("logout(req,res,param,xmlResponse)");
109         int code = 1;
110         String JavaDoc query = "rt=logout";
111         callAuthenticationServer(req, res, param, query, xmlResponse);
112         if (xmlResponse.toString().indexOf("code=\"0\"") != -1)
113             code = 0;
114         return code;
115     }
116
117
118     /**
119      * ?rt=getusername
120      *
121      * [valid session -- return username]
122      * <authentication>
123      * <response type="getusername">
124      * <status code="0" msg="ok"/>
125      * <username>username</username>
126      * </response>
127      * </authentication>
128      *
129      * [invalid session -- return no username]
130      * <authentication>
131      * <response type="getusername">
132      * <status code="4" msg="invalid session"/>
133      * </response>
134      * </authentication>
135      */
136     public String JavaDoc getUsername(HttpServletRequest req, HttpServletResponse res,
137                               HashMap param)
138         throws AuthenticationException
139     {
140         mLogger.debug("getUsername(req,res,param)");
141         try {
142             String JavaDoc query = "rt=getusername";
143             StringBuffer JavaDoc buf = new StringBuffer JavaDoc();
144
145             callAuthenticationServer(req, res, param, query, buf);
146
147             StringReader reader = new StringReader(buf.toString());
148             Document document = mBuilder.build(reader);
149             Element root = document.getRootElement();
150             Element eUsername = root.getChild("response");
151             boolean isOk = (getStatusCode(eUsername)==0);
152             return isOk ? eUsername.getChildText("username") : null;
153         } catch (JDOMException e) {
154             throw new AuthenticationException(e.getMessage());
155         }
156     }
157
158
159     /**
160      * This proxies request and response headers.
161      */
162     private void callAuthenticationServer(HttpServletRequest req,
163                                           HttpServletResponse res,
164                                           HashMap param, String JavaDoc query,
165                                           StringBuffer JavaDoc xmlResponse)
166         throws AuthenticationException
167     {
168         if (mDefaultURL == null) {
169             String JavaDoc scheme = req.getScheme();
170             String JavaDoc host = req.getServerName();
171             int port = req.getServerPort();
172             String JavaDoc path = req.getContextPath();
173             mDefaultURL = scheme + "://" + host + ":" + port + path + "/AuthenticationServlet";
174         }
175
176         Data data = null;
177         try {
178
179             String JavaDoc urlstr = (String JavaDoc) param.get("url");
180             if (urlstr == null)
181                 urlstr = mDefaultURL;
182             urlstr += "?" + query;
183             data = HTTPDataSource.getHTTPData(req, res, urlstr, -1);
184             xmlResponse.append(data.getAsString());
185
186         } catch (DataSourceException e) {
187             throw new AuthenticationException(e.getMessage());
188         } catch (MalformedURLException e) {
189             throw new AuthenticationException(e.getMessage());
190         } catch (IOException e) {
191             throw new AuthenticationException(e.getMessage());
192         } finally {
193             if (data != null)
194                 data.release();
195         }
196     }
197
198
199     /** Fetch status code request.
200      * @param element element to retrieve status from
201      * @return <0: error, 0: ok, 0<: ok but warning */
202     static private int getStatusCode(Element element)
203     {
204         mLogger.debug("getStatusCode(element)");
205
206         int code = 1;
207         if (element != null) {
208             Element eStatus = element.getChild("status");
209             String JavaDoc statCode = eStatus.getAttributeValue("code");
210             //String statMesg = eStatus.getAttributeValue("msg");
211 try {
212                 code = Integer.parseInt(statCode);
213             } catch (NumberFormatException JavaDoc e) {
214                 mLogger.debug(e.getMessage());
215             }
216         }
217         return code;
218     }
219 }
220
Popular Tags