1 24 package org.riotfamily.riot.security.session; 25 26 import javax.servlet.ServletContext ; 27 import javax.servlet.http.HttpServletRequest ; 28 import javax.servlet.http.HttpServletResponse ; 29 30 import org.riotfamily.riot.security.auth.AuthenticationService; 31 import org.riotfamily.riot.security.auth.RiotUser; 32 import org.springframework.web.context.ServletContextAware; 33 34 public class LoginManager implements ServletContextAware { 35 36 private static final String CONTEXT_KEY = LoginManager.class.getName(); 37 38 private AuthenticationService authenticationService; 39 40 private SessionMetaDataStore metaDataStore; 41 42 43 public LoginManager(AuthenticationService authenticationService) { 44 this.authenticationService = authenticationService; 45 } 46 47 public void setMetaDataStore(SessionMetaDataStore metaDataStore) { 48 this.metaDataStore = metaDataStore; 49 } 50 51 public void setServletContext(ServletContext servletContext) { 52 servletContext.setAttribute(CONTEXT_KEY, this); 53 } 54 55 public static LoginManager getInstance(ServletContext servletContext) { 56 return (LoginManager) servletContext.getAttribute(CONTEXT_KEY); 57 } 58 59 64 public boolean login(HttpServletRequest request, String userName, 65 String password) { 66 67 RiotUser user = authenticationService.authenticate(userName, password); 68 if (user != null) { 69 storeUserInSession(userName, user, request); 70 return true; 71 } 72 return false; 73 } 74 75 79 public static void logout(HttpServletRequest request, 80 HttpServletResponse response) { 81 82 UserHolder.removeFromSession(request); 83 } 84 85 90 private SessionMetaData getOrCreateMetaData(String userName, RiotUser user, 91 HttpServletRequest request) { 92 93 SessionMetaData metaData = null; 94 if (metaDataStore != null) { 95 metaData = metaDataStore.loadSessionMetaData(user); 96 } 97 if (metaData == null) { 98 metaData = new SessionMetaData(user.getUserId()); 99 } 100 metaData.sessionStarted(userName, request.getRemoteHost()); 101 return metaData; 102 } 103 104 107 void storeSessionMetaData(SessionMetaData sessionData) { 108 if (metaDataStore != null) { 109 metaDataStore.storeSessionMetaData(sessionData); 110 } 111 } 112 113 117 private void storeUserInSession(String userName, RiotUser user, 118 HttpServletRequest request) { 119 120 SessionMetaData sessionData = getOrCreateMetaData(userName, user, request); 121 UserHolder holder = new UserHolder(user, sessionData); 122 holder.storeInSession(request.getSession()); 123 } 124 125 128 static RiotUser getUser(HttpServletRequest request) { 129 UserHolder holder = UserHolder.getInstance(request); 130 return holder != null ? holder.getUser() : null; 131 } 132 133 136 public static SessionMetaData getSessionMetaData(HttpServletRequest request) { 137 UserHolder holder = UserHolder.getInstance(request); 138 return holder != null ? holder.getSessionMetaData() : null; 139 } 140 141 } 142 | Popular Tags |