KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > snipsnap > net > LoginServlet


1 /*
2  * This file is part of "SnipSnap Wiki/Weblog".
3  *
4  * Copyright (c) 2002 Stephan J. Schmidt, Matthias L. Jugel
5  * All Rights Reserved.
6  *
7  * Please visit http://snipsnap.org/ for updates and contact.
8  *
9  * --LICENSE NOTICE--
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License
12  * as published by the Free Software Foundation; either version 2
13  * of the License, or (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23  * --LICENSE NOTICE--
24  */

25 package org.snipsnap.net;
26
27 import org.radeox.util.logging.Logger;
28 import org.snipsnap.app.Application;
29 import org.snipsnap.config.Configuration;
30 import org.snipsnap.container.Components;
31 import org.snipsnap.container.SessionService;
32 import org.snipsnap.net.filter.MultipartWrapper;
33 import org.snipsnap.user.AuthenticationService;
34 import org.snipsnap.user.User;
35
36 import javax.servlet.RequestDispatcher JavaDoc;
37 import javax.servlet.ServletException JavaDoc;
38 import javax.servlet.http.HttpServlet JavaDoc;
39 import javax.servlet.http.HttpServletRequest JavaDoc;
40 import javax.servlet.http.HttpServletResponse JavaDoc;
41 import javax.servlet.http.HttpSession JavaDoc;
42 import java.io.IOException JavaDoc;
43
44 /**
45  * Servlet to login a user by checking user name and password.
46  *
47  * @author Matthias L. Jugel
48  * @version $Id: LoginServlet.java 1801 2005-01-29 17:26:09Z leo $
49  */

50 public class LoginServlet extends HttpServlet JavaDoc {
51   private final static String JavaDoc ERR_PASSWORD = "";
52
53   public void doPost(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
54           throws ServletException JavaDoc, IOException JavaDoc {
55     Configuration config = Application.get().getConfiguration();
56
57     // If this is not a multipart/form-data request continue
58
String JavaDoc type = request.getHeader("Content-Type");
59     if (type != null && type.startsWith("multipart/form-data")) {
60       try {
61         request = new MultipartWrapper(request, config.getEncoding() != null ? config.getEncoding() : "UTF-8");
62       } catch (IllegalArgumentException JavaDoc e) {
63         Logger.warn("FileUploadServlet: multipart/form-data wrapper:" + e.getMessage());
64       }
65     }
66
67     String JavaDoc login = request.getParameter("login");
68     String JavaDoc password = request.getParameter("password");
69     String JavaDoc referer = sanitize(request.getParameter("referer"));
70
71     if (request.getParameter("cancel") == null) {
72       User user = ((AuthenticationService) Components.getComponent(AuthenticationService.class)).authenticate(login, password);
73       if (Application.getCurrentUsers().contains(user)) {
74         Application.getCurrentUsers().remove(user);
75       }
76
77       HttpSession JavaDoc session = request.getSession();
78       if (null == user) {
79         request.setAttribute("tmpLogin", login);
80         request.setAttribute("referer", referer);
81         request.setAttribute("error", ERR_PASSWORD);
82         RequestDispatcher JavaDoc dispatcher = request.getRequestDispatcher("/exec/login.jsp");
83         dispatcher.forward(request, response);
84         return;
85       }
86
87       session.removeAttribute("referer");
88       Application.get().setUser(user, session);
89
90       SessionService service = (SessionService) Components.getComponent(SessionService.class);
91       service.setUser(request, response, user);
92     }
93
94     response.sendRedirect(referer);
95   }
96
97   private String JavaDoc sanitize(String JavaDoc parameter) {
98     if (null != parameter) {
99       return parameter.split("[\r\n]")[0];
100     }
101     return parameter;
102   }
103
104   protected void doGet(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
105           throws ServletException JavaDoc, IOException JavaDoc {
106     String JavaDoc referer = request.getHeader("REFERER");
107     if (referer == null || referer.length() == 0) {
108       Configuration config = Application.get().getConfiguration();
109       referer = config.getSnipUrl(config.getStartSnip());
110     }
111
112     if ("true".equals(request.getParameter("logoff"))) {
113       HttpSession JavaDoc session = request.getSession();
114       SessionService service = (SessionService) Components.getComponent(SessionService.class);
115       service.removeCookie(request, response);
116       // maybe not necessary
117
// Application.removeCurrentUser(session);
118
Application.get().setUser(null);
119       session.invalidate();
120     } else if ("true".equals(request.getParameter("timeout"))) {
121       HttpSession JavaDoc session = request.getSession();
122       Application.removeCurrentUser(session);
123       session.invalidate();
124     }
125
126     response.sendRedirect(referer);
127   }
128 }
129
Popular Tags