Login


1   package org.tigris.scarab.actions;
2   
3   /* ================================================================
4    * Copyright (c) 2000-2002 CollabNet.  All rights reserved.
5    * 
6    * Redistribution and use in source and binary forms, with or without
7    * modification, are permitted provided that the following conditions are
8    * met:
9    * 
10   * 1. Redistributions of source code must retain the above copyright
11   * notice, this list of conditions and the following disclaimer.
12   * 
13   * 2. Redistributions in binary form must reproduce the above copyright
14   * notice, this list of conditions and the following disclaimer in the
15   * documentation and/or other materials provided with the distribution.
16   * 
17   * 3. The end-user documentation included with the redistribution, if
18   * any, must include the following acknowlegement: "This product includes
19   * software developed by Collab.Net <http://www.Collab.Net/>."
20   * Alternately, this acknowlegement may appear in the software itself, if
21   * and wherever such third-party acknowlegements normally appear.
22   * 
23   * 4. The hosted project names must not be used to endorse or promote
24   * products derived from this software without prior written
25   * permission. For written permission, please contact info@collab.net.
26   * 
27   * 5. Products derived from this software may not use the "Tigris" or 
28   * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without 
29   * prior written permission of Collab.Net.
30   * 
31   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
32   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
33   * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
34   * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
35   * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36   * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
37   * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
38   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
39   * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
40   * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
41   * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42   *
43   * ====================================================================
44   * 
45   * This software consists of voluntary contributions made by many
46   * individuals on behalf of Collab.Net.
47   */ 
48  
49  import java.util.List  ;
50  
51  // Turbine Stuff 
52  import org.apache.turbine.TemplateContext;
53  import org.apache.turbine.RunData;
54  
55  import org.apache.fulcrum.security.TurbineSecurity;
56  import org.apache.turbine.tool.IntakeTool;
57  import org.apache.fulcrum.intake.model.Group;
58  import org.apache.fulcrum.security.util.DataBackendException;
59  import org.apache.fulcrum.security.util.UnknownEntityException;
60  import org.apache.fulcrum.security.util.PasswordMismatchException;
61  import org.apache.fulcrum.security.util.TurbineSecurityException;
62  
63  // Scarab Stuff
64  import org.tigris.scarab.tools.ScarabRequestTool;
65  import org.tigris.scarab.tools.ScarabLocalizationTool;
66  import org.tigris.scarab.tools.localization.L10NKeySet;
67  import org.tigris.scarab.tools.localization.L10NMessage;
68  import org.tigris.scarab.tools.localization.Localizable;
69  import org.tigris.scarab.util.AnonymousUserUtil;
70  import org.tigris.scarab.util.ScarabConstants;
71  import org.tigris.scarab.util.Log;
72  import org.tigris.scarab.om.ScarabUser;
73  import org.tigris.scarab.om.Module;
74  import org.tigris.scarab.actions.base.ScarabTemplateAction;
75  
76  /**
77   * This class is responsible for dealing with the Login
78   * Action.
79   *
80   * @author <a HREF="mailto:jon@collab.net">Jon S. Stevens</a>
81   * @version $Id: Login.java 9693 2005-05-15 17:56:58Z jorgeuriarte $
82   */
83  public class Login extends ScarabTemplateAction
84  {
85      /**
86       * This manages clicking the Login button
87       */
88      public void doLogin(RunData data, TemplateContext context)
89          throws Exception  
90      {
91          data.setACL(null);
92          IntakeTool intake = getIntakeTool(context);
93          if (intake.isAllValid() && checkUser(data, context))
94          {
95              ScarabUser user = (ScarabUser)data.getUser();
96              List   userModules = user.getModules();
97              if (userModules != null)
98              {
99                  Module module = null;
100                 if (userModules.size() == 2)
101                 {
102                     Module module1 = (Module)userModules.get(0);
103                     Module module2 = (Module)userModules.get(1);
104                     if (module1.isGlobalModule())
105                     {
106                         module = module2;
107                     }
108                     else if (module2.isGlobalModule())
109                     {
110                         module = module1;
111                     }
112                 }
113                 if (module != null || userModules.size() == 1)
114                 {
115                     ScarabRequestTool scarabR = getScarabRequestTool(context);
116                     if (module == null)
117                     {
118                         module = (Module)userModules.get(0);
119                     }
120                     scarabR.setCurrentModule(module);
121                     data.getParameters().remove(ScarabConstants.CURRENT_MODULE);
122                     data.getParameters().add(ScarabConstants.CURRENT_MODULE,
123                                              module.getQueryKey());
124                     if ("SelectModule.vm".equals(data.getParameters()
125                             .getString(ScarabConstants.NEXT_TEMPLATE))) 
126                     {
127                         data.getParameters().remove(ScarabConstants.NEXT_TEMPLATE);
128                     }
129                 }
130             }
131 
132             String   template = data.getParameters()
133                 .getString(ScarabConstants.NEXT_TEMPLATE, 
134                            "home,EnterNew.vm");
135             setTarget(data, template);
136         }
137     }
138 
139     /**
140      * Checks to make sure that the user exists, has been confirmed.
141      */
142     public boolean checkUser(RunData data, TemplateContext context)
143         throws Exception  
144     {
145         IntakeTool intake = getIntakeTool(context);
146         ScarabRequestTool scarabR = getScarabRequestTool(context);
147         ScarabLocalizationTool l10n = getLocalizationTool(context);
148 
149         Group login = intake.get("Login", IntakeTool.DEFAULT_KEY);
150         String   username = login.get("Username").toString();
151         String   password = login.get("Password").toString();
152         
153         ScarabUser user = null;
154 
155         try
156         {
157             // Authenticate the user and get the object.
158             user = (ScarabUser) TurbineSecurity
159                 .getAuthenticatedUser(username, password);
160         }
161         catch (UnknownEntityException e)
162         {
163             scarabR.setAlertMessage(L10NKeySet.InvalidUsernameOrPassword);
164             Log.get().info("Invalid login attempted: " + e.getMessage());
165             return failAction(data, "Login.vm");            
166         }
167         catch (PasswordMismatchException e)
168         {
169             scarabR.setAlertMessage(L10NKeySet.InvalidUsernameOrPassword);
170             Log.get().debug("Password mis-match during login attempt: "
171                            + e.getMessage());
172             return failAction(data, "Login.vm");            
173         }
174         catch (DataBackendException e)
175         {
176             scarabR.setAlertMessage(L10NKeySet.ExceptionDatabaseGenericError);
177             Log.get().error("Error while attempting to log in", e);
178             return failAction(data, "Login.vm");
179         }
180 
181         try
182         {
183             if (user.getConfirmed().equals(ScarabUser.DELETED)){
184                 scarabR.setAlertMessage(L10NKeySet.UserIsDeleted);
185                 Log.get().error("Deleted user attempting to log in");
186                 return failAction(data, "Login.vm");
187             }
188             // check the CONFIRM_VALUE
189             if (!user.isConfirmed())
190             {
191                 if (scarabR != null)
192                 {
193                     user = (ScarabUser) TurbineSecurity.getUserInstance();
194                     scarabR.setUser(user);
195                     scarabR.setAlertMessage(L10NKeySet.UserIsNotConfirmed);
196                 }
197 
198                 return failAction(data, "Confirm.vm");
199             }
200 
201 
202             // store the user object
203             data.setUser(user);
204             // mark the user as being logged in
205             user.setHasLoggedIn(Boolean.TRUE);
206             // set the last_login date in the database
207             user.updateLastLogin();
208 
209             // check if the password is expired
210             boolean userPasswordExpired = user.isPasswordExpired();
211             if (userPasswordExpired)
212             {
213                 if (scarabR != null)
214                 {
215                     user = (ScarabUser) TurbineSecurity.getUserInstance();
216                     scarabR.setUser(user);
217                     scarabR.setAlertMessage(L10NKeySet.YourPasswordHasExpired);
218                 }
219 
220 
221                 setTarget(data, "ChangePassword.vm");
222                 //change next screen to allow password reset.
223                 data.save();
224                 return false;
225             }
226 
227             // update the password expire
228             user.setPasswordExpire();
229             // this only happens if the user is valid
230             // otherwise, we will get a valueBound in the User
231             // object when we don't want to because the username is
232             // not set yet.
233                        
234             // save the User object into the session
235             data.save();
236 
237         }
238         catch (TurbineSecurityException e)
239         {
240             Localizable msg = new L10NMessage(L10NKeySet.ExceptionTurbineGeneric,e);
241             scarabR.setAlertMessage(msg);
242             return failAction(data, "Login.vm");
243         }
244         return true;
245     }
246 
247     /**
248      * sets an anonymous user
249      * sets the template to the passed in template
250      */
251     private boolean failAction(RunData data, String   template)
252         throws DataBackendException, UnknownEntityException
253     {
254         // Retrieve an anonymous user
255         AnonymousUserUtil.anonymousLogin(data);
256         setTarget(data, template);
257         return false;
258     }
259     
260     /**
261      * calls doLogin()
262      */
263     public void doPerform(RunData data, TemplateContext context)
264         throws Exception  
265     {
266         doLogin(data, context);
267     }
268 }
269
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags