KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > za > org > coefficient > modules > user > Security


1 /*
2  * Coefficient - facilitates project based collaboration
3  * Copyright (C) 2003, Dylan Etkin, CSIR icomtek
4  * PO Box 395
5  * Pretoria 0001, RSA
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19
20 package za.org.coefficient.modules.user;
21
22 import net.sf.hibernate.Hibernate;
23 import net.sf.hibernate.HibernateException;
24 import net.sf.hibernate.type.Type;
25
26 import za.org.coefficient.authentication.CoefficientUser;
27 import za.org.coefficient.core.Constants;
28 import za.org.coefficient.interfaces.CoefficientContext;
29 import za.org.coefficient.modules.BaseModule;
30 import net.sf.hibernate.util.HibernateUtil;
31 import za.org.coefficient.util.ejb.SecurityUtil;
32 import za.org.coefficient.util.ejb.VelocityScreenUtil;
33
34 import java.util.ArrayList JavaDoc;
35 import java.util.HashMap JavaDoc;
36
37 import org.apache.commons.httpclient.Cookie;
38
39 /**
40  * @pojo2ejb.class
41  * name="Security"
42  * jndi-prefix="za/org/coefficient/permanent/"
43  * interface-extends="za.org.coefficient.interfaces.Module"
44  * interface-local-extends="za.org.coefficient.interfaces.ModuleLocal"
45  *
46  * @web.resource-env-ref
47  * name="za/org/coefficient/permanent/Security"
48  * type="za.org.coefficient.modules.user.Security"
49  * @web.resource-env-ref
50  * name="Security"
51  * type="za.org.coefficient.modules.user.Security"
52  */
53 public class Security extends BaseModule {
54     //~ Methods ================================================================
55
56     public String JavaDoc getMainMethod() {
57         return "loginPrompt";
58     }
59
60     public String JavaDoc getModuleDescription() {
61         return "This is the module that handles site security";
62     }
63
64     public String JavaDoc getModuleDisplayName() {
65         return "User Information";
66     }
67
68     public CoefficientContext login(CoefficientContext ctx) {
69         // since we are changing id first invalidate the session
70 ctx.invalidateSession();
71
72         // Select from users where username and password are what is passed
73 // in and if found set into the session
74 CoefficientUser user = null;
75
76         String JavaDoc password = ctx.getParameter("password");
77         String JavaDoc username = ctx.getParameter("username");
78         try {
79             if (!ctx.getParameterAsBoolean("hashedPassword")) {
80                 password = new String JavaDoc(SecurityUtil.md5AsHexString(password));
81             }
82             ArrayList JavaDoc users =
83                 new ArrayList JavaDoc(HibernateUtil.find("from "
84                         + CoefficientUser.class.getName()
85                         + " as pe_user where pe_user.userName = ?"
86                         + " and pe_user.password = ? and pe_user.active = ?",
87                         new Object JavaDoc[] { username, password, new Boolean JavaDoc(true) },
88                         new Type[] {
89                             Hibernate.STRING, Hibernate.STRING,
90                             Hibernate.BOOLEAN
91                         }));
92             if (users.size() != 1) {
93                 ctx.setError("Incorrect username/password");
94             } else {
95                 user = (CoefficientUser) users.get(0);
96             }
97         } catch (HibernateException he) {
98             he.printStackTrace();
99         }
100
101         ctx.setSessionAttribute(Constants.USER_SESSION_STRING, user);
102
103         if (!ctx.isError()) {
104             String JavaDoc rememberMe = ctx.getParameter("rememberMe");
105             if (rememberMe != null) {
106                 // set a persistent cookie
107 Cookie usernameCookie = new Cookie(ctx.getRequestURL(),
108                                                    "coefficient_username", username);
109                 Cookie passwordCookie = new Cookie(ctx.getRequestURL(),
110                                                    "coefficient_password", password);
111                 usernameCookie.setExpiryDate(new java.util.Date JavaDoc(System.currentTimeMillis() + Integer.MAX_VALUE));
112                 passwordCookie.setExpiryDate(new java.util.Date JavaDoc(System.currentTimeMillis() + Integer.MAX_VALUE));
113                 ctx.setCookie(usernameCookie);
114                 ctx.setCookie(passwordCookie);
115             }
116             if (!ctx.getParameterAsBoolean("hashedPassword")) {
117                 ctx.setForward("security", "loginSuccess");
118             }
119         }
120         return ctx;
121     }
122
123     public CoefficientContext loginPrompt(CoefficientContext ctx) {
124         HashMap JavaDoc map = new HashMap JavaDoc();
125         map.put("module", this);
126         map.put("curr_module", ctx.getParameter("module"));
127         map.put("curr_op", ctx.getParameter("op"));
128         StringBuffer JavaDoc sb = null;
129         if (ctx.getCurrentUser() == null) {
130             sb = VelocityScreenUtil.getProcessedScreen("loginPrompt.vm", map);
131         } else {
132             map.put("currentUser", ctx.getCurrentUser());
133             sb = VelocityScreenUtil.getProcessedScreen("loginDisplayInfo.vm",
134                     map);
135         }
136
137         // Set the html into the context
138 ctx.setModuleContent(sb.toString(), getModuleDisplayName());
139         return ctx;
140     }
141
142     public CoefficientContext loginSuccess(CoefficientContext ctx) {
143         ctx.setModuleContent("login successful!", "Login");
144         return ctx;
145     }
146
147     public CoefficientContext logout(CoefficientContext ctx) {
148         ctx.invalidateSession();
149         Cookie usernameCookie = new Cookie(ctx.getRequestURL(), "coefficient_username", "");
150         Cookie passwordCookie = new Cookie(ctx.getRequestURL(), "coefficient_password", "");
151         usernameCookie.setExpiryDate(new java.util.Date JavaDoc(System.currentTimeMillis()));
152         passwordCookie.setExpiryDate(new java.util.Date JavaDoc(System.currentTimeMillis()));
153         ctx.setCookie(usernameCookie);
154         ctx.setCookie(passwordCookie);
155         if (!ctx.isError()) {
156             ctx.setForward("security", "logoutSuccess");
157         }
158         return ctx;
159     }
160
161     public CoefficientContext logoutSuccess(CoefficientContext ctx) {
162         ctx.setModuleContent("logout successful!", "Logout");
163         return ctx;
164     }
165 }
166
Popular Tags