From 082a04d2854cd1eaea9b81de53c38a6710d12ecb Mon Sep 17 00:00:00 2001 From: jeb228 Date: Wed, 10 Nov 2010 20:13:46 +0000 Subject: [PATCH] NIHVIVO-1207 Factor out the LoginRedirector, so LoginShibboleth share it. --- .../authenticate/LoginRedirector.java | 120 ++++++++++++++++++ .../webapp/controller/edit/Authenticate.java | 103 +-------------- 2 files changed, 126 insertions(+), 97 deletions(-) create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java new file mode 100644 index 000000000..5b10f9597 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java @@ -0,0 +1,120 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.controller.authenticate; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; +import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; +import edu.cornell.mannlib.vitro.webapp.beans.User; +import edu.cornell.mannlib.vitro.webapp.controller.Controllers; + +/** + * A user has just completed the login process. What page do we direct them to? + */ +public class LoginRedirector { + private static final Log log = LogFactory.getLog(LoginRedirector.class); + + /** + * 
+	 * Exit: the user is logged in. They might go to:
+	 * - A one-time redirect, stored in the session, if they had tried to
+	 *     bookmark to a page that requires login.
+	 * - An application-wide redirect, stored in the servlet context.
+	 * - Their home page, if they are a self-editor.
+	 * - The site admin page.
+	 *
+ */ + public void redirectLoggedInUser(HttpServletRequest request, + HttpServletResponse response) throws IOException { + // Did they have a one-time redirect stored on the session? + String sessionRedirect = (String) request.getSession().getAttribute( + "postLoginRequest"); + if (sessionRedirect != null) { + request.getSession().removeAttribute("postLoginRequest"); + log.debug("User is logged in. Redirect by session to " + + sessionRedirect); + response.sendRedirect(sessionRedirect); + return; + } + + // Is there a login-redirect stored in the application as a whole? + // It could lead to another page in this app, or to any random URL. + String contextRedirect = (String) request.getSession() + .getServletContext().getAttribute("postLoginRequest"); + if (contextRedirect != null) { + log.debug("User is logged in. Redirect by application to " + + contextRedirect); + if (contextRedirect.indexOf(":") == -1) { + response.sendRedirect(request.getContextPath() + + contextRedirect); + } else { + response.sendRedirect(contextRedirect); + } + return; + } + + // If the user is a self-editor, send them to their home page. + User user = getLoggedInUser(request); + if (userIsANonEditor(user)) { + List uris = getAuthenticator(request) + .asWhomMayThisUserEdit(user); + if (uris != null && uris.size() > 0) { + String userHomePage = request.getContextPath() + + "/individual?uri=" + + URLEncoder.encode(uris.get(0), "UTF-8"); + log.debug("User is logged in. Redirect as self-editor to " + + userHomePage); + response.sendRedirect(userHomePage); + return; + } + } + + // If nothing else applies, send them to the Site Admin page. + log.debug("User is logged in. Redirect to site admin page."); + response.sendRedirect(getSiteAdminUrl(request)); + } + + /** Is the logged in user an AuthRole.USER? */ + private boolean userIsANonEditor(User user) { + if (user == null) { + return false; + } + String nonEditorRoleUri = Integer.toString(AuthRole.USER.level()); + return nonEditorRoleUri.equals(user.getRoleURI()); + } + + /** + * What user are we logged in as? + */ + private User getLoggedInUser(HttpServletRequest request) { + LoginStatusBean bean = LoginStatusBean.getBean(request); + if (!bean.isLoggedIn()) { + log.debug("getLoggedInUser: not logged in"); + return null; + } + return getAuthenticator(request).getUserByUsername(bean.getUsername()); + } + + /** What's the URL for the site admin screen? */ + private String getSiteAdminUrl(HttpServletRequest request) { + String contextPath = request.getContextPath(); + String urlParams = "?login=block"; + return contextPath + Controllers.SITE_ADMIN + urlParams; + } + + /** Get a reference to the Authenticator. */ + private Authenticator getAuthenticator(HttpServletRequest request) { + return Authenticator.getInstance(request); + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java index 1d9281622..715dea690 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java @@ -8,12 +8,9 @@ import static edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean import static edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State.NOWHERE; import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.net.URLEncoder; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.HashMap; -import java.util.List; import java.util.Map; import javax.servlet.ServletContext; @@ -29,18 +26,18 @@ import org.apache.commons.logging.LogFactory; import com.hp.hpl.jena.ontology.OntModel; import edu.cornell.mannlib.vedit.beans.LoginStatusBean; -import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; import edu.cornell.mannlib.vitro.webapp.beans.User; import edu.cornell.mannlib.vitro.webapp.controller.Controllers; +import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator; -import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet; +import edu.cornell.mannlib.vitro.webapp.controller.authenticate.LoginRedirector; import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean; import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.Message; import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State; import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginLogoutEvent; -public class Authenticate extends FreemarkerHttpServlet { +public class Authenticate extends VitroHttpServlet { private static final Log log = LogFactory.getLog(Authenticate.class .getName()); @@ -72,6 +69,8 @@ public class Authenticate extends FreemarkerHttpServlet { /** Where do we find the User/Session map in the servlet context? */ public static final String USER_SESSION_MAP_ATTR = "userURISessionMap"; + private final LoginRedirector loginRedirector = new LoginRedirector(); + /** * Find out where they are in the login process, process any input, record * the new state, and show the next page. @@ -117,7 +116,7 @@ public class Authenticate extends FreemarkerHttpServlet { showLoginScreen(vreq, response); break; default: // LOGGED_IN: - redirectLoggedInUser(vreq, response); + loginRedirector.redirectLoggedInUser(vreq, response); break; } } catch (Exception e) { @@ -355,89 +354,6 @@ public class Authenticate extends FreemarkerHttpServlet { response.sendRedirect(getHomeUrl(request)); } - /** - * 
-	 * Exit: the user is logged in. They might go to:
-	 * - A one-time redirect, stored in the session, if they had tried to
-	 *     bookmark to a page that requires login.
-	 * - An application-wide redirect, stored in the servlet context.
-	 * - Their home page, if they are a self-editor.
-	 * - The site admin page.
-	 *
- */ - private void redirectLoggedInUser(HttpServletRequest request, - HttpServletResponse response) throws IOException, - UnsupportedEncodingException { - // Did they have a one-time redirect stored on the session? - String sessionRedirect = (String) request.getSession().getAttribute( - "postLoginRequest"); - if (sessionRedirect != null) { - request.getSession().removeAttribute("postLoginRequest"); - log.debug("User is logged in. Redirect by session to " - + sessionRedirect); - response.sendRedirect(sessionRedirect); - return; - } - - // Is there a login-redirect stored in the application as a whole? - // It could lead to another page in this app, or to any random URL. - String contextRedirect = (String) getServletContext().getAttribute( - "postLoginRequest"); - if (contextRedirect != null) { - log.debug("User is logged in. Redirect by application to " - + contextRedirect); - if (contextRedirect.indexOf(":") == -1) { - response.sendRedirect(request.getContextPath() - + contextRedirect); - } else { - response.sendRedirect(contextRedirect); - } - return; - } - - // If the user is a self-editor, send them to their home page. - User user = getLoggedInUser(request); - if (userIsANonEditor(user)) { - List uris = getAuthenticator(request) - .asWhomMayThisUserEdit(user); - if (uris != null && uris.size() > 0) { - String userHomePage = request.getContextPath() - + "/individual?uri=" - + URLEncoder.encode(uris.get(0), "UTF-8"); - log.debug("User is logged in. Redirect as self-editor to " - + userHomePage); - response.sendRedirect(userHomePage); - return; - } - } - - // If nothing else applies, send them to the Site Admin page. - log.debug("User is logged in. Redirect to site admin page."); - response.sendRedirect(getSiteAdminUrl(request)); - } - - /** Is the logged in user an AuthRole.USER? */ - private boolean userIsANonEditor(User user) { - if (user == null) { - return false; - } - String nonEditorRoleUri = Integer.toString(AuthRole.USER.level()); - return nonEditorRoleUri.equals(user.getRoleURI()); - } - - /** - * What user are we logged in as? - */ - private User getLoggedInUser(HttpServletRequest request) { - LoginStatusBean lsb = LoginStatusBean.getBean(request); - if (!lsb.isLoggedIn()) { - log.debug("getLoggedInUser: not logged in"); - return null; - } - - return getAuthenticator(request).getUserByUsername(lsb.getUsername()); - } - /** Get a reference to the Authenticator. */ private Authenticator getAuthenticator(HttpServletRequest request) { return Authenticator.getInstance(request); @@ -450,13 +366,6 @@ public class Authenticate extends FreemarkerHttpServlet { return contextPath + Controllers.LOGIN + urlParams; } - /** What's the URL for the site admin screen? */ - private String getSiteAdminUrl(HttpServletRequest request) { - String contextPath = request.getContextPath(); - String urlParams = "?login=block"; - return contextPath + Controllers.SITE_ADMIN + urlParams; - } - /** What's the URL for the home page? */ private String getHomeUrl(HttpServletRequest request) { return request.getContextPath();