diff --git a/webapp/config/web.xml b/webapp/config/web.xml
index 8046cce14..380837662 100644
--- a/webapp/config/web.xml
+++ b/webapp/config/web.xml
@@ -1041,14 +1041,14 @@
edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate
+
+ login
+ edu.cornell.mannlib.vitro.webapp.controller.edit.Login
+
+
logout
edu.cornell.mannlib.vitro.webapp.controller.edit.Logout
-
- properties
- WEB-INF/classes/formbeans/Login_forms.properties
-
-
@@ -1203,6 +1203,15 @@
authenticate
/authenticate
+
+ login
+ /login
+
+
+
+ login
+ /login_process.jsp
+
logout
/logout
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/Controllers.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/Controllers.java
index defa3700d..fc6c0c100 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/Controllers.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/Controllers.java
@@ -34,6 +34,7 @@ public class Controllers {
public static final String SITE_ADMIN = "/siteAdmin";
public static final String LOGIN = "/siteAdmin";
+ public static final String AUTHENTICATE = "/authenticate";
public static final String EXPORT_RDF = "/export";
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
index db83a30d2..cb1447977 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
@@ -39,9 +39,12 @@ import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginEvent;
import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginLogoutEvent;
public class Authenticate extends FreemarkerHttpServlet {
- /** Maximum inactive interval for a ordinary logged in user session, in seconds. */
+ /**
+ * Maximum inactive interval for a ordinary logged in user session, in
+ * seconds.
+ */
public static final int LOGGED_IN_TIMEOUT_INTERVAL = 300;
-
+
/** Maximum inactive interval for a editor (or better) session, in seconds. */
public static final int PRIVILEGED_TIMEOUT_INTERVAL = 32000;
@@ -73,9 +76,6 @@ public class Authenticate extends FreemarkerHttpServlet {
public static final String BODY_FORM_ACTION = "formAction";
public static final String BODY_ERROR_MESSAGE = "errorMessage";
- /** If no portal is specified in the request, use this one. */
- private static final int DEFAULT_PORTAL_ID = 1;
-
/** Where do we find the User/Session map in the servlet context? */
public static final String USER_SESSION_MAP_ATTR = "userURISessionMap";
@@ -307,7 +307,9 @@ public class Authenticate extends FreemarkerHttpServlet {
getUserDao(request).updateUser(user);
// Set the timeout limit on the session - editors, etc, get more.
- session.setMaxInactiveInterval(LOGGED_IN_TIMEOUT_INTERVAL); // seconds, not milliseconds
+ session.setMaxInactiveInterval(LOGGED_IN_TIMEOUT_INTERVAL); // seconds,
+ // not
+ // milliseconds
try {
if ((int) Integer.decode(lfb.getLoginRole()) > 1) {
session.setMaxInactiveInterval(PRIVILEGED_TIMEOUT_INTERVAL);
@@ -513,33 +515,9 @@ public class Authenticate extends FreemarkerHttpServlet {
return request.getContextPath();
}
- /**
- * What portal are we currently in?
- */
- private String getPortalIdString(HttpServletRequest request) {
- String portalIdParameter = request.getParameter("home");
- if (portalIdParameter == null) {
- return String.valueOf(DEFAULT_PORTAL_ID);
- } else {
- return portalIdParameter;
- }
- }
-
- /**
- * How is the login process coming along?
- */
+ /** Where do we stand in the login process? */
private LoginProcessBean getLoginProcessBean(HttpServletRequest request) {
- HttpSession session = request.getSession();
-
- LoginProcessBean bean = (LoginProcessBean) session
- .getAttribute(LoginProcessBean.SESSION_ATTRIBUTE);
-
- if (bean == null) {
- bean = new LoginProcessBean();
- session.setAttribute(LoginProcessBean.SESSION_ATTRIBUTE, bean);
- }
-
- return bean;
+ return LoginProcessBean.getBeanFromSession(request);
}
// ----------------------------------------------------------------------
@@ -561,7 +539,7 @@ public class Authenticate extends FreemarkerHttpServlet {
throw new RuntimeException(e);
}
}
-
+
/**
* The servlet context should contain a map from User URIs to
* {@link HttpSession}s. Get a reference to it, creating it if necessary.
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Login.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Login.java
new file mode 100644
index 000000000..9b58b43d6
--- /dev/null
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Login.java
@@ -0,0 +1,79 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.controller.edit;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
+import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
+
+/**
+ * Provide a means for programmatic login (replaces old login_process.jsp). If
+ * they provide the right parameters, send them to be authenticated.
+ */
+public class Login extends HttpServlet {
+ private final static int DEFAULT_PORTAL_ID = 1;
+
+ public static final String PARAM_USERNAME = "loginName";
+ public static final String PARAM_PASSWORD = "loginPassword";
+
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ /*
+ * For backward compatibility, if they requested a logout, honor the
+ * request.
+ */
+ if ("Log Out".equals(request.getParameter("loginSubmitMode"))) {
+ request.getRequestDispatcher("/logout").forward(request, response);
+ return;
+ }
+
+ String username = request.getParameter(PARAM_USERNAME);
+ String password = request.getParameter(PARAM_PASSWORD);
+
+ /*
+ * If either the username or password are empty, send them to the site
+ * admin page.
+ */
+ if ((username == null) || (username.equals("")) || (password == null)
+ || (password.equals(""))) {
+ response.sendRedirect(request.getContextPath()
+ + Controllers.SITE_ADMIN + "?home="
+ + getPortalIdString(request));
+ return;
+ }
+
+ /*
+ * Otherwise, set up as if they had filled in the login form, and send
+ * them to authenticate it.
+ */
+ LoginProcessBean bean = LoginProcessBean.getBeanFromSession(request);
+ bean.setState(LoginProcessBean.State.LOGGING_IN);
+ request.getRequestDispatcher(Controllers.AUTHENTICATE).forward(request,
+ response);
+ }
+
+ private final String getPortalIdString(HttpServletRequest request) {
+ String pId = (String) request.getAttribute("home");
+ if (pId == null) {
+ pId = request.getParameter("home");
+ }
+ if (pId == null) {
+ pId = String.valueOf(DEFAULT_PORTAL_ID);
+ }
+ return pId;
+ }
+
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ doPost(request, response);
+ }
+
+}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Logout.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Logout.java
index 73da726c0..6314eb869 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Logout.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Logout.java
@@ -17,7 +17,10 @@ import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
import edu.cornell.mannlib.vitro.webapp.dao.jena.LogoutEvent;
-public class Logout extends HttpServlet /* implements SingleThreadModel */{
+/**
+ * Provide a means for programmatic logout.
+ */
+public class Logout extends HttpServlet {
private static final Log log = LogFactory.getLog(Logout.class.getName());
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginProcessBean.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginProcessBean.java
index 79e32aa5a..34a47b4ba 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginProcessBean.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginProcessBean.java
@@ -5,6 +5,9 @@ package edu.cornell.mannlib.vitro.webapp.controller.login;
import java.text.MessageFormat;
import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
/**
* Where are we in the process of logging on? What message should we show to the
* user?
@@ -15,6 +18,21 @@ public class LoginProcessBean {
public static final String SESSION_ATTRIBUTE = LoginProcessBean.class
.getName();
+ /**
+ * Get the login process bean from the session. If there is none, create
+ * one.
+ */
+ public static LoginProcessBean getBeanFromSession(HttpServletRequest request) {
+ HttpSession session = request.getSession();
+ LoginProcessBean bean = (LoginProcessBean) session
+ .getAttribute(SESSION_ATTRIBUTE);
+ if (bean == null) {
+ bean = new LoginProcessBean();
+ session.setAttribute(SESSION_ATTRIBUTE, bean);
+ }
+ return bean;
+ }
+
public enum State {
NOWHERE, LOGGING_IN, FORCED_PASSWORD_CHANGE, CANCELLED, LOGGED_IN
}
diff --git a/webapp/web/login_process.jsp b/webapp/web/login_process.jsp
deleted file mode 100644
index 6a3c7d227..000000000
--- a/webapp/web/login_process.jsp
+++ /dev/null
@@ -1,49 +0,0 @@
-<%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
-
-<%@ page isThreadSafe="false" %>
-<%@ page import="java.util.*" %>
-<%@ page import="edu.cornell.mannlib.vitro.webapp.controller.Controllers" %>
-
-<%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
-
-<% final int DEFAULT_PORTAL_ID=1;
- String portalIdStr=(portalIdStr=(String)request.getAttribute("home"))==null ?
- ((portalIdStr=request.getParameter("home"))==null?String.valueOf(DEFAULT_PORTAL_ID):portalIdStr):portalIdStr;
- //int incomingPortalId=Integer.parseInt(portalIdStr);
-%>
-
-
-
-
-
-
-
-<%
-
- String submitModeStr = request.getParameter("loginSubmitMode");
- if ( submitModeStr == null ) {
- submitModeStr = "unknown";
- }
-
- if ( submitModeStr.equalsIgnoreCase("Log Out")) { %>
-
-
-
-
-<% } else if ( submitModeStr.equalsIgnoreCase("Log In")) {
- String loginNameStr = request.getParameter("loginName");
- String loginPasswordStr = request.getParameter("loginPassword"); %>
-
-
-
-
-<% if ( loginHandler.validateLoginForm() ) { %>
-
-
-
-<% } else {
- String redirectURL = "${siteAdminUrl}?home=" + portalIdStr + "&login=block";
- response.sendRedirect(redirectURL);
- }
- }
-%>
\ No newline at end of file