NIHVIVO-736 Create a Login.java controller to replace login_process.jsp.

2010-09-03 20:58:14 +00:00 · 2010-09-03 20:58:14 +00:00 · 140eaef670
commit 140eaef670
parent fe6cde2220
7 changed files with 127 additions and 88 deletions
--- a/webapp/config/web.xml
+++ b/webapp/config/web.xml
@ -1041,14 +1041,14 @@
    <servlet-class>edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate</servlet-class>
  </servlet>

+  <servlet>
+    <servlet-name>login</servlet-name>
+    <servlet-class>edu.cornell.mannlib.vitro.webapp.controller.edit.Login</servlet-class>
+  </servlet>
+
  <servlet>
    <servlet-name>logout</servlet-name>
    <servlet-class>edu.cornell.mannlib.vitro.webapp.controller.edit.Logout</servlet-class>
-    <init-param>
-      <param-name>properties</param-name>
-      <param-value>WEB-INF/classes/formbeans/Login_forms.properties</param-value>
-    </init-param>
-    <!--load-on-startup>2</load-on-startup-->
  </servlet>

  <servlet>
@ -1203,6 +1203,15 @@
    <servlet-name>authenticate</servlet-name>
    <url-pattern>/authenticate</url-pattern>
  </servlet-mapping>
+  <servlet-mapping>
+    <servlet-name>login</servlet-name>
+    <url-pattern>/login</url-pattern>
+  </servlet-mapping>
+  <servlet-mapping>
+    <!-- for backward-compatibility -->
+    <servlet-name>login</servlet-name>
+    <url-pattern>/login_process.jsp</url-pattern> 
+  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>logout</servlet-name>
    <url-pattern>/logout</url-pattern>
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/Controllers.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/Controllers.java
@ -34,6 +34,7 @@ public class Controllers {

    public static final String SITE_ADMIN = "/siteAdmin";
    public static final String LOGIN = "/siteAdmin";
+    public static final String AUTHENTICATE = "/authenticate";
    
    public static final String EXPORT_RDF = "/export";
    
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
@ -39,7 +39,10 @@ import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginEvent;
 import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginLogoutEvent;

 public class Authenticate extends FreemarkerHttpServlet {
-	/** Maximum inactive interval for a ordinary logged in user session, in seconds. */
+	/**
+	 * Maximum inactive interval for a ordinary logged in user session, in
+	 * seconds.
+	 */
 	public static final int LOGGED_IN_TIMEOUT_INTERVAL = 300;

 	/** Maximum inactive interval for a editor (or better) session, in seconds. */
@ -73,9 +76,6 @@ public class Authenticate extends FreemarkerHttpServlet {
 	public static final String BODY_FORM_ACTION = "formAction";
 	public static final String BODY_ERROR_MESSAGE = "errorMessage";

-	/** If no portal is specified in the request, use this one. */
-	private static final int DEFAULT_PORTAL_ID = 1;
-
 	/** Where do we find the User/Session map in the servlet context? */
 	public static final String USER_SESSION_MAP_ATTR = "userURISessionMap";

@ -307,7 +307,9 @@ public class Authenticate extends FreemarkerHttpServlet {
 		getUserDao(request).updateUser(user);

 		// Set the timeout limit on the session - editors, etc, get more.
-		session.setMaxInactiveInterval(LOGGED_IN_TIMEOUT_INTERVAL); // seconds, not milliseconds
+		session.setMaxInactiveInterval(LOGGED_IN_TIMEOUT_INTERVAL); // seconds,
+																	// not
+																	// milliseconds
 		try {
 			if ((int) Integer.decode(lfb.getLoginRole()) > 1) {
 				session.setMaxInactiveInterval(PRIVILEGED_TIMEOUT_INTERVAL);
@ -513,33 +515,9 @@ public class Authenticate extends FreemarkerHttpServlet {
 		return request.getContextPath();
 	}

-	/**
-	 * What portal are we currently in?
-	 */
-	private String getPortalIdString(HttpServletRequest request) {
-		String portalIdParameter = request.getParameter("home");
-		if (portalIdParameter == null) {
-			return String.valueOf(DEFAULT_PORTAL_ID);
-		} else {
-			return portalIdParameter;
-		}
-	}
-
-	/**
-	 * How is the login process coming along?
-	 */
+	/** Where do we stand in the login process? */
 	private LoginProcessBean getLoginProcessBean(HttpServletRequest request) {
-		HttpSession session = request.getSession();
-
-		LoginProcessBean bean = (LoginProcessBean) session
-				.getAttribute(LoginProcessBean.SESSION_ATTRIBUTE);
-
-		if (bean == null) {
-			bean = new LoginProcessBean();
-			session.setAttribute(LoginProcessBean.SESSION_ATTRIBUTE, bean);
-		}
-
-		return bean;
+		return LoginProcessBean.getBeanFromSession(request);
 	}

 	// ----------------------------------------------------------------------
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Login.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Login.java
@ -0,0 +1,79 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.controller.edit;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
+import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
+
+/**
+ * Provide a means for programmatic login (replaces old login_process.jsp). If
+ * they provide the right parameters, send them to be authenticated.
+ */
+public class Login extends HttpServlet {
+	private final static int DEFAULT_PORTAL_ID = 1;
+
+	public static final String PARAM_USERNAME = "loginName";
+	public static final String PARAM_PASSWORD = "loginPassword";
+
+	@Override
+	protected void doPost(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		/*
+		 * For backward compatibility, if they requested a logout, honor the
+		 * request.
+		 */
+		if ("Log Out".equals(request.getParameter("loginSubmitMode"))) {
+			request.getRequestDispatcher("/logout").forward(request, response);
+			return;
+		}
+
+		String username = request.getParameter(PARAM_USERNAME);
+		String password = request.getParameter(PARAM_PASSWORD);
+
+		/*
+		 * If either the username or password are empty, send them to the site
+		 * admin page.
+		 */
+		if ((username == null) || (username.equals("")) || (password == null)
+				|| (password.equals(""))) {
+			response.sendRedirect(request.getContextPath()
+					+ Controllers.SITE_ADMIN + "?home="
+					+ getPortalIdString(request));
+			return;
+		}
+
+		/*
+		 * Otherwise, set up as if they had filled in the login form, and send
+		 * them to authenticate it.
+		 */
+		LoginProcessBean bean = LoginProcessBean.getBeanFromSession(request);
+		bean.setState(LoginProcessBean.State.LOGGING_IN);
+		request.getRequestDispatcher(Controllers.AUTHENTICATE).forward(request,
+				response);
+	}
+
+	private final String getPortalIdString(HttpServletRequest request) {
+		String pId = (String) request.getAttribute("home");
+		if (pId == null) {
+			pId = request.getParameter("home");
+		}
+		if (pId == null) {
+			pId = String.valueOf(DEFAULT_PORTAL_ID);
+		}
+		return pId;
+	}
+
+	@Override
+	protected void doGet(HttpServletRequest request,
+			HttpServletResponse response) throws ServletException, IOException {
+		doPost(request, response);
+	}
+
+}
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Logout.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Logout.java
@ -17,7 +17,10 @@ import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
 import edu.cornell.mannlib.vitro.webapp.dao.jena.LogoutEvent;

-public class Logout extends HttpServlet /* implements SingleThreadModel */{
+/**
+ * Provide a means for programmatic logout.
+ */
+public class Logout extends HttpServlet {

 	private static final Log log = LogFactory.getLog(Logout.class.getName());

--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginProcessBean.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginProcessBean.java
@ -5,6 +5,9 @@ package edu.cornell.mannlib.vitro.webapp.controller.login;
 import java.text.MessageFormat;
 import java.util.Arrays;

+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
 /**
 * Where are we in the process of logging on? What message should we show to the
 * user?
@ -15,6 +18,21 @@ public class LoginProcessBean {
 	public static final String SESSION_ATTRIBUTE = LoginProcessBean.class
 			.getName();

+	/**
+	 * Get the login process bean from the session. If there is none, create
+	 * one.
+	 */
+	public static LoginProcessBean getBeanFromSession(HttpServletRequest request) {
+		HttpSession session = request.getSession();
+		LoginProcessBean bean = (LoginProcessBean) session
+				.getAttribute(SESSION_ATTRIBUTE);
+		if (bean == null) {
+			bean = new LoginProcessBean();
+			session.setAttribute(SESSION_ATTRIBUTE, bean);
+		}
+		return bean;
+	}
+
 	public enum State {
 		NOWHERE, LOGGING_IN, FORCED_PASSWORD_CHANGE, CANCELLED, LOGGED_IN
 	}
--- a/webapp/web/login_process.jsp
+++ b/webapp/web/login_process.jsp
@ -1,49 +0,0 @@
-<%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
-
-<%@ page isThreadSafe="false" %>
-<%@ page import="java.util.*" %>
-<%@ page import="edu.cornell.mannlib.vitro.webapp.controller.Controllers" %>
-
-<%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
-
-<%  final int DEFAULT_PORTAL_ID=1;
-    String portalIdStr=(portalIdStr=(String)request.getAttribute("home"))==null ?
-        ((portalIdStr=request.getParameter("home"))==null?String.valueOf(DEFAULT_PORTAL_ID):portalIdStr):portalIdStr;
-        //int incomingPortalId=Integer.parseInt(portalIdStr);    
-%>
-
-<jsp:useBean id="loginHandler" class="edu.cornell.mannlib.vedit.beans.LoginFormBean" scope="session">
-    <jsp:setProperty name="loginHandler" property="*"/>
-</jsp:useBean>
-
-<c:url var="siteAdminUrl" value="<%= Controllers.SITE_ADMIN %>" />
-
-<% 
-
-    String submitModeStr = request.getParameter("loginSubmitMode");
-    if ( submitModeStr == null ) {
-        submitModeStr = "unknown";
-    } 
-    
-    if ( submitModeStr.equalsIgnoreCase("Log Out")) { %>
-        <jsp:forward page="/logout" >
-            <jsp:param name="home" value="<%= portalIdStr %>" />
-        </jsp:forward>
-        
-<%  } else if ( submitModeStr.equalsIgnoreCase("Log In")) {
-        String loginNameStr = request.getParameter("loginName");
-        String loginPasswordStr = request.getParameter("loginPassword"); %>
-        <jsp:setProperty name="loginHandler" property="loginName" value="<%= loginNameStr %>" />
-        <jsp:setProperty name="loginHandler" property="loginPassword" value="<%= loginPasswordStr %>" />
-        <jsp:setProperty name="loginHandler" property="loginRemoteAddr" value="<%= request.getRemoteAddr() %>" />
-        
-<%      if ( loginHandler.validateLoginForm() ) { %>
-            <jsp:forward page="/authenticate" >
-                <jsp:param name="home" value="<%= portalIdStr %>" />
-            </jsp:forward>
-<%      } else {
-            String redirectURL = "${siteAdminUrl}?home=" + portalIdStr + "&amp;login=block";
-            response.sendRedirect(redirectURL);
-       }
-    }
-%>