diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/user/UserAccountsUserController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/user/UserAccountsUserController.java index 7628362ac..322dd6c2b 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/user/UserAccountsUserController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/user/UserAccountsUserController.java @@ -133,7 +133,7 @@ public class UserAccountsUserController extends FreemarkerHttpServlet { } private ResponseValues showLoginRedirection(VitroRequest vreq) { - LoginRedirector lr = new LoginRedirector(vreq); + LoginRedirector lr = new LoginRedirector(vreq, null); DisplayMessage.setMessage(vreq, lr.assembleWelcomeMessage()); String uri = lr.getRedirectionUriForLoggedInUser(); return new RedirectResponseValues(uri); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java index 8b525f6fe..d970db6cd 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java @@ -16,6 +16,7 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; +import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean; /** * Handle the return from the external authorization login server. If we are @@ -36,6 +37,13 @@ public class LoginExternalAuthReturn extends BaseLoginServlet { * - User corresponds to a User acocunt. Record the login. * - User corresponds to an Individual (self-editor). * - User is not recognized. + * + * On entry, we expect to find: + * - A LoginProcessBean, which will give us the afterLoginUrl if the login + * succeeds. + * - A referrer URL, to which we will redirect if the login fails. + * TODO: is this equal to LoginProcessBean.getLoginPageUrl()? + * These are removed on exit. * */ @Override @@ -49,6 +57,9 @@ public class LoginExternalAuthReturn extends BaseLoginServlet { MESSAGE_LOGIN_FAILED); return; } + + String afterLoginUrl = LoginProcessBean.getBean(req).getAfterLoginUrl(); + removeLoginProcessArtifacts(req); UserAccount userAccount = getAuthenticator(req) .getAccountForExternalAuth(externalAuthId); @@ -56,8 +67,7 @@ public class LoginExternalAuthReturn extends BaseLoginServlet { log.debug("Logging in as " + userAccount.getUri()); getAuthenticator(req).recordLoginAgainstUserAccount(userAccount, AuthenticationSource.EXTERNAL); - removeLoginProcessArtifacts(req); - new LoginRedirector(req).redirectLoggedInUser(resp); + new LoginRedirector(req, afterLoginUrl).redirectLoggedInUser(resp); return; } @@ -70,19 +80,19 @@ public class LoginExternalAuthReturn extends BaseLoginServlet { String uri = associatedUris.get(0); getAuthenticator(req).recordLoginWithoutUserAccount(uri); - removeLoginProcessArtifacts(req); - new LoginRedirector(req).redirectLoggedInUser(resp); + new LoginRedirector(req, afterLoginUrl).redirectLoggedInUser(resp); return; } log.debug("User is not recognized: " + externalAuthId); removeLoginProcessArtifacts(req); - new LoginRedirector(req).redirectUnrecognizedExternalUser(resp, + new LoginRedirector(req, afterLoginUrl).redirectUnrecognizedExternalUser(resp, externalAuthId); } private void removeLoginProcessArtifacts(HttpServletRequest req) { req.getSession().removeAttribute(ATTRIBUTE_REFERRER); + LoginProcessBean.removeBean(req); } @Override diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java index 57c9375f1..f25db5be9 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java @@ -20,7 +20,6 @@ import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage; import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; import edu.cornell.mannlib.vitro.webapp.controller.Controllers; -import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean; /** * A user has just completed the login process. What page do we direct them to? @@ -34,15 +33,12 @@ public class LoginRedirector { private final String uriOfAssociatedIndividual; private final String afterLoginPage; - public LoginRedirector(HttpServletRequest request) { + public LoginRedirector(HttpServletRequest request, String afterLoginPage) { this.request = request; this.session = request.getSession(); + this.afterLoginPage = afterLoginPage; uriOfAssociatedIndividual = getAssociatedIndividualUri(); - - LoginProcessBean processBean = LoginProcessBean.getBean(request); - log.debug("process bean is: " + processBean); - afterLoginPage = processBean.getAfterLoginUrl(); } /** Is there an Individual associated with this user? */ @@ -106,7 +102,6 @@ public class LoginRedirector { try { DisplayMessage.setMessage(request, assembleWelcomeMessage()); response.sendRedirect(getRedirectionUriForLoggedInUser()); - LoginProcessBean.removeBean(request); } catch (IOException e) { log.debug("Problem with re-direction", e); response.sendRedirect(getApplicationHomePageUrl()); @@ -142,7 +137,6 @@ public class LoginRedirector { throws IOException { try { response.sendRedirect(getRedirectionUriForCancellingUser()); - LoginProcessBean.removeBean(request); } catch (IOException e) { log.debug("Problem with re-direction", e); response.sendRedirect(getApplicationHomePageUrl()); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java index 9bf9847f6..1949009e6 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java @@ -124,7 +124,7 @@ public class Authenticate extends VitroHttpServlet { // Send them on their way. switch (exitState) { case NOWHERE: - new LoginRedirector(vreq).redirectCancellingUser(response); + showLoginCanceled(response, vreq); break; case LOGGING_IN: showLoginScreen(vreq, response); @@ -133,7 +133,7 @@ public class Authenticate extends VitroHttpServlet { showLoginScreen(vreq, response); break; default: // LOGGED_IN: - new LoginRedirector(vreq).redirectLoggedInUser(response); + showLoginComplete(response, vreq); break; } } catch (Exception e) { @@ -477,6 +477,31 @@ public class Authenticate extends VitroHttpServlet { response.sendRedirect(loginProcessPage); return; } + + /** + * Exit: user has completed the login. Redirect appropriately and clear the bean. + */ + private void showLoginComplete(HttpServletResponse response, + VitroRequest vreq) throws IOException { + getLoginRedirector(vreq).redirectLoggedInUser(response); + LoginProcessBean.removeBean(vreq); + } + + /** + * Exit: user has canceled. Redirect and clear the bean. + */ + private void showLoginCanceled(HttpServletResponse response, + VitroRequest vreq) throws IOException { + getLoginRedirector(vreq).redirectCancellingUser(response); + LoginProcessBean.removeBean(vreq); + } + + private LoginRedirector getLoginRedirector(VitroRequest vreq) { + String afterLoginUrl = LoginProcessBean.getBean(vreq).getAfterLoginUrl(); + return new LoginRedirector(vreq, afterLoginUrl); + } + + /** Get a reference to the Authenticator. */ private Authenticator getAuthenticator(HttpServletRequest request) {