NIHVIVO-151 Logout will store a confirmation message in the session, using DisplayMessage.
This commit is contained in:
jeb228
parent
a08706c212
commit
46d4332ba3
5 changed files with 132 additions and 31 deletions
|
|
@ -0,0 +1,72 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.beans;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
/**
|
||||
* Store a message in the session, so it can be displayed on the page. Getting
|
||||
* the message also removes it from the session, so the same message is not
|
||||
* displayed repeatedly.
|
||||
*/
|
||||
public class DisplayMessage {
|
||||
private static final Log log = LogFactory.getLog(DisplayMessage.class);
|
||||
|
||||
/** If there is no message, return this instead. */
|
||||
private static final String NO_MESSAGE = "";
|
||||
|
||||
private static final String ATTRIBUTE_NAME = DisplayMessage.class.getName();
|
||||
|
||||
/**
|
||||
* Store this message on the session. This will overwrite any previously
|
||||
* stored message.
|
||||
*/
|
||||
public static void setMessage(HttpServletRequest request, String message) {
|
||||
setMessage(request.getSession(), message);
|
||||
}
|
||||
|
||||
/**
|
||||
* Store this message on the session. This will overwrite any previously
|
||||
* stored message.
|
||||
*/
|
||||
public static void setMessage(HttpSession session, String message) {
|
||||
session.setAttribute(ATTRIBUTE_NAME, message);
|
||||
log.debug("Set message: '" + message + "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the current message from the session, and remove it from the session
|
||||
* so it won't be displayed again.
|
||||
*
|
||||
* If there is no message, return the empty string.
|
||||
*/
|
||||
public static String getMessageAndClear(HttpServletRequest request) {
|
||||
if (request == null) {
|
||||
return NO_MESSAGE;
|
||||
} else {
|
||||
return getMessageAndClear(request.getSession(false));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the current message from the session, and remove it from the session
|
||||
* so it won't be displayed again.
|
||||
*
|
||||
* If there is no message, return the empty string.
|
||||
*/
|
||||
public static String getMessageAndClear(HttpSession session) {
|
||||
if (session != null) {
|
||||
Object message = session.getAttribute(ATTRIBUTE_NAME);
|
||||
if (message instanceof String) {
|
||||
log.debug("Get message: '" + message + "'");
|
||||
return (String) message;
|
||||
}
|
||||
}
|
||||
log.debug("Get no message.");
|
||||
return NO_MESSAGE;
|
||||
}
|
||||
}
|
||||
|
|
@ -88,4 +88,10 @@ public abstract class Authenticator {
|
|||
*/
|
||||
public abstract void recordUserIsLoggedIn(String username);
|
||||
|
||||
/**
|
||||
* Record that the current user has logged out:
|
||||
* - notify other users of the model.
|
||||
* - invalidate the session.
|
||||
*/
|
||||
public abstract void recordUserIsLoggedOut();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
|
|||
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginEvent;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.LogoutEvent;
|
||||
|
||||
/**
|
||||
* The "standard" implementation of Authenticator.
|
||||
|
|
@ -88,7 +89,7 @@ public class BasicAuthenticator extends Authenticator {
|
|||
}
|
||||
|
||||
HttpSession session = request.getSession();
|
||||
|
||||
|
||||
recordLoginOnUserRecord(user);
|
||||
createLoginFormBean(user, session);
|
||||
createLoginStatusBean(user, session);
|
||||
|
|
@ -187,6 +188,35 @@ public class BasicAuthenticator extends Authenticator {
|
|||
return userDao.getIndividualsUserMayEditAs(userUri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void recordUserIsLoggedOut() {
|
||||
HttpSession session = request.getSession();
|
||||
notifyOtherUsersOfLogout(session);
|
||||
session.invalidate();
|
||||
}
|
||||
|
||||
private void notifyOtherUsersOfLogout(HttpSession session) {
|
||||
LoginStatusBean loginBean = LoginStatusBean.getBean(session);
|
||||
if (!loginBean.isLoggedIn()) {
|
||||
return;
|
||||
}
|
||||
|
||||
UserDao userDao = getUserDao(request);
|
||||
if (userDao == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
String username = loginBean.getUsername();
|
||||
User user = userDao.getUserByUsername(username);
|
||||
if (user == null) {
|
||||
log.error("Unable to retrieve user " + username + " from model");
|
||||
return;
|
||||
}
|
||||
|
||||
Authenticate.sendLoginNotifyEvent(new LogoutEvent(user.getURI()),
|
||||
session.getServletContext(), session);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a reference to the {@link UserDao}, or <code>null</code>.
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -5,54 +5,41 @@ package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
|||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.User;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.jena.LogoutEvent;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator;
|
||||
|
||||
/**
|
||||
* Provide a means for programmatic logout.
|
||||
*/
|
||||
public class Logout extends HttpServlet {
|
||||
|
||||
private static final Log log = LogFactory.getLog(Logout.class.getName());
|
||||
|
||||
/** This http header holds the referring page. */
|
||||
private static final String HEADING_REFERRER = "referer";
|
||||
|
||||
public void doPost(HttpServletRequest request, HttpServletResponse response) {
|
||||
try {
|
||||
VitroRequest vreq = new VitroRequest(request);
|
||||
HttpSession session = vreq.getSession();
|
||||
if (session != null) {
|
||||
UserDao userDao = ((WebappDaoFactory) session
|
||||
.getServletContext().getAttribute("webappDaoFactory"))
|
||||
.getUserDao();
|
||||
|
||||
LoginStatusBean loginBean = LoginStatusBean.getBean(session);
|
||||
if (loginBean.isLoggedIn()) {
|
||||
User user = userDao.getUserByUsername(loginBean.getUsername());
|
||||
if (user == null) {
|
||||
log.error("Unable to retrieve user " + loginBean.getUsername()
|
||||
+ " from model");
|
||||
} else {
|
||||
Authenticate.sendLoginNotifyEvent(
|
||||
new LogoutEvent(user.getURI()),
|
||||
getServletContext(), session);
|
||||
}
|
||||
}
|
||||
session.invalidate();
|
||||
}
|
||||
response.sendRedirect("./");
|
||||
Authenticator.getInstance(request).recordUserIsLoggedOut();
|
||||
DisplayMessage.setMessage(request, "You have logged out.");
|
||||
response.sendRedirect(getReferringPage(request));
|
||||
} catch (Exception ex) {
|
||||
log.error(ex, ex);
|
||||
}
|
||||
}
|
||||
|
||||
private String getReferringPage(HttpServletRequest request) {
|
||||
String referrer = request.getHeader(HEADING_REFERRER);
|
||||
if (referrer == null) {
|
||||
referrer = "/.";
|
||||
}
|
||||
log.debug("Referring page is '" + referrer + "'");
|
||||
return referrer;
|
||||
}
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) {
|
||||
doPost(request, response);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue