diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java index d9eaad176..7a625283b 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java @@ -74,6 +74,9 @@ public class Authenticate extends VitroHttpServlet { /** If this parameter is "true" (ignoring case), cancel the login. */ private static final String PARAMETER_CANCEL = "cancel"; + /** If this parameter is set, we are not NOWHERE. */ + private static final String PARAMETER_LOGIN_FORM = "loginForm"; + /** Where do we find the User/Session map in the servlet context? */ public static final String USER_SESSION_MAP_ATTR = "userURISessionMap"; @@ -214,9 +217,40 @@ public class Authenticate extends VitroHttpServlet { + "current state is NOWHERE"); } + if (weCameFromAColdWidget(request, currentState)) { + currentState = actLikeWeWereLoggingIn(request); + } + return currentState; } + /** + * If they submitted the login form, they shouldn't be NOWHERE. + */ + private boolean weCameFromAColdWidget(HttpServletRequest request, + State currentState) { + if (currentState == NOWHERE) { + if (null != request.getParameter(PARAMETER_LOGIN_FORM)) { + return true; + } + } + return false; + } + + /** + * They got here by submitting the login form. They should be treated as + * already logging in. + */ + private State actLikeWeWereLoggingIn(HttpServletRequest request) { + LoginProcessBean bean = new LoginProcessBean(); + bean.setState(LOGGING_IN); + bean.setLoginPageUrl(whereDidWeComeFrom(request)); + bean.setAfterLoginUrl(whereDidWeComeFrom(request)); + LoginProcessBean.setBean(request, bean); + + return LOGGING_IN; + } + /** * They just got here. Start the process. */ diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java index 49d735cea..9d0b18937 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java @@ -183,8 +183,8 @@ public class AuthenticateTest extends AbstractTestClass { private static final HowDidWeGetHere FROM_WIDGET = new HowDidWeGetHere( null, false, URL_WIDGET); - private static final HowDidWeGetHere FROM_LOGIN = new HowDidWeGetHere( - null, false, URL_LOGIN); + private static final HowDidWeGetHere FROM_LOGIN = new HowDidWeGetHere(null, + false, URL_LOGIN); /** "return" parameter with no referrer - like coming from the login page. */ private static final HowDidWeGetHere FROM_BOOKMARK_OF_LINK = new HowDidWeGetHere( @@ -490,6 +490,30 @@ public class AuthenticateTest extends AbstractTestClass { assertNewLoginSessions(); } + /** + * If there is no LoginProcessBean but we do have a 'loginForm' parameter, + * treat it as if we had a status of LOGGING_IN. + * + * TODO + * To be thorough, this should actually be implemented for all cases that + * could be encountered on a first go. + */ + @Test + public void justGotHereFromWidget() { + if ((urlBundle.afterLoginUrl == null) + && (!urlBundle.returnParameterSet)) { + request.addParameter("loginForm", ""); + setLoginNameAndPassword(userInfo.username, "bogus_password"); + + auth.doPost(request, response); + + assertProcessBean(LOGGING_IN, userInfo.username, "", + "The email or password you entered is incorrect."); + assertNewLoginSessions(); + assertRedirectToContinueUrl(); + } + } + // ---------------------------------------------------------------------- // Helper methods // ----------------------------------------------------------------------