litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-2279 LoginFormBean finally goes away.

Browse source
This commit is contained in:
j2blake 2011-06-01 21:00:00 +00:00
parent a36d67a3fe
commit d113061b91
2 changed files with 0 additions and 263 deletions
Download patch file Download diff file Expand all files Collapse all files

242
webapp/src/edu/cornell/mannlib/vedit/beans/LoginFormBean.java
View file

@ -1,242 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vedit.beans;
import java.util.Hashtable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
/**
*
* @author jc55
*
*/
public class LoginFormBean {
public static final int ANYBODY = 0;
public int getAnybody() {
return ANYBODY;
}
public static final int NON_EDITOR = 1;
public int getNonEditor() {
return NON_EDITOR;
}
public static final int EDITOR = 4;
public int getEditor() {
return EDITOR;
}
public static final int CURATOR = 5;
public int getCurator() {
return CURATOR;
}
public static final int DBA = 50;
public int getDba() {
return DBA;
}
public boolean getBla() {
return true;
}
private String userURI;
private String sessionId;
private String loginBrowser;
private String loginRemoteAddr;
private String loginName;
private String loginPassword;
private String loginStatus;
private int loginUserId;
private String loginRole;
private String duplicatePassword;
private String emailAddress;
private Hashtable<String, String> errors;
public boolean validateLoginForm() {
boolean allOk = true;
if (loginName.equals("")) {
errors.put("loginName", "Please enter your Vivo user name");
loginName = "";
allOk = false;
}
if (loginPassword.equals("")) {
errors.put("loginPassword", "Please enter your Vivo password");
loginPassword = "";
allOk = false;
}
return allOk;
}
public LoginFormBean() {
sessionId = "";
loginBrowser = "";
loginRemoteAddr = "";
loginName = "";
loginPassword = "";
loginStatus = "none";
loginUserId = 0;
loginRole = "1";
duplicatePassword = "";
emailAddress = "";
errors = new Hashtable<String, String>();
}
public String toString() {
String name = "-not-logged-in-";
if (getLoginName() != null && !"".equals(getLoginName()))
name = getLoginName();
return this.getClass().getName() + " loginName: " + name
+ " loginStatus: " + getLoginStatus() + " loginRole: "
+ getLoginRole();
}
/**
* Tests a HttpSession to see if logged in and authenticated.
*
* @returns loginRole if seems to be authenticated, -1 otherwise
*/
public int testSessionLevel(HttpServletRequest request) {
// TODO: security code added by bdc34, should be checked by jc55
HttpSession currentSession = request.getSession();
int returnRole = -1;
if (getLoginStatus().equals("authenticated")
&& currentSession.getId().equals(getSessionId())
&& request.getRemoteAddr().equals(getLoginRemoteAddr())) {
try {
returnRole = Integer.parseInt(getLoginRole());
} catch (Throwable thr) {
}
}
return returnRole;
}
public static boolean loggedIn(HttpServletRequest request, int minLevel) {
if (request == null)
return false;
HttpSession sess = request.getSession(false);
if (sess == null)
return false;
Object obj = sess.getAttribute("loginHandler");
if (obj == null || !(obj instanceof LoginFormBean))
return false;
LoginFormBean lfb = (LoginFormBean) obj;
return ("authenticated".equals(lfb.loginStatus) && Integer
.parseInt(lfb.loginRole) >= minLevel);
}
/********************** GET METHODS *********************/
public String getUserURI() {
return userURI;
}
public String getSessionId() {
return sessionId;
}
public String getLoginBrowser() {
return loginBrowser;
}
public String getLoginRemoteAddr() {
return loginRemoteAddr;
}
public String getLoginName() {
return loginName;
}
public String getLoginPassword() {
return loginPassword;
}
public String getLoginStatus() {
return loginStatus;
}
public int getLoginUserId() {
return loginUserId;
}
public String getLoginRole() {
return loginRole;
}
public String getDuplicatePassword() {
return duplicatePassword;
}
public String getEmailAddress() {
return emailAddress;
}
public String getErrorMsg(String s) {
String errorMsg = (String) errors.get(s.trim());
return (errorMsg == null) ? "" : errorMsg;
}
/********************** SET METHODS *********************/
public void setUserURI(String uri) {
this.userURI = uri;
}
public void setSessionId(String id) {
sessionId = id;
}
public void setLoginBrowser(String b) {
loginBrowser = b;
}
public void setLoginRemoteAddr(String ra) {
loginRemoteAddr = ra;
}
public void setLoginName(String ln) {
loginName = ln;
}
public void setLoginPassword(String lp) {
loginPassword = lp;
}
public void setLoginStatus(String ls) {
loginStatus = ls;
}
public void setLoginUserId(int int_val) {
loginUserId = int_val;
}
public void setLoginRole(String lr) {
loginRole = lr;
}
public void setDuplicatePassword(String dp) {
duplicatePassword = dp;
}
public void setEmailAddress(String ea) {
emailAddress = ea;
}
public void setErrorMsg(String key, String msg) {
errors.put(key, msg);
}
}

21
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
View file

@ -15,7 +15,6 @@ import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginFormBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
@ -126,7 +125,6 @@ public class BasicAuthenticator extends Authenticator {
String userUri, String roleUri, int securityLevel, String userUri, String roleUri, int securityLevel,
AuthenticationSource authSource) { AuthenticationSource authSource) {
HttpSession session = request.getSession(); HttpSession session = request.getSession();
createLoginFormBean(username, userUri, roleUri, session);
createLoginStatusBean(username, userUri, securityLevel, authSource, createLoginStatusBean(username, userUri, securityLevel, authSource,
session); session);
setSessionTimeoutLimit(session); setSessionTimeoutLimit(session);
@ -147,25 +145,6 @@ public class BasicAuthenticator extends Authenticator {
/** /**
* Put the login bean into the session. * Put the login bean into the session.
*
* TODO The LoginFormBean is being phased out.
*/
private void createLoginFormBean(String username, String userUri,
String roleUri, HttpSession session) {
LoginFormBean lfb = new LoginFormBean();
lfb.setUserURI(userUri);
lfb.setLoginStatus("authenticated");
lfb.setSessionId(session.getId());
lfb.setLoginRole(roleUri);
lfb.setLoginRemoteAddr(request.getRemoteAddr());
lfb.setLoginName(username);
session.setAttribute("loginHandler", lfb);
}
/**
* Put the login bean into the session.
*
* TODO this should eventually replace the LoginFormBean.
*/ */
private void createLoginStatusBean(String username, String userUri, private void createLoginStatusBean(String username, String userUri,
int securityLevel, AuthenticationSource authSource, int securityLevel, AuthenticationSource authSource,