View Javadoc

1   package org.apache.turbine.modules.actions;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.commons.configuration.Configuration;
23  
24  import org.apache.commons.lang.StringUtils;
25  
26  import org.apache.commons.logging.Log;
27  import org.apache.commons.logging.LogFactory;
28  
29  import org.apache.turbine.Turbine;
30  import org.apache.turbine.TurbineConstants;
31  import org.apache.turbine.modules.Action;
32  import org.apache.turbine.om.security.User;
33  import org.apache.turbine.pipeline.PipelineData;
34  import org.apache.turbine.services.security.TurbineSecurity;
35  import org.apache.turbine.util.RunData;
36  import org.apache.turbine.util.security.DataBackendException;
37  import org.apache.turbine.util.security.TurbineSecurityException;
38  
39  /**
40   * This is where we authenticate the user logging into the system
41   * against a user in the database. If the user exists in the database
42   * that users last login time will be updated.
43   *
44   * @deprecated Use PipelineData version instead.
45   * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
46   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
47   * @author <a href="mailto:quintonm@bellsouth.net">Quinton McCombs</a>
48   * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
49   * @version $Id: LoginUser.java 1066529 2011-02-02 17:01:46Z ludwig $
50   */
51  @Deprecated
52  public class LoginUser
53          extends Action
54  {
55      /** CGI Parameter for the user name */
56      public static final String CGI_USERNAME = "username";
57  
58      /** CGI Parameter for the password */
59      public static final String CGI_PASSWORD = "password";
60  
61      /** Logging */
62      private static Log log = LogFactory.getLog(LoginUser.class);
63  
64      /**
65       * Updates the user's LastLogin timestamp, sets their state to
66       * "logged in" and calls RunData.setUser() .  If the user cannot
67       * be authenticated (database error?) the user is assigned
68       * anonymous status and, if tr.props contains a TEMPLATE_LOGIN,
69       * the screenTemplate is set to this, otherwise the screen is set
70       * to SCREEN_LOGIN
71       *
72       * @param     data Turbine information.
73       * @exception TurbineSecurityException could not get instance of the
74       *            anonymous user
75       */
76      @Override
77      public void doPerform(RunData data)
78              throws TurbineSecurityException
79      {
80          String username = data.getParameters().getString(CGI_USERNAME, "");
81          String password = data.getParameters().getString(CGI_PASSWORD, "");
82  
83          if (StringUtils.isEmpty(username))
84          {
85              return;
86          }
87  
88          try
89          {
90              // Authenticate the user and get the object.
91              User user = TurbineSecurity.getAuthenticatedUser(
92                      username, password);
93  
94              // Store the user object.
95              data.setUser(user);
96  
97              // Mark the user as being logged in.
98              user.setHasLoggedIn(Boolean.TRUE);
99  
100             // Set the last_login date in the database.
101             user.updateLastLogin();
102 
103             // This only happens if the user is valid; otherwise, we
104             // will get a valueBound in the User object when we don't
105             // want to because the username is not set yet.  Save the
106             // User object into the session.
107             data.save();
108 
109             /*
110              * If the setPage("template.vm") method has not
111              * been used in the template to authenticate the
112              * user (usually Login.vm), then the user will
113              * be forwarded to the template that is specified
114              * by the "template.home" property as listed in
115              * TR.props for the webapp.
116              */
117 
118         }
119         catch (Exception e)
120         {
121             Configuration conf = Turbine.getConfiguration();
122 
123             if (e instanceof DataBackendException)
124             {
125                 log.error(e);
126             }
127 
128             // Set Error Message and clean out the user.
129             data.setMessage(conf.getString(TurbineConstants.LOGIN_ERROR, ""));
130             data.setUser (TurbineSecurity.getAnonymousUser());
131 
132             String loginTemplate = conf.getString(
133                     TurbineConstants.TEMPLATE_LOGIN);
134 
135             if (StringUtils.isNotEmpty(loginTemplate))
136             {
137                 // We're running in a templating solution
138                 data.setScreenTemplate(loginTemplate);
139             }
140             else
141             {
142                 data.setScreen(conf.getString(TurbineConstants.SCREEN_LOGIN));
143             }
144         }
145     }
146 
147 
148     /**
149      * Updates the user's LastLogin timestamp, sets their state to
150      * "logged in" and calls RunData.setUser() .  If the user cannot
151      * be authenticated (database error?) the user is assigned
152      * anonymous status and, if tr.props contains a TEMPLATE_LOGIN,
153      * the screenTemplate is set to this, otherwise the screen is set
154      * to SCREEN_LOGIN
155      *
156      * @param     pipelineData Turbine information.
157      * @exception TurbineSecurityException could not get instance of the
158      *            anonymous user
159      */
160     @Override
161     public void doPerform(PipelineData pipelineData)
162             throws TurbineSecurityException
163     {
164         RunData data = getRunData(pipelineData);
165         doPerform(data);
166     }
167 
168 }