%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.turbine.modules.actions.LoginUser |
|
|
1 | package org.apache.turbine.modules.actions; |
|
2 | ||
3 | /* |
|
4 | * Copyright 2001-2005 The Apache Software Foundation. |
|
5 | * |
|
6 | * Licensed under the Apache License, Version 2.0 (the "License") |
|
7 | * you may not use this file except in compliance with the License. |
|
8 | * You may obtain a copy of the License at |
|
9 | * |
|
10 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
11 | * |
|
12 | * Unless required by applicable law or agreed to in writing, software |
|
13 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
15 | * See the License for the specific language governing permissions and |
|
16 | * limitations under the License. |
|
17 | */ |
|
18 | ||
19 | import org.apache.commons.configuration.Configuration; |
|
20 | ||
21 | import org.apache.commons.lang.StringUtils; |
|
22 | ||
23 | import org.apache.commons.logging.Log; |
|
24 | import org.apache.commons.logging.LogFactory; |
|
25 | ||
26 | import org.apache.turbine.Turbine; |
|
27 | import org.apache.turbine.TurbineConstants; |
|
28 | import org.apache.turbine.modules.Action; |
|
29 | import org.apache.turbine.om.security.User; |
|
30 | import org.apache.turbine.services.security.TurbineSecurity; |
|
31 | import org.apache.turbine.util.RunData; |
|
32 | import org.apache.turbine.util.security.DataBackendException; |
|
33 | import org.apache.turbine.util.security.TurbineSecurityException; |
|
34 | ||
35 | /** |
|
36 | * This is where we authenticate the user logging into the system |
|
37 | * against a user in the database. If the user exists in the database |
|
38 | * that users last login time will be updated. |
|
39 | * |
|
40 | * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a> |
|
41 | * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a> |
|
42 | * @author <a href="mailto:quintonm@bellsouth.net">Quinton McCombs</a> |
|
43 | * @version $Id: LoginUser.java 264148 2005-08-29 14:21:04Z henning $ |
|
44 | */ |
|
45 | 0 | public class LoginUser |
46 | extends Action |
|
47 | { |
|
48 | /** CGI Parameter for the user name */ |
|
49 | public static final String CGI_USERNAME = "username"; |
|
50 | ||
51 | /** CGI Parameter for the password */ |
|
52 | public static final String CGI_PASSWORD = "password"; |
|
53 | ||
54 | /** Logging */ |
|
55 | 0 | private static Log log = LogFactory.getLog(LoginUser.class); |
56 | ||
57 | /** |
|
58 | * Updates the user's LastLogin timestamp, sets their state to |
|
59 | * "logged in" and calls RunData.setUser() . If the user cannot |
|
60 | * be authenticated (database error?) the user is assigned |
|
61 | * anonymous status and, if tr.props contains a TEMPLATE_LOGIN, |
|
62 | * the screenTemplate is set to this, otherwise the screen is set |
|
63 | * to SCREEN_LOGIN |
|
64 | * |
|
65 | * @param data Turbine information. |
|
66 | * @exception TurbineSecurityException could not get instance of the |
|
67 | * anonymous user |
|
68 | */ |
|
69 | public void doPerform(RunData data) |
|
70 | throws TurbineSecurityException |
|
71 | { |
|
72 | 0 | String username = data.getParameters().getString(CGI_USERNAME, ""); |
73 | 0 | String password = data.getParameters().getString(CGI_PASSWORD, ""); |
74 | ||
75 | 0 | if (StringUtils.isEmpty(username)) |
76 | { |
|
77 | 0 | return; |
78 | } |
|
79 | ||
80 | try |
|
81 | { |
|
82 | // Authenticate the user and get the object. |
|
83 | 0 | User user = TurbineSecurity.getAuthenticatedUser( |
84 | username, password); |
|
85 | ||
86 | // Store the user object. |
|
87 | 0 | data.setUser(user); |
88 | ||
89 | // Mark the user as being logged in. |
|
90 | 0 | user.setHasLoggedIn(Boolean.TRUE); |
91 | ||
92 | // Set the last_login date in the database. |
|
93 | 0 | user.updateLastLogin(); |
94 | ||
95 | // This only happens if the user is valid; otherwise, we |
|
96 | // will get a valueBound in the User object when we don't |
|
97 | // want to because the username is not set yet. Save the |
|
98 | // User object into the session. |
|
99 | 0 | data.save(); |
100 | ||
101 | /* |
|
102 | * If the setPage("template.vm") method has not |
|
103 | * been used in the template to authenticate the |
|
104 | * user (usually Login.vm), then the user will |
|
105 | * be forwarded to the template that is specified |
|
106 | * by the "template.home" property as listed in |
|
107 | * TR.props for the webapp. |
|
108 | */ |
|
109 | ||
110 | } |
|
111 | 0 | catch (Exception e) |
112 | { |
|
113 | 0 | Configuration conf = Turbine.getConfiguration(); |
114 | ||
115 | 0 | if (e instanceof DataBackendException) |
116 | { |
|
117 | 0 | log.error(e); |
118 | } |
|
119 | ||
120 | // Set Error Message and clean out the user. |
|
121 | 0 | data.setMessage(conf.getString(TurbineConstants.LOGIN_ERROR, "")); |
122 | 0 | data.setUser (TurbineSecurity.getAnonymousUser()); |
123 | ||
124 | 0 | String loginTemplate = conf.getString( |
125 | TurbineConstants.TEMPLATE_LOGIN); |
|
126 | ||
127 | 0 | if (StringUtils.isNotEmpty(loginTemplate)) |
128 | { |
|
129 | // We're running in a templating solution |
|
130 | 0 | data.setScreenTemplate(loginTemplate); |
131 | } |
|
132 | else |
|
133 | { |
|
134 | 0 | data.setScreen(conf.getString(TurbineConstants.SCREEN_LOGIN)); |
135 | } |
|
136 | 0 | } |
137 | 0 | } |
138 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |