1/*2 * Copyright 2000-2004 The Apache Software Foundation.3 * 4 * Licensed under the Apache License, Version 2.0 (the "License");5 * you may not use this file except in compliance with the License.6 * You may obtain a copy of the License at7 * 8 * http://www.apache.org/licenses/LICENSE-2.09 * 10 * Unless required by applicable law or agreed to in writing, software11 * distributed under the License is distributed on an "AS IS" BASIS,12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.13 * See the License for the specific language governing permissions and14 * limitations under the License.15 */1617packageorg.apache.jetspeed.modules.actions;
1819import java.util.Locale;
2021import org.apache.turbine.util.RunData;
22import org.apache.turbine.services.resources.TurbineResources;
23import org.apache.turbine.services.localization.LocalizationService;
24import org.apache.turbine.TurbineConstants;
2526import org.apache.jetspeed.om.security.JetspeedUser;
27import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
28import org.apache.jetspeed.services.logging.JetspeedLogger;
29import org.apache.jetspeed.services.JetspeedSecurity;
30import org.apache.jetspeed.services.security.LoginException;
31import org.apache.jetspeed.services.rundata.JetspeedRunData;
32import org.apache.jetspeed.services.resources.JetspeedResources;
33import org.apache.jetspeed.util.ServiceUtil;
34import org.apache.jetspeed.services.customlocalization.CustomLocalizationService;
353637/***38Just like org.apache.turbine.modules.actions.sessionvalidator.TemplateSessionValidator except:39<ul>40<li> it doesn't check the session_access_counter41<li> it doesn't require you to always logon42<li> expects a JetspeedRunData object and put there the additionnal jetspeed43 properties44</ul>4546@see org.apache.turbine.modules.actions.sessionvalidator.TemplateSessionValidator47@author <a href="mailto:ingo@raleigh.ibm.com">Ingo Schuster</a>48@author <a href="mailto:raphael@apache.org">Raphaël Luta</a>49@author <a href="mailto:sgala@apache.org">Santiago Gala</a>50@version $Id: JetspeedSessionValidator.java,v 1.27 2004/02/23 02:59:06 jford Exp $51*/52publicclassJetspeedSessionValidatorextendsTemplateSessionValidator53 {
545556/***57 * Static initialization of the logger for this class58 */59privatestaticfinalJetspeedLogger logger = JetspeedLogFactoryService.getLogger(JetspeedSessionValidator.class.getName());
6061/***62 * Execute the action.63 *64 * @param data Turbine information.65 * @exception Exception, a generic exception.66 */67publicvoid doPerform( RunData data ) throws Exception
68 {
69//first, invoke our superclass action to make sure 70//we follow Turbine evolutions71//FIXME: if the user is not found (this can happen, for instance,72// if the anonymous user is not in the DB), it throws a terrible exception73// in the user's face74try75 {
76super.doPerform(data);
77 }
78catch (Throwable other)
79 {
80 data.setScreenTemplate(JetspeedResources.getString(TurbineConstants.TEMPLATE_ERROR));
81 String message = other.getMessage() != null ? other.getMessage() : other.toString();
82 data.setMessage(message);
83 data.setStackTrace(org.apache.turbine.util.StringUtils.stackTrace(other), other);
84return;
85 }
8687JetspeedUser user = (JetspeedUser)data.getUser();
8889//if the user is not logged in and auto-login is enable - try and do it.90if ( ( user==null || !user.hasLoggedIn() ) && JetspeedResources.getBoolean("automatic.logon.enable", false) ) {
91// need to make sure there are cookies - turbine does not handle this currently92if ( data.getRequest().getCookies() != null )
93 {
94//check for user in cookie 95 String userName = data.getCookies().getString("username","");
96 String loginCookieValue = data.getCookies().getString("logincookie","");
9798if ( userName.length() > 0 && loginCookieValue.length() >0 )
99 {
100try {
101 user = JetspeedSecurity.getUser(userName);
102if (user.getPerm("logincookie","").equals(loginCookieValue)) {
103//cookie is present and correct - log the user in104 data.setUser(user);
105 user.setHasLoggedIn(new Boolean(true));
106 user.updateLastLogin();
107 data.save();
108 }
109 } catch (LoginException noSuchUser) {
110//user not found - ignore it - they will not be logged in automatically111 } catch (org.apache.jetspeed.services.security.UnknownUserException unknownUser) {
112//user not found - ignore it - they will not be logged in automatically113 logger.warn("Username from the cookie was not found: " + userName);
114 } catch (Exception other){
115 logger.error(other);
116 }
117 }
118 }
119 }
120121// now, define Jetspeed specific properties, using the customized122// RunData properties123JetspeedRunData jdata = null;
124125try126 {
127 jdata = (JetspeedRunData)data;
128 }
129catch (ClassCastException e)
130 {
131 logger.error("The RunData object does not implement the expected interface, "132 + "please verify the RunData factory settings", e);
133return;
134 }
135 String language = (String) data.getRequest().getParameter("js_language");
136137if (null != language)
138 {
139 user.setPerm("language", language);
140 }
141142// Get the locale store it in the user object143CustomLocalizationService locService = (CustomLocalizationService) ServiceUtil.getServiceByName(
144 LocalizationService.SERVICE_NAME);
145 Locale locale = locService.getLocale(data);
146147if (locale == null) {
148 locale = new Locale(
149 TurbineResources.getString("locale.default.language", "en"),
150 TurbineResources.getString("locale.default.country", "US"));
151 }
152153 data.getUser().setTemp("locale", locale);
154155// if a portlet is referenced in the parameters request, store it156// in the RunData object157 String paramPortlet = jdata.getParameters().getString("js_peid");
158if (paramPortlet != null && paramPortlet.length() > 0) {
159 jdata.setJs_peid(paramPortlet);
160 }
161162 }
163164/***165 */166publicboolean requiresNewSession( RunData data )
167 {
168return false;
169 }
170171 }