tdraier 2005/04/12 15:39:52 CEST
Modified files:
core/src/java/org/jahia/engines/login Login_Engine.java
core/src/webapp/WEB-INF/etc/config auth-pipeline.xml
Added files:
core/src/java/org/jahia/params/valves
LoginEngineAuthValveImpl.java
Log:
moved login to auth pipeline
Revision Changes Path
1.6 +8 -75
jahia/core/src/java/org/jahia/engines/login/Login_Engine.java
http://jahia.mine.nu:8080/cgi-bin/cvsweb.cgi/jahia/core/src/java/org/jahia/engines/login/Login_Engine.java.diff?r1=1.5&r2=1.6&f=h
1.1 +124 -0
jahia/core/src/java/org/jahia/params/valves/LoginEngineAuthValveImpl.java (new)
http://jahia.mine.nu:8080/cgi-bin/cvsweb.cgi/jahia/core/src/java/org/jahia/params/valves/LoginEngineAuthValveImpl.java?rev=1.1&content-type=text/plain
1.2 +4 -1
jahia/core/src/webapp/WEB-INF/etc/config/auth-pipeline.xml
http://jahia.mine.nu:8080/cgi-bin/cvsweb.cgi/jahia/core/src/webapp/WEB-INF/etc/config/auth-pipeline.xml.diff?r1=1.1&r2=1.2&f=h
Index: Login_Engine.java
===================================================================
RCS file:
/home/cvs/repository/jahia/core/src/java/org/jahia/engines/login/Login_Engine.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Login_Engine.java 17 Aug 2004 16:28:22 -0000 1.5
+++ Login_Engine.java 12 Apr 2005 13:39:51 -0000 1.6
@@ -159,82 +159,14 @@
theScreen = "edit";
}
- boolean ok = false;
- JahiaUser theUser = null;
+ JahiaUser theUser = jParams.getUser();
- String username = jParams.getRequest ().getParameter ("username");
- String password = jParams.getRequest ().getParameter ("password");
-
- if ((username == null) || (password == null)) {
+ String res = (String)
jParams.getRequest().getAttribute("login_valve_result");
+ if (res == null) {
return;
- } else {
- if (theScreen.equals ("save")) {
- ServicesRegistry theRegistry = ServicesRegistry.getInstance
();
- if (theRegistry != null) {
- JahiaUserManagerService theService =
theRegistry.getJahiaUserManagerService ();
- if (theService != null) {
-
- // Check if the user has site access ( even though
it is not a user of this site )
- theUser = ServicesRegistry.getInstance ()
- .getJahiaSiteUserManagerService ()
- .getMember (jParams.getSiteID (), username);
- if (theUser != null) {
- if (theUser.verifyPassword (password)) {
- ok = true;
- } else {
- JahiaException je = new JahiaException
("Login error",
- "User " + username + " entered bad
password",
- JahiaException.SECURITY_ERROR,
- JahiaException.WARNING_SEVERITY);
- logger.error (
- "Couldn't validate password for user
" +
- theUser.getUserKey () +
- "!",
- je);
- }
- }
- }
- }
- }
}
-
- if (ok) {
- logger.debug ("User " + theUser.getUsername () + " logged in.");
- // jParams.invalidateSession(); // this is necessary to remove
references to old objects
- jParams.purgeSession ();
- jParams.setUser (theUser);
-
- String useCookie = jParams.getRequest ().getParameter
("useCookie");
- if ((useCookie != null) && ("on".equals(useCookie))) {
- // the user has indicated he wants to use cookie
authentification
- // now let's create a random identifier to store in the
cookie.
- SettingsBean settingsBean = Jahia.getSettings();
- String cookieUserKey = null;
- // now let's look for a free random cookie value key.
- while (cookieUserKey == null) {
- cookieUserKey =
JahiaString.generateRandomString(settingsBean.
- getCookieAuthIDLength());
- Properties searchCriterias = new Properties();
- searchCriterias.setProperty(settingsBean.
-
getCookieAuthUserPropertyName(),
- cookieUserKey);
- Set foundUsers = ServicesRegistry.getInstance().
-
getJahiaUserManagerService().searchUsers(
- jParams.getSiteID(), searchCriterias);
- if (foundUsers.size() > 0) {
- cookieUserKey = null;
- }
- }
- // let's save the identifier for the user in the database
-
theUser.setProperty(settingsBean.getCookieAuthUserPropertyName(),
cookieUserKey);
- // now let's save the same identifier in the cookie.
- Cookie authCookie = new
Cookie(settingsBean.getCookieAuthCookieName(), cookieUserKey);
- authCookie.setPath(jParams.getRequest().getContextPath());
-
authCookie.setMaxAge(settingsBean.getCookieAuthMaxAgeInSeconds());
- HttpServletResponse realResponse = jParams.getRealResponse();
- realResponse.addCookie(authCookie);
- }
-
+
+ if ("ok".equals(res)) {
String loginChoice = jParams.getRequest ().getParameter
("loginChoice");
boolean stayAtCurrentPage = (loginChoice != null &&
loginChoice.equals ("1"));
JahiaPage loginPage = null;
@@ -245,6 +177,7 @@
.lookupPage (jParams.getPageID (), jParams);
if (loginPage != null && !loginPage.checkReadAccess
(theUser)) {
+ String username = theUser.getUsername();
logger.debug (
"The user do not have read access to the
requested page ( other than GUEST ) !");
@@ -359,7 +292,7 @@
ContentPage contentPage =
ContentPage.getPage(user.getHomepageID());
if ( contentPage != null ){
- page = contentPage.getPage(jParams);
+ page =
contentPage.getPage((jParams!=null)?jParams.getEntryLoadRequest():null,
(jParams!=null)?jParams.getOperationMode():null,
(jParams!=null)?jParams.getUser():null);
}
if (page != null) {
//logger.debug("found user homepage " +
page.getTitle());
@@ -389,7 +322,7 @@
ContentPage contentPage =
ContentPage.getPage(grp.getHomepageID());
if ( contentPage != null ){
- page = contentPage.getPage(jParams);
+ page =
contentPage.getPage((jParams!=null)?jParams.getEntryLoadRequest():null,
(jParams!=null)?jParams.getOperationMode():null,
(jParams!=null)?jParams.getUser():null);
}
if (page != null) {
//logger.debug("found group homepage =" +
page.getTitle() );
Index: LoginEngineAuthValveImpl.java
====================================================================
package org.jahia.params.valves;
import org.jahia.pipelines.valves.Valve;
import org.jahia.pipelines.valves.ValveContext;
import org.jahia.pipelines.PipelineException;
import org.jahia.params.ParamBean;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.usermanager.JahiaUserManagerService;
import org.jahia.services.usermanager.JahiaUser;
import org.jahia.exceptions.JahiaException;
import org.jahia.settings.SettingsBean;
import org.jahia.bin.Jahia;
import org.jahia.utils.JahiaString;
import org.jahia.engines.login.Login_Engine;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import java.util.Properties;
import java.util.Set;
/**
* Created by IntelliJ IDEA.
* User: toto
* Date: 18 janv. 2005
* Time: 12:25:32
* To change this template use File | Settings | File Templates.
*/
public class LoginEngineAuthValveImpl implements Valve {
private static final org.apache.log4j.Logger logger =
org.apache.log4j.Logger.getLogger
(LoginEngineAuthValveImpl.class);
public void initialize() {
}
public void invoke(Object context, ValveContext valveContext) throws
PipelineException {
try {
ParamBean jParams = (ParamBean) context;
String theScreen = jParams.getRequest ().getParameter ("screen");
JahiaUser theUser = null;
boolean ok = false;
String username = jParams.getRequest ().getParameter ("username");
String password = jParams.getRequest ().getParameter ("password");
if (Login_Engine.ENGINE_NAME.equals(jParams.getEngine()) &&
"save".equals(theScreen)) {
if ((username != null) && (password != null)) {
ServicesRegistry theRegistry =
ServicesRegistry.getInstance ();
if (theRegistry != null) {
JahiaUserManagerService theService =
theRegistry.getJahiaUserManagerService ();
if (theService != null) {
// Check if the user has site access ( even
though it is not a user of this site )
theUser = ServicesRegistry.getInstance ()
.getJahiaSiteUserManagerService ()
.getMember (jParams.getSiteID (),
username);
if (theUser != null) {
if (theUser.verifyPassword (password)) {
ok = true;
} else {
JahiaException je = new JahiaException
("Login error",
"User " + username + " entered
bad password",
JahiaException.SECURITY_ERROR,
JahiaException.WARNING_SEVERITY);
logger.error (
"Couldn't validate password for
user " +
theUser.getUserKey () +
"!",
je);
jParams.getRequest().setAttribute("login_valve_result", "bad_password");
}
} else {
jParams.getRequest().setAttribute("login_valve_result", "unknown_user");
}
}
}
}
}
if (ok) {
logger.debug ("User " + theUser.getUsername () + " logged
in.");
jParams.getRequest().setAttribute("login_valve_result", "ok");
// jParams.invalidateSession(); // this is necessary to
remove references to old objects
jParams.purgeSession ();
jParams.setUser (theUser);
String useCookie = jParams.getRequest ().getParameter
("useCookie");
if ((useCookie != null) && ("on".equals(useCookie))) {
// the user has indicated he wants to use cookie
authentification
// now let's create a random identifier to store in the
cookie.
SettingsBean settingsBean = Jahia.getSettings();
String cookieUserKey = null;
// now let's look for a free random cookie value key.
while (cookieUserKey == null) {
cookieUserKey =
JahiaString.generateRandomString(settingsBean.
getCookieAuthIDLength());
Properties searchCriterias = new Properties();
searchCriterias.setProperty(settingsBean.
getCookieAuthUserPropertyName(),
cookieUserKey);
Set foundUsers = ServicesRegistry.getInstance().
getJahiaUserManagerService().searchUsers(
jParams.getSiteID(), searchCriterias);
if (foundUsers.size() > 0) {
cookieUserKey = null;
}
}
// let's save the identifier for the user in the database
theUser.setProperty(settingsBean.getCookieAuthUserPropertyName(),
cookieUserKey);
// now let's save the same identifier in the cookie.
Cookie authCookie = new
Cookie(settingsBean.getCookieAuthCookieName(), cookieUserKey);
authCookie.setPath(jParams.getRequest().getContextPath());
authCookie.setMaxAge(settingsBean.getCookieAuthMaxAgeInSeconds());
HttpServletResponse realResponse =
jParams.getRealResponse();
realResponse.addCookie(authCookie);
}
} else {
valveContext.invokeNext(context);
}
} catch (JahiaException e) {
throw new PipelineException(e);
}
}
}
Index: auth-pipeline.xml
===================================================================
RCS file:
/home/cvs/repository/jahia/core/src/webapp/WEB-INF/etc/config/auth-pipeline.xml,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- auth-pipeline.xml 28 May 2004 13:59:34 -0000 1.1
+++ auth-pipeline.xml 12 Apr 2005 13:39:52 -0000 1.2
@@ -17,10 +17,13 @@
<name>AuthPipeline</name>
<valveDescriptors>
<valveDescriptor>
+ <className>org.jahia.params.valves.LoginEngineAuthValveImpl</className>
+ </valveDescriptor>
+ <valveDescriptor>
<className>org.jahia.params.valves.SessionAuthValveImpl</className>
</valveDescriptor>
<valveDescriptor>
<className>org.jahia.params.valves.CookieAuthValveImpl</className>
</valveDescriptor>
</valveDescriptors>
-</pipelineDescriptor>
\ No newline at end of file
+</pipelineDescriptor>
