As much of what's in the Turbine servlet as possible belongs in the
Pipeline.
[EMAIL PROTECTED] writes:
> henning 2003/02/27 09:37:34
>
> Modified: src/java/org/apache/turbine Turbine.java
> Log:
> Factored out the Login and Logout code which should be run before the
> Session Validator. I now start to understand where the whole pipeline
> idea came from, as this shouldn't really be here but in a sort of
> listener which should be registered with the Turbine servlet at
> startup time.
>
> Revision Changes Path
> 1.29 +72 -31 jakarta-turbine-2/src/java/org/apache/turbine/Turbine.java
>
> Index: Turbine.java
> ===================================================================
> RCS file: /home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/Turbine.java,v
> retrieving revision 1.28
> retrieving revision 1.29
> diff -u -r1.28 -r1.29
> --- Turbine.java 27 Feb 2003 15:40:00 -0000 1.28
> +++ Turbine.java 27 Feb 2003 17:37:34 -0000 1.29
> @@ -677,38 +677,22 @@
> // even login, or to ensure that the session validator gets to
> // mandate its page selection policy for non-logged in users
> // after the logout has taken place.
> - if (data.hasAction()
> - && data.getAction().equalsIgnoreCase(configuration
> - .getString("action.login"))
> - || data.getAction().equalsIgnoreCase(configuration
> - .getString("action.logout")))
> - {
> - // If a User is logging in, we should refresh the
> - // session here. Invalidating session and starting a
> - // new session would seem to be a good method, but I
> - // (JDM) could not get this to work well (it always
> - // required the user to login twice). Maybe related
> - // to JServ? If we do not clear out the session, it
> - // is possible a new User may accidently (if they
> - // login incorrectly) continue on with information
> - // associated with the previous User. Currently the
> - // only keys stored in the session are "turbine.user"
> - // and "turbine.acl".
> - if (data.getAction()
> - .equalsIgnoreCase(configuration.getString(ACTION_LOGIN_KEY,
> -
> ACTION_LOGIN_DEFAULT)))
> + if (data.hasAction())
> + {
> + String action = data.getAction();
> +
> + if (action.equalsIgnoreCase(
> + configuration.getString(ACTION_LOGIN_KEY,
> + ACTION_LOGIN_DEFAULT)))
> {
> - String[] names = data.getSession().getValueNames();
> - if (names != null)
> - {
> - for (int i = 0; i < names.length; i++)
> - {
> - data.getSession().removeValue(names[i]);
> - }
> - }
> + loginAction(data);
> + }
> + else if (action.equalsIgnoreCase(
> + configuration.getString(ACTION_LOGOUT_KEY,
> + ACTION_LOGOUT_DEFAULT)))
> + {
> + logoutAction(data);
> }
> - ActionLoader.getInstance().exec(data, data.getAction());
> - data.setAction(null);
> }
>
> // This is where the validation of the Session information
> @@ -861,6 +845,63 @@
> throws IOException, ServletException
> {
> doGet(req, res);
> + }
> +
> + /**
> + * This method is executed if the configured Login action should be
> + * executed by Turbine.
> + *
> + * This Action must be performed before the Session validation or we
> + * get sent in an endless loop back to the Login screen before
> + * the action can be performed
> + *
> + * @param data a RunData object
> + *
> + * @throws Exception A problem while logging in occured.
> + */
> + private void loginAction(RunData data)
> + throws Exception
> + {
> + // If a User is logging in, we should refresh the
> + // session here. Invalidating session and starting a
> + // new session would seem to be a good method, but I
> + // (JDM) could not get this to work well (it always
> + // required the user to login twice). Maybe related
> + // to JServ? If we do not clear out the session, it
> + // is possible a new User may accidently (if they
> + // login incorrectly) continue on with information
> + // associated with the previous User. Currently the
> + // only keys stored in the session are "turbine.user"
> + // and "turbine.acl".
> +
> + String[] names = data.getSession().getValueNames();
> + if (names != null)
> + {
> + for (int i = 0; i < names.length; i++)
> + {
> + data.getSession().removeValue(names[i]);
> + }
> + }
> + ActionLoader.getInstance().exec(data, data.getAction());
> + data.setAction(null);
> + }
> +
> + /**
> + * This method is executed if the configured Logout action should be
> + * executed by Turbine.
> + *
> + * This Action must be performed before the Session validation for the
> + * session validator to send us back to the Login screen.
> + *
> + * @param data a RunData object
> + *
> + * @throws Exception A problem while logging out occured.
> + */
> + private void logoutAction(RunData data)
> + throws Exception
> + {
> + ActionLoader.getInstance().exec(data, data.getAction());
> + data.setAction(null);
> }
>
> /**
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
--
Daniel Rall <[EMAIL PROTECTED]>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
