Author: ssenrogn
Date: 2007-08-22 10:09:28 +0200 (Wed, 22 Aug 2007)
New Revision: 5653
Modified:
branches/2.15-personalization/war/src/main/java/no/sesat/search/http/filters/UserFilter.java
Log:
Some refactoring, handles change of user.
Modified:
branches/2.15-personalization/war/src/main/java/no/sesat/search/http/filters/UserFilter.java
===================================================================
---
branches/2.15-personalization/war/src/main/java/no/sesat/search/http/filters/UserFilter.java
2007-08-21 20:50:04 UTC (rev 5652)
+++
branches/2.15-personalization/war/src/main/java/no/sesat/search/http/filters/UserFilter.java
2007-08-22 08:09:28 UTC (rev 5653)
@@ -91,6 +91,8 @@
/**
* Init method for this filter.
+ *
+ * @param filterConfig the filter configuration
*/
public void init(final FilterConfig filterConfig) {
}
@@ -109,9 +111,9 @@
*/
private static void performAutomaticLogin(final HttpServletRequest
request, final HttpServletResponse response) {
final HttpSession session = request.getSession();
- final DataModel datamodel = (DataModel)
session.getAttribute(DataModel.KEY);
+ final DataModel dataModel = (DataModel)
session.getAttribute(DataModel.KEY);
- final BasicUserService userService = getBasicUserService(datamodel);
+ final BasicUserService userService = getBasicUserService(dataModel);
if (userService == null) {
LOG.warn("Couldn't find the user service.");
@@ -120,71 +122,102 @@
final String loginKey = UserCookieUtil.getUserLoginCookie(request);
final Date updateTimestamp =
UserCookieUtil.getUserUpdateCookie(request);
+ final boolean isLegalLoginKey = userService.isLegalLoginKey(loginKey);
- BasicUser user = datamodel.getUser().getUser();
+ final BasicUser user = dataModel.getUser().getUser();
- if (user == null && userService.isLegalLoginKey(loginKey)) {
+ if (user == null && isLegalLoginKey) {
// Login if no user and a legal login key.
- LOG.info("Login key found, logs user in: " + loginKey);
- user = loginUsingCookie(loginKey, response, userService);
- datamodel.getUser().setUser(user);
- } else if (user != null && !userService.isLegalLoginKey(loginKey)) {
- // Check if the user should be logged out.
- LOG.info("No legal login key found, logs the user out: " +
user.getUsername());
- datamodel.getUser().setUser(null);
- } else if (user != null && user.isDirty(updateTimestamp)) {
- // Check if the user object is dirty, refresh if needed.
- LOG.info("Logged in user dirty, refreshes: " + user.getUsername());
- user = userService.refreshUser(user);
- datamodel.getUser().setUser(user);
+ loginUsingCookie(loginKey, dataModel, userService, response);
+ } else if (user != null && !isLegalLoginKey) {
+ // Check if the user should be logged out, no login key anymore.
+ resetSession(dataModel);
+ } else if (user != null && isLegalLoginKey) {
+ if (!isLoginKeyLegalForUser(loginKey, user)) {
+ // Check if the logged in user is the one found in the login
key
+ resetSession(dataModel);
+ loginUsingCookie(loginKey, dataModel, userService, response);
+ } else if (user.isDirty(updateTimestamp)) {
+ // Check if the user object is dirty, refresh if needed.
+ LOG.info("Logged in user dirty, refreshes: " +
user.getUsername());
+ dataModel.getUser().setUser(userService.refreshUser(user));
+ }
}
}
/**
- * Place a cookie into the response so any subsequent requests can trust
that cookies are enabled.
+ * Initializing the personalization session from the login key.
*
- * @param request The servlet request we are processing
- * @param response The servlet response for the request
+ * @param loginKey the login key used for login
+ * @param dataModel the data model
+ * @param userService the user service
+ * @param response the request response
*/
- private static void initialiseUserCookie(final HttpServletRequest request,
final HttpServletResponse response) {
- final String loginCookie = UserCookieUtil.getUserLoginCookie(request);
+ private static void loginUsingCookie(final String loginKey, final
DataModel dataModel,
+ final BasicUserService userService, final HttpServletResponse
response) {
+ LOG.info("Log user in with login key: " + loginKey);
- if (loginCookie == null) {
- // The user is not logged in
- // Place the cookie, so we can test cookies are enabled
- UserCookieUtil.setUserLoginCookieDefault(response);
- }
- }
-
- private static BasicUser loginUsingCookie(final String loginKey, final
HttpServletResponse response,
- final BasicUserService userService) {
- BasicUser user;
-
try {
- user = userService.authenticateByLoginKey(loginKey);
+ final BasicUser user =
userService.authenticateByLoginKey(loginKey);
if (user != null) {
+ dataModel.getUser().setUser(user);
// Updates the login cookie.
UserCookieUtil.setUserLoginCookie(response,
user.getNextLoginKey());
}
} catch (final InvalidTokenException e) {
// TODO: Give message to user?
LOG.warn("Invalid token in login key:" + loginKey);
- user = null;
UserCookieUtil.setUserLoginCookieDefault(response);
}
+ }
- return user;
+ /**
+ * Method used to reset a session totally.
+ *
+ * @param dataModel the datamodel
+ */
+ private static void resetSession(final DataModel dataModel) {
+ LOG.info("Reset session (logout) for: " +
dataModel.getUser().getUser().getUsername());
+ dataModel.getUser().setUser(null);
}
- private static BasicUserService getBasicUserService(final DataModel
datamodel) {
+ /**
+ * Place a cookie into the response so any subsequent requests can trust
that cookies are enabled.
+ *
+ * @param request The servlet request we are processing
+ * @param response The servlet response for the request
+ */
+ private static void initialiseUserCookie(final HttpServletRequest request,
final HttpServletResponse response) {
+ final String loginKey = UserCookieUtil.getUserLoginCookie(request);
+
+ if (loginKey == null) {
+ // The user is not logged in.
+ // Place the cookie, so we can test that cookies are enabled.
+ UserCookieUtil.setUserLoginCookieDefault(response);
+ }
+ }
+
+ private static boolean isLoginKeyLegalForUser(final String loginKey, final
BasicUser user) {
+ // The user id in the login key must be the same as in the user object.
+ return user.getUserId().toString().equals(
+ loginKey.substring(0,
loginKey.indexOf(BasicUserService.LOGIN_KEY_SEPARATOR)));
+ }
+
+ /**
+ * Return the basic user service used for personalization.
+ *
+ * @param dataModel the data model
+ * @return the user service
+ */
+ private static BasicUserService getBasicUserService(final DataModel
dataModel) {
// lookup the ejb3-client service
- final SiteConfiguration siteConf =
datamodel.getSite().getSiteConfiguration();
+ final SiteConfiguration siteConf =
dataModel.getSite().getSiteConfiguration();
final String url =
siteConf.getProperty("schibstedsok_remote_service_url");
final String jndi = siteConf.getProperty("user_service_jndi_name");
- LOG.info("Url: " + url);
- LOG.info("JNDI_NAME: " + jndi);
+ LOG.debug("Url: " + url);
+ LOG.debug("JndiName: " + jndi);
final Properties properties = new Properties();
properties.put("java.naming.factory.initial",
"org.jnp.interfaces.NamingContextFactory");
_______________________________________________
Kernel-commits mailing list
[email protected]
http://sesat.no/mailman/listinfo/kernel-commits
