001: /*
002: * Copyright (C) 2006 Methodhead Software LLC. All rights reserved.
003: *
004: * This file is part of TransferCM.
005: *
006: * TransferCM is free software; you can redistribute it and/or modify it under the
007: * terms of the GNU General Public License as published by the Free Software
008: * Foundation; either version 2 of the License, or (at your option) any later
009: * version.
010: *
011: * TransferCM is distributed in the hope that it will be useful, but WITHOUT ANY
012: * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
013: * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
014: * details.
015: *
016: * You should have received a copy of the GNU General Public License along with
017: * TransferCM; if not, write to the Free Software Foundation, Inc., 51 Franklin St,
018: * Fifth Floor, Boston, MA 02110-1301 USA
019: */
020:
021: package com.methodhead.transfer;
022:
023: import org.apache.struts.action.Action;
024: import org.apache.struts.action.ActionMapping;
025: import org.apache.struts.action.ActionForm;
026: import org.apache.struts.action.ActionForward;
027:
028: import javax.servlet.http.HttpServletRequest;
029: import javax.servlet.http.HttpServletResponse;
030: import javax.servlet.http.Cookie;
031:
032: import com.methodhead.aikp.IntKey;
033: import com.methodhead.auth.AuthPolicy;
034: import com.methodhead.util.OperationContext;
035: import com.methodhead.sitecontext.SiteContext;
036: import com.methodhead.auth.AuthUtil;
037: import com.methodhead.shim.Link;
038: import com.methodhead.shim.SiteMap;
039: import org.apache.commons.lang.StringUtils;
040: import org.apache.log4j.Logger;
041:
042: import com.methodhead.reg.User;
043: import com.methodhead.reg.User;
044: import com.methodhead.shim.ShimUtils;
045: import com.methodhead.util.StrutsUtil;
046:
047: public class LoginAction extends com.methodhead.auth.LoginAction {
048:
049: // constructors /////////////////////////////////////////////////////////////
050:
051: // constants ////////////////////////////////////////////////////////////////
052:
053: // classes //////////////////////////////////////////////////////////////////
054:
055: // methods //////////////////////////////////////////////////////////////////
056:
057: /**
058: * Overrides default behavior to initialize form.site based on current host
059: * name.
060: */
061: protected ActionForward doLoginForm(OperationContext op,
062: AuthPolicy policy) throws Exception {
063:
064: ActionForward forward = super .doLoginForm(op, policy);
065: op.form.set("site", op.request.getServerName());
066: return forward;
067: }
068:
069: /**
070: * Extends default implementation to set up site context if site has been
071: * specified (assuming user is authorized to access that site) (not unit
072: * tested).
073: */
074: protected ActionForward doLogin(OperationContext op,
075: AuthPolicy policy) throws Exception {
076:
077: //
078: // log in as normal
079: //
080: ActionForward forward = super .doLogin(op, policy);
081:
082: //
083: // successful login?
084: //
085: User user = (User) AuthUtil.getUser(op.request);
086:
087: if (user != null) {
088:
089: //
090: // has a site been specified?
091: //
092: String site = (String) op.form.get("site");
093:
094: if (StringUtils.isBlank(site)) {
095:
096: //
097: // only system-administrators can login without specifying a site
098: //
099: if (!user.hasRole(SiteContext.getDefaultContext(),
100: DefaultTransferPolicy.ROLE_SYSADMIN)) {
101:
102: if (logger_.isDebugEnabled()) {
103: logger_
104: .debug("Cancelling login; only sysadmins can login without specifying a site");
105: }
106:
107: AuthUtil.setUser(op.request, null);
108:
109: StrutsUtil.addError(op.request, null,
110: "loginform.invalidlogin", null, null, null);
111:
112: return new ActionForward(op.mapping.getInput());
113: }
114: } else {
115:
116: //
117: // attempt to load a site context
118: //
119: SiteContext context = new SiteContext();
120:
121: String path = "";
122: if (site.indexOf("/") != -1) {
123: String[] strings = site.split("/");
124: if (strings.length == 2) {
125: site = strings[0];
126: path = strings[1];
127: }
128: }
129:
130: //
131: // try to load the context
132: //
133: if (context.loadForDomainAndPath(site, path)) {
134:
135: //
136: // make sure the user is either a sysadmin or associated with this
137: // context
138: //
139: if (user.hasRole(SiteContext.getDefaultContext(),
140: DefaultTransferPolicy.ROLE_SYSADMIN)
141: || user
142: .hasRole(
143: context,
144: DefaultTransferPolicy.ROLE_SITEADMIN)
145: || user
146: .hasRole(
147: context,
148: DefaultTransferPolicy.ROLE_WEBMASTER)) {
149:
150: if (logger_.isDebugEnabled()) {
151: logger_.debug("User authorized for site \""
152: + context + "\"");
153: }
154:
155: //
156: // set the site cookie; this is used in cookie-based logins
157: //
158: Cookie cookie = new Cookie("siteid", ""
159: + context.getInt("id"));
160:
161: cookie.setMaxAge(365 * 24 * 60 * 60); // one year
162:
163: if (logger_.isDebugEnabled()) {
164: logger_
165: .debug("Setting siteid cookie with value \""
166: + cookie.getValue() + "\"");
167: }
168:
169: op.response.addCookie(cookie);
170:
171: if (logger_.isDebugEnabled()) {
172: logger_
173: .debug("Setting up the shim session");
174: }
175:
176: //
177: // set up the session
178: //
179: ShimUtils.setUpShimSession(op.request, context);
180: } else {
181:
182: if (logger_.isDebugEnabled()) {
183: logger_
184: .debug("User not authorized for site \""
185: + context + "\"");
186: }
187:
188: AuthUtil.setUser(op.request, null);
189:
190: StrutsUtil.addError(op.request, null,
191: "loginform.invalidlogin", null, null,
192: null);
193:
194: return new ActionForward(op.mapping.getInput());
195: }
196: } else {
197:
198: if (logger_.isDebugEnabled()) {
199: logger_.debug("Couldn't load site \"" + site
200: + "\"");
201: }
202:
203: AuthUtil.setUser(op.request, null);
204:
205: //
206: // forward to input
207: //
208: StrutsUtil.addError(op.request, "site",
209: "transfer.login.unknownSite", site, null,
210: null);
211:
212: return new ActionForward(op.mapping.getInput());
213: }
214: }
215: }
216:
217: return forward;
218: }
219:
220: /**
221: * Extends default behaviour to remove Shim-related attributes from the
222: * session (not unit tested).
223: */
224: protected ActionForward doLogout(OperationContext op,
225: AuthPolicy policy) throws Exception {
226:
227: ActionForward forward = super .doLogout(op, policy);
228:
229: //
230: // can we redirect to the root page?
231: //
232: if (SiteContext.getContext(op.request) != null) {
233: SiteMap siteMap = ShimUtils.getSiteMap(op.request);
234: Link root = (Link) siteMap.getRoot();
235: if (root != null) {
236:
237: //
238: // construct a url to the home page of the site we're actually editing
239: //
240: SiteContext siteContext = SiteContext
241: .getContext(op.request);
242:
243: String siteContextPath = siteContext.getString("path");
244: if (!siteContextPath.equals("")) {
245: siteContextPath = "/" + siteContextPath;
246: }
247:
248: if ((op.request.getServerPort() == 80)
249: || (op.request.getServerPort() == 443)) {
250: forward = new ActionForward("http://"
251: + siteContext.getDomains().get(0)
252: + op.request.getContextPath()
253: + siteContextPath + "/"
254: + ShimUtils.getLinkUrl(root), true);
255: } else {
256: forward = new ActionForward("http://"
257: + siteContext.getDomains().get(0) + ":"
258: + op.request.getServerPort()
259: + op.request.getContextPath()
260: + siteContextPath + "/"
261: + ShimUtils.getLinkUrl(root), true);
262: }
263: }
264: }
265:
266: ShimUtils.tearDownShimSession(op.request);
267:
268: return forward;
269: }
270:
271: // properties ///////////////////////////////////////////////////////////////
272:
273: // attributes ///////////////////////////////////////////////////////////////
274:
275: private static Logger logger_ = Logger.getLogger(LoginAction.class);
276: }
|