001: /*
002: * File : $Source: /usr/local/cvs/opencms/src/org/opencms/workplace/CmsLoginHelper.java,v $
003: * Date : $Date: 2008-02-27 12:05:45 $
004: * Version: $Revision: 1.2 $
005: *
006: * This library is part of OpenCms -
007: * the Open Source Content Management System
008: *
009: * Copyright (c) 2002 - 2008 Alkacon Software GmbH (http://www.alkacon.com)
010: *
011: * This library is free software; you can redistribute it and/or
012: * modify it under the terms of the GNU Lesser General Public
013: * License as published by the Free Software Foundation; either
014: * version 2.1 of the License, or (at your option) any later version.
015: *
016: * This library is distributed in the hope that it will be useful,
017: * but WITHOUT ANY WARRANTY; without even the implied warranty of
018: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019: * Lesser General Public License for more details.
020: *
021: * For further information about Alkacon Software GmbH, please see the
022: * company website: http://www.alkacon.com
023: *
024: * For further information about OpenCms, please see the
025: * project website: http://www.opencms.org
026: *
027: * You should have received a copy of the GNU Lesser General Public
028: * License along with this library; if not, write to the Free Software
029: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
030: */
031:
032: package org.opencms.workplace;
033:
034: import org.opencms.db.CmsUserSettings;
035: import org.opencms.file.CmsProject;
036: import org.opencms.i18n.CmsEncoder;
037: import org.opencms.main.CmsException;
038: import org.opencms.main.OpenCms;
039: import org.opencms.security.CmsRole;
040: import org.opencms.security.CmsSecurityException;
041: import org.opencms.site.CmsSite;
042: import org.opencms.util.CmsStringUtil;
043:
044: import java.util.Iterator;
045:
046: import javax.servlet.http.HttpServletRequest;
047: import javax.servlet.http.HttpServletResponse;
048: import javax.servlet.http.HttpSession;
049: import javax.servlet.jsp.PageContext;
050:
051: /**
052: * Handles front-end login of users to the OpenCms workplace into the given site and project.<p>
053: *
054: * @author Michael Moossen
055: *
056: * @version $Revision: 1.2 $
057: *
058: * @since 7.0.3
059: */
060: public class CmsLoginHelper extends CmsWorkplace {
061:
062: private CmsException m_loginException;
063:
064: /**
065: * Public constructor with JSP variables.<p>
066: *
067: * @param context the JSP page context
068: * @param req the JSP request
069: * @param res the JSP response
070: */
071: public CmsLoginHelper(PageContext context, HttpServletRequest req,
072: HttpServletResponse res) {
073:
074: super (context, req, res);
075: }
076:
077: /**
078: * Returns the loginException.<p>
079: *
080: * @return the loginException
081: */
082: public CmsException getLoginException() {
083:
084: return m_loginException;
085: }
086:
087: /**
088: * Returns the formatted stack trace.<p>
089: *
090: * @return the formatted stack trace
091: */
092: public String getStacktrace() {
093:
094: String stacktrace = CmsException
095: .getStackTraceAsString(getLoginException());
096: stacktrace = CmsEncoder.escapeXml(stacktrace);
097: return stacktrace;
098: }
099:
100: /**
101: * Logs the user into the given project and site.<p>
102: *
103: * Check the {@link #getLoginException()} for the error message.<p>
104: *
105: * @param userName the user name
106: * @param password the password
107: * @param projectName the optional project name, if <code>null</code> the default project is used
108: * @param siteRoot the site of the resource, if <code>null</code> the default site is used
109: * @param resourceName the resource to display
110: *
111: * @return <code>true</code> if the login has been successful
112: */
113: public boolean login(String userName, String password,
114: String projectName, String siteRoot, String resourceName) {
115:
116: if (getCms().getRequestContext().currentUser().isGuestUser()) {
117: if (CmsStringUtil.isEmptyOrWhitespaceOnly(userName)
118: || CmsStringUtil.isEmptyOrWhitespaceOnly(password)) {
119: return false;
120: }
121: // login the user
122: try {
123: getCms()
124: .loginUser(
125: userName,
126: password,
127: getCms().getRequestContext()
128: .getRemoteAddress());
129: } catch (CmsException e) {
130: m_loginException = e;
131: return false;
132: }
133: }
134:
135: // the user is logged in
136: CmsUserSettings userSettings = new CmsUserSettings(getCms());
137: // set the project
138: try {
139: if (CmsStringUtil.isEmptyOrWhitespaceOnly(projectName)) {
140: // use the default project of the user
141: projectName = userSettings.getStartProject();
142: }
143: // read the project
144: CmsProject project = getCms().readProject(projectName);
145: if (getCms().getAllAccessibleProjects().contains(project)) {
146: // user has access to the project, set this as current project
147: getCms().getRequestContext().setCurrentProject(project);
148: } else {
149: throw new CmsSecurityException(Messages.get()
150: .container(
151: Messages.ERR_PROJECT_NOT_ACCESSIBLE_2,
152: userName, projectName));
153: }
154: } catch (CmsException e) {
155: m_loginException = e;
156: }
157:
158: if (m_loginException == null) {
159: // set the site
160: try {
161: if (CmsStringUtil.isEmptyOrWhitespaceOnly(siteRoot)) {
162: // set the default site root of the user
163: siteRoot = userSettings.getStartSite();
164: }
165: // set the site root if accessible
166: String oldSite = getCms().getRequestContext()
167: .getSiteRoot();
168: try {
169: getCms().getRequestContext().setSiteRoot("");
170: getCms().readResource(siteRoot);
171: } finally {
172: getCms().getRequestContext().setSiteRoot(oldSite);
173: }
174: boolean hasAccess = false;
175: CmsSite site = OpenCms.getSiteManager()
176: .getSiteForSiteRoot(siteRoot);
177: Iterator accessibles = OpenCms.getSiteManager()
178: .getAvailableSites(getCms(), false).iterator();
179: while (accessibles.hasNext() && !hasAccess
180: && (site != null)) {
181: CmsSite accessible = (CmsSite) accessibles.next();
182: if (accessible.getSiteRoot().equals(
183: site.getSiteRoot())) {
184: hasAccess = true;
185: }
186: }
187: if (hasAccess) {
188: // user has access to the site, set this as current site
189: getCms().getRequestContext().setSiteRoot(siteRoot);
190: } else {
191: throw new CmsSecurityException(Messages.get()
192: .container(
193: Messages.ERR_SITE_NOT_ACCESSIBLE_2,
194: userName, siteRoot));
195: }
196: } catch (CmsException e) {
197: m_loginException = e;
198: }
199: }
200:
201: // try to read the resource to display
202: try {
203: getCms().readResource(resourceName);
204: } catch (CmsException e) {
205: m_loginException = e;
206: }
207:
208: if (m_loginException != null) {
209: // if an error occurred during login, invalidate the session
210: HttpSession session = getJsp().getRequest().getSession(
211: false);
212: if (session != null) {
213: session.invalidate();
214: }
215: return false;
216: }
217:
218: // only for workplace users, so that direct edit works
219: if (OpenCms.getRoleManager().hasRole(getCms(),
220: CmsRole.WORKPLACE_USER)) {
221: // get / create the workplace settings
222: CmsWorkplaceSettings wpSettings = getSettings();
223: if (wpSettings == null) {
224: // create the settings object
225: wpSettings = new CmsWorkplaceSettings();
226: wpSettings = initWorkplaceSettings(getCms(),
227: wpSettings, false);
228: }
229: // set the settings for the workplace
230: wpSettings.setSite(getCms().getRequestContext()
231: .getSiteRoot());
232: wpSettings.setProject(getCms().getRequestContext()
233: .currentProject().getUuid());
234: wpSettings.setUser(getCms().getRequestContext()
235: .currentUser());
236: HttpSession session = getJsp().getRequest()
237: .getSession(true);
238: storeSettings(session, wpSettings);
239: }
240:
241: return true;
242: }
243:
244: /**
245: * @see org.opencms.workplace.CmsWorkplace#checkRole()
246: */
247: protected void checkRole() {
248:
249: // do not check
250: }
251:
252: /**
253: * @see org.opencms.workplace.CmsWorkplace#initWorkplaceRequestValues(org.opencms.workplace.CmsWorkplaceSettings, javax.servlet.http.HttpServletRequest)
254: */
255: protected void initWorkplaceRequestValues(
256: CmsWorkplaceSettings settings, HttpServletRequest request) {
257:
258: // empty
259: }
260: }
|