View Javadoc

1   package it.unseen.simplesso.web;
2   
3   
4   import it.unseen.simplesso.filter.SecurityFilter;
5   
6   import java.io.IOException;
7   
8   import javax.servlet.ServletException;
9   import javax.servlet.http.Cookie;
10  import javax.servlet.http.HttpServlet;
11  import javax.servlet.http.HttpServletRequest;
12  import javax.servlet.http.HttpServletResponse;
13  import javax.servlet.http.HttpSession;
14  
15  import org.apache.commons.logging.Log;
16  import org.apache.commons.logging.LogFactory;
17  
18  /**
19   * Login servlet for central SSO server.
20   * 
21   * @author Sergio Moretto
22   */
23  public class LoginServlet extends HttpServlet {
24      public static final String USER_ATTRIBUTE = "user";
25  
26      private static final Log log = LogFactory.getLog(LoginServlet.class);
27  
28      private static final String URL_PARAM = "url";
29      private static final String USERNAME_PARAM = "username";
30      private static final String PASSWORD_PARAM = "password";
31  
32      private static final String LOGIN_PATH = "/login.jsp";
33      private static final String ERROR_PATH = "/error.jsp";
34  
35      /**
36       * xxx.
37       * 
38       * @param request
39       * @param response
40       * @throws javax.servlet.ServletException
41       * @throws java.io.IOException
42       */
43      @Override
44      protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
45          String url = request.getParameter(URL_PARAM);
46  
47          if ((url == null) || (url.length() == 0)) {
48              log.error("incorrect url parameter");
49              request.getRequestDispatcher(ERROR_PATH).forward(request, response);
50              return;
51          }
52  
53          request.setAttribute("url", url);
54          request.getRequestDispatcher(LOGIN_PATH).forward(request, response);
55      }
56  
57      /**
58       * xxx.
59       * 
60       * @param request
61       * @param response
62       * @throws javax.servlet.ServletException
63       * @throws java.io.IOException
64       */
65      @Override
66      protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
67          String url = request.getParameter(URL_PARAM);
68          String username = request.getParameter(USERNAME_PARAM);
69          String password = request.getParameter(PASSWORD_PARAM);
70          HttpSession session = request.getSession();
71          String sessionId = session.getId();
72  
73          if ((url == null) || (url.length() == 0)) {
74              log.error("incorrect url parameter");
75              request.getRequestDispatcher(ERROR_PATH).forward(request, response);
76              return;
77          }
78          
79          try {
80              if ("sergio".equals(password)) {
81                  session.setAttribute(USER_ATTRIBUTE, username);
82                  Cookie ssoCookie = new Cookie(SecurityFilter.SSO_COOKIE_NAME, sessionId);
83                  ssoCookie.setPath("/");
84                  response.addCookie(ssoCookie);
85                  response.sendRedirect(response.encodeRedirectURL(url));
86              } else {
87                  // TODO(srg) invalid password
88                  request.getRequestDispatcher(ERROR_PATH).forward(request, response);
89              }
90          } catch (Exception ex) {
91              //TODO(srg) exception
92              request.getRequestDispatcher(ERROR_PATH).forward(request, response);
93          }
94      }
95  }