001: /*
002: * $Header: /export/home/cvsroot/MyPersonalizerRepository/MyPersonalizer/Subsystems/Portal/Sources/es/udc/mypersonalizer/portal/controller/session/SessionIdentifierCookieManagerSingleton.java,v 1.1.1.1 2004/03/25 12:08:39 fbellas Exp $
003: * $Revision: 1.1.1.1 $
004: * $Date: 2004/03/25 12:08:39 $
005: *
006: * =============================================================================
007: *
008: * Copyright (c) 2003, The MyPersonalizer Development Group
009: * (http://www.tic.udc.es/~fbellas/mypersonalizer/index.html) at
010: * University Of A Coruna
011: * All rights reserved.
012: *
013: * Redistribution and use in source and binary forms, with or without
014: * modification, are permitted provided that the following conditions are met:
015: *
016: * - Redistributions of source code must retain the above copyright notice,
017: * this list of conditions and the following disclaimer.
018: *
019: * - Redistributions in binary form must reproduce the above copyright notice,
020: * this list of conditions and the following disclaimer in the documentation
021: * and/or other materials provided with the distribution.
022: *
023: * - Neither the name of the University Of A Coruna nor the names of its
024: * contributors may be used to endorse or promote products derived from
025: * this software without specific prior written permission.
026: *
027: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
028: * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
029: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
030: * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
031: * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
032: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
033: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
034: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
035: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
036: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
037: * POSSIBILITY OF SUCH DAMAGE.
038: *
039: */
040:
041: package es.udc.mypersonalizer.portal.controller.session;
042:
043: import es.udc.mypersonalizer.kernel.log.Log;
044: import es.udc.mypersonalizer.kernel.log.LogManager;
045: import es.udc.mypersonalizer.kernel.log.LogNamingConventions;
046: import es.udc.mypersonalizer.kernel.util.exceptions.InternalErrorException;
047: import es.udc.mypersonalizer.portal.config.SessionCookieManagerConfig;
048: import es.udc.mypersonalizer.portal.config.PortalConfig;
049: import es.udc.mypersonalizer.portal.config.PortalConfigManager;
050: import es.udc.mypersonalizer.portal.model.types.user.SignInResult;
051: import javax.servlet.http.HttpServletRequest;
052: import javax.servlet.http.HttpServletResponse;
053:
054: /**
055: * This singleton class processes the session cookies that are stored
056: * in the user's browser and which enables the system to auto-sign in the
057: * users when they ask it by remembering their passwords and to reconstruct
058: * the users' sessions when they expire without annoying the users by making
059: * them sign in again.<p>
060: *
061: * This singleton class has no fixed implementation: it must be extended
062: * to establish the way in which cookies should be managed for each application.
063: *
064: * The specific implementation that has to be used must be specified in the
065: * configuration, which this class takes from {@link
066: * SessionCookieManagerConfig}.
067: *
068: * @author Daniel Fernandez
069: * @since 1.0
070: */
071: public abstract class SessionIdentifierCookieManagerSingleton {
072:
073: /**
074: * The singleton instance which represents the concrete implementation
075: * to be used for the SessionIdentifierCookieManagerSingleton
076: */
077: private static SessionIdentifierCookieManagerSingleton instance;
078:
079: /*
080: * Static block: loads the specific SessionIdentifierCookieManagerSingleton
081: * implementation to be used by reading the configuration parameters
082: */
083: static {
084:
085: try {
086: PortalConfig portalConfig = PortalConfigManager.getConfig();
087:
088: SessionCookieManagerConfig sessionCookieManagerConfig = portalConfig
089: .getPortalControllerConfig()
090: .getSessionCookieManagerConfig();
091:
092: String className = sessionCookieManagerConfig
093: .getClassName();
094: String cookieDomain = sessionCookieManagerConfig
095: .getCookieDomain();
096: String cookiePath = sessionCookieManagerConfig
097: .getCookiePath();
098: String persistentCookieMaxAgeDaysStr = sessionCookieManagerConfig
099: .getPersistentCookieMaxAgeDays();
100: int persistentCookieMaxAgeDays = (new Integer(
101: persistentCookieMaxAgeDaysStr)).intValue();
102:
103: Class singletonClass = Class.forName(className);
104: instance = (SessionIdentifierCookieManagerSingleton) singletonClass
105: .newInstance();
106:
107: instance.setCookieDomain(cookieDomain);
108: instance.setCookiePath(cookiePath);
109: instance
110: .setPersistentCookieMaxAgeDays(persistentCookieMaxAgeDays);
111:
112: } catch (Exception e) {
113:
114: Log mypersonalizerLog = LogManager
115: .getLog(LogNamingConventions.MYPERSONALIZER);
116: mypersonalizerLog
117: .write(
118: "Could not initialize configuration for "
119: + "SessionIdentifierCookieManagerSingleton",
120: e,
121: SessionIdentifierCookieManagerSingleton.class);
122:
123: }
124:
125: }
126:
127: /**
128: * Returns the specific instance of this singleton
129: *
130: * @return a SessionIdentifierCookieManagerSingleton with the instance to
131: * use
132: */
133: public static SessionIdentifierCookieManagerSingleton getInstance() {
134: return instance;
135: }
136:
137: /**
138: * Sets the domain for the session cookie.
139: *
140: * @param cookieDomain the new domain.
141: */
142: public abstract void setCookieDomain(String cookieDomain);
143:
144: /**
145: * Sets the path for the session cookie.
146: *
147: * @param cookiePath the new path.
148: */
149: public abstract void setCookiePath(String cookiePath);
150:
151: /**
152: * Sets the maximum age for the persistent session cookies.
153: *
154: * @param maxAgeDays the new maximum age.
155: */
156: public abstract void setPersistentCookieMaxAgeDays(int maxAgeDays);
157:
158: /**
159: * Checks the correctness of the information stored in the session cookie:
160: * it retrieves users login info from it and if they are correct
161: * the user becomes automatically logged in.<p>
162: *
163: * If everything is correct, this method returns a SignInResult
164: *
165: * @return a SignInResult if everything is correct, null if not.
166: * @param request the request
167: * @throws InternalErrorException if a fatal error ocurrs.
168: */
169: public abstract SignInResult validateAndLogin(
170: HttpServletRequest request) throws InternalErrorException;
171:
172: /**
173: * Adds to the request the cookie containing the session info needed by the
174: * system, usualy the user's login name and password
175: *
176: * @param request the request
177: * @param response the response
178: * @param loginName the user's login name, which will be stored in the
179: * cookie
180: * @param storedPassword the user's stored and encrypted password, which
181: * will also be stored in the cookie
182: * @param workspaceIdentifier the identifier of the workspace the user
183: * is currently in.
184: * @param rememberPassword whether the cookie must be configured as
185: * "persistent" or not
186: */
187: public abstract void addCookie(HttpServletRequest request,
188: HttpServletResponse response, String loginName,
189: String storedPassword, Long workspaceIdentifier,
190: boolean rememberPassword);
191:
192: /**
193: * Removes the session cookie from the browser
194: *
195: * @param request the request
196: * @param response the response
197: */
198: public abstract void removeCookie(HttpServletRequest request,
199: HttpServletResponse response);
200:
201: /**
202: * Re-creates the session cookie when the password contained in it changes.
203: *
204: * @param request the request
205: * @param response the response
206: * @param loginName the user's login name
207: * @param storedPassword the user's encrypted password
208: */
209: public abstract void updateCookiePassword(
210: HttpServletRequest request, HttpServletResponse response,
211: String loginName, String storedPassword);
212:
213: /**
214: * Re-creates the session cookie when the workspace identifier contained
215: * in it changes.
216: *
217: * @param request the request
218: * @param response the response
219: * @param loginName the user's login name
220: * @param workspaceIdentifier the new workspace identifier
221: */
222: public abstract void updateCookieWorkspace(
223: HttpServletRequest request, HttpServletResponse response,
224: String loginName, Long workspaceIdentifier);
225:
226: }
|