001: /*
002: * $Id: LogonAction.java 471754 2006-11-06 14:55:09Z husted $
003: *
004: * Licensed to the Apache Software Foundation (ASF) under one
005: * or more contributor license agreements. See the NOTICE file
006: * distributed with this work for additional information
007: * regarding copyright ownership. The ASF licenses this file
008: * to you under the Apache License, Version 2.0 (the
009: * "License"); you may not use this file except in compliance
010: * with the License. You may obtain a copy of the License at
011: *
012: * http://www.apache.org/licenses/LICENSE-2.0
013: *
014: * Unless required by applicable law or agreed to in writing,
015: * software distributed under the License is distributed on an
016: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017: * KIND, either express or implied. See the License for the
018: * specific language governing permissions and limitations
019: * under the License.
020: */
021:
022: package org.apache.struts.webapp.example;
023:
024: import javax.servlet.http.HttpServletRequest;
025: import javax.servlet.http.HttpSession;
026: import javax.servlet.http.HttpServletResponse;
027: import org.apache.commons.logging.Log;
028: import org.apache.commons.logging.LogFactory;
029: import org.apache.struts.action.Action;
030: import org.apache.struts.action.ActionMessage;
031: import org.apache.struts.action.ActionMessages;
032: import org.apache.struts.action.ActionForm;
033: import org.apache.struts.action.ActionForward;
034: import org.apache.struts.action.ActionMapping;
035:
036: import org.apache.struts.util.ModuleException;
037: import org.apache.commons.beanutils.PropertyUtils;
038:
039: /**
040: * Implementation of <strong>Action</strong> that validates a user logon.
041: *
042: * @author Craig R. McClanahan
043: * @version $Rev: 471754 $ $Date: 2006-11-06 08:55:09 -0600 (Mon, 06 Nov 2006) $
044: */
045:
046: public final class LogonAction extends Action {
047:
048: // ----------------------------------------------------- Instance Variables
049:
050: /**
051: * The <code>Log</code> instance for this application.
052: */
053: private Log log = LogFactory
054: .getLog("org.apache.struts.webapp.Example");
055:
056: // --------------------------------------------------------- Public Methods
057:
058: /**
059: * Process the specified HTTP request, and create the corresponding HTTP
060: * response (or forward to another web component that will create it).
061: * Return an <code>ActionForward</code> instance describing where and how
062: * control should be forwarded, or <code>null</code> if the response has
063: * already been completed.
064: *
065: * @param mapping The ActionMapping used to select this instance
066: * @param form The optional ActionForm bean for this request (if any)
067: * @param request The HTTP request we are processing
068: * @param response The HTTP response we are creating
069: *
070: * @exception Exception if business logic throws an exception
071: */
072: public ActionForward execute(ActionMapping mapping,
073: ActionForm form, HttpServletRequest request,
074: HttpServletResponse response) throws Exception {
075:
076: // Extract attributes we will need
077: User user = null;
078:
079: // Validate the request parameters specified by the user
080: ActionMessages errors = new ActionMessages();
081: String username = (String) PropertyUtils.getSimpleProperty(
082: form, "username");
083: String password = (String) PropertyUtils.getSimpleProperty(
084: form, "password");
085: UserDatabase database = (UserDatabase) servlet
086: .getServletContext().getAttribute(
087: Constants.DATABASE_KEY);
088: if (database == null)
089: errors.add(ActionMessages.GLOBAL_MESSAGE,
090: new ActionMessage("error.database.missing"));
091: else {
092: user = getUser(database, username);
093: if ((user != null) && !user.getPassword().equals(password))
094: user = null;
095: if (user == null)
096: errors.add(ActionMessages.GLOBAL_MESSAGE,
097: new ActionMessage("error.password.mismatch"));
098: }
099:
100: // Report any errors we have discovered back to the original form
101: if (!errors.isEmpty()) {
102: saveErrors(request, errors);
103: return (mapping.getInputForward());
104: }
105:
106: // Save our logged-in user in the session
107: HttpSession session = request.getSession();
108: session.setAttribute(Constants.USER_KEY, user);
109: if (log.isDebugEnabled()) {
110: log.debug("LogonAction: User '" + user.getUsername()
111: + "' logged on in session " + session.getId());
112: }
113:
114: // Remove the obsolete form bean
115: if (mapping.getAttribute() != null) {
116: if ("request".equals(mapping.getScope()))
117: request.removeAttribute(mapping.getAttribute());
118: else
119: session.removeAttribute(mapping.getAttribute());
120: }
121:
122: // Forward control to the specified success URI
123: return (mapping.findForward("success"));
124:
125: }
126:
127: // ------------------------------------------------------ Protected Methods
128:
129: /**
130: * Look up the user, throwing an exception to simulate business logic
131: * rule exceptions.
132: *
133: * @param database Database in which to look up the user
134: * @param username Username specified on the logon form
135: *
136: * @exception AppException if a business logic rule is violated
137: */
138: public User getUser(UserDatabase database, String username)
139: throws ModuleException {
140:
141: // Force an ArithmeticException which can be handled explicitly
142: if ("arithmetic".equals(username)) {
143: throw new ArithmeticException();
144: }
145:
146: // Force an application-specific exception which can be handled
147: if ("expired".equals(username)) {
148: throw new ExpiredPasswordException(username);
149: }
150:
151: // Look up and return the specified user
152: return (database.findUser(username));
153:
154: }
155:
156: }
|