001package org.apache.turbine.modules.actions.sessionvalidator; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import org.apache.commons.lang.StringUtils; 023import org.apache.commons.logging.Log; 024import org.apache.commons.logging.LogFactory; 025import org.apache.turbine.Turbine; 026import org.apache.turbine.om.security.User; 027import org.apache.turbine.pipeline.PipelineData; 028import org.apache.turbine.util.RunData; 029 030/** 031 * SessionValidator for use with the Template Service, the 032 * TemplateSessionValidator is virtually identical to the 033 * {@link TemplateSecureSessionValidator} except that it does not transfer to the 034 * login page when it detects a null user (or a user not logged in). 035 * 036 * <p>The Template Service requires a different Session Validator 037 * because of the way it handles screens. 038 * 039 * <p>Note that you will need to set the template.login property to the 040 * login template. 041 * 042 * @see TemplateSecureSessionValidator 043 * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a> 044 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a> 045 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a> 046 * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a> 047 * @version $Id: TemplateSessionValidator.java 1812601 2017-10-19 06:40:28Z gk $ 048 */ 049public class TemplateSessionValidator 050 extends SessionValidator 051{ 052 /** Logging */ 053 private static Log log = LogFactory.getLog(TemplateSessionValidator.class); 054 055 /** 056 * Execute the action. 057 * 058 * @param pipelineData Turbine information. 059 * @throws Exception The anonymous user could not be obtained 060 * from the security service 061 */ 062 @Override 063 public void doPerform(PipelineData pipelineData) throws Exception 064 { 065 RunData data = getRunData(pipelineData); 066 // Pull user from session. 067 data.populate(); 068 069 // The user may have not logged in, so create a "guest/anonymous" user. 070 if (data.getUser() == null) 071 { 072 log.debug("Fixing up empty User Object!"); 073 User anonymousUser = security.getAnonymousUser(); 074 data.setUser(anonymousUser); 075 data.save(); 076 } 077 078 // make sure we have some way to return a response 079 if (!data.hasScreen() && StringUtils.isEmpty( 080 data.getTemplateInfo().getScreenTemplate())) 081 { 082 if (StringUtils.isNotEmpty(templateHomepage)) 083 { 084 data.getTemplateInfo().setScreenTemplate(templateHomepage); 085 } 086 else 087 { 088 data.setScreen(screenHomepage); 089 } 090 } else { 091 handleFormCounterToken(data, false); 092 } 093 094 // we do not want to allow both a screen and template parameter. 095 // The template parameter is dominant. 096 if (data.getTemplateInfo().getScreenTemplate() != null) 097 { 098 data.setScreen(null); 099 } 100 101 // Comply with Turbine 4.0 standards 102 pipelineData.get(Turbine.class).put(User.class, data.getUser()); 103 } 104}