View Javadoc
1   package org.apache.turbine.modules.actions.sessionvalidator;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.commons.lang.StringUtils;
23  import org.apache.commons.logging.Log;
24  import org.apache.commons.logging.LogFactory;
25  import org.apache.turbine.Turbine;
26  import org.apache.turbine.om.security.User;
27  import org.apache.turbine.pipeline.PipelineData;
28  import org.apache.turbine.util.RunData;
29  
30  /**
31   * SessionValidator for use with the Template Service, the
32   * TemplateSessionValidator is virtually identical to the
33   * {@link TemplateSecureSessionValidator} except that it does not transfer to the
34   * login page when it detects a null user (or a user not logged in).
35   *
36   * <p>The Template Service requires a different Session Validator
37   * because of the way it handles screens.
38   *
39   * <p>Note that you will need to set the template.login property to the
40   * login template.
41   *
42   * @see TemplateSecureSessionValidator
43   * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
44   * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
45   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
46   * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
47   * @version $Id: TemplateSessionValidator.java 1812601 2017-10-19 06:40:28Z gk $
48   */
49  public class TemplateSessionValidator
50      extends SessionValidator
51  {
52      /** Logging */
53      private static Log log = LogFactory.getLog(TemplateSessionValidator.class);
54  
55      /**
56       * Execute the action.
57       *
58       * @param pipelineData Turbine information.
59       * @throws Exception The anonymous user could not be obtained
60       *         from the security service
61       */
62      @Override
63      public void doPerform(PipelineData pipelineData) throws Exception
64      {
65          RunData data = getRunData(pipelineData);
66          // Pull user from session.
67          data.populate();
68  
69          // The user may have not logged in, so create a "guest/anonymous" user.
70          if (data.getUser() == null)
71          {
72              log.debug("Fixing up empty User Object!");
73              User anonymousUser = security.getAnonymousUser();
74              data.setUser(anonymousUser);
75              data.save();
76          }
77  
78          // make sure we have some way to return a response
79          if (!data.hasScreen() && StringUtils.isEmpty(
80                  data.getTemplateInfo().getScreenTemplate()))
81          {
82              if (StringUtils.isNotEmpty(templateHomepage))
83              {
84                  data.getTemplateInfo().setScreenTemplate(templateHomepage);
85              }
86              else
87              {
88                  data.setScreen(screenHomepage);
89              }
90          } else {
91              handleFormCounterToken(data, false);
92          }
93  
94          // we do not want to allow both a screen and template parameter.
95          // The template parameter is dominant.
96          if (data.getTemplateInfo().getScreenTemplate() != null)
97          {
98              data.setScreen(null);
99          }
100 
101         // Comply with Turbine 4.0 standards
102         pipelineData.get(Turbine.class).put(User.class, data.getUser());
103     }
104 }