1 package org.apache.turbine.modules.actions;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import org.apache.commons.lang.StringUtils;
23 import org.apache.commons.logging.Log;
24 import org.apache.commons.logging.LogFactory;
25 import org.apache.fulcrum.security.util.DataBackendException;
26 import org.apache.fulcrum.security.util.FulcrumSecurityException;
27 import org.apache.turbine.TurbineConstants;
28 import org.apache.turbine.annotation.TurbineConfiguration;
29 import org.apache.turbine.annotation.TurbineService;
30 import org.apache.turbine.modules.Action;
31 import org.apache.turbine.om.security.User;
32 import org.apache.turbine.pipeline.PipelineData;
33 import org.apache.turbine.services.security.SecurityService;
34 import org.apache.turbine.util.RunData;
35 import org.apache.turbine.util.TurbineException;
36
37
38
39
40
41
42
43
44
45
46
47
48 public class LoginUser
49 extends Action
50 {
51
52 public static final String CGI_USERNAME = "username";
53
54
55 public static final String CGI_PASSWORD = "password";
56
57
58 private static Log log = LogFactory.getLog(LoginUser.class);
59
60
61 @TurbineService
62 private SecurityService security;
63
64 @TurbineConfiguration( TurbineConstants.LOGIN_ERROR )
65 private String loginError = "";
66
67 @TurbineConfiguration( TurbineConstants.TEMPLATE_LOGIN )
68 private String templateLogin;
69
70 @TurbineConfiguration( TurbineConstants.SCREEN_LOGIN )
71 private String screenLogin;
72
73
74
75
76
77
78
79
80
81
82
83
84
85 @Override
86 public void doPerform(PipelineData pipelineData)
87 throws FulcrumSecurityException
88 {
89 RunData data = getRunData(pipelineData);
90 String username = data.getParameters().getString(CGI_USERNAME, "");
91 String password = data.getParameters().getString(CGI_PASSWORD, "");
92
93 if (StringUtils.isEmpty(username))
94 {
95 return;
96 }
97
98 try
99 {
100 if (username.equals(security.getAnonymousUser().getName()))
101 {
102 throw new TurbineException("Anonymous user cannot login");
103 }
104
105
106 User user = security.getAuthenticatedUser(username, password);
107
108
109 data.setUser(user);
110
111
112 user.setHasLoggedIn(Boolean.TRUE);
113
114
115 user.updateLastLogin();
116
117
118
119
120
121 data.save();
122
123
124
125
126
127
128
129
130
131
132 }
133 catch (Exception e)
134 {
135 if (e instanceof DataBackendException)
136 {
137 log.error(e);
138 }
139
140
141 data.setMessage(loginError);
142 User anonymousUser = security.getAnonymousUser();
143 data.setUser(anonymousUser);
144
145 if (StringUtils.isNotEmpty(templateLogin))
146 {
147
148 data.setScreenTemplate(templateLogin);
149 }
150 else
151 {
152 data.setScreen(screenLogin);
153 }
154 }
155 }
156
157 }