1 package org.apache.turbine.modules.actions;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 import org.apache.commons.configuration.Configuration;
20
21 import org.apache.commons.lang.StringUtils;
22
23 import org.apache.commons.logging.Log;
24 import org.apache.commons.logging.LogFactory;
25
26 import org.apache.turbine.Turbine;
27 import org.apache.turbine.TurbineConstants;
28 import org.apache.turbine.modules.Action;
29 import org.apache.turbine.om.security.User;
30 import org.apache.turbine.services.security.TurbineSecurity;
31 import org.apache.turbine.util.RunData;
32 import org.apache.turbine.util.security.DataBackendException;
33 import org.apache.turbine.util.security.TurbineSecurityException;
34
35 /***
36 * This is where we authenticate the user logging into the system
37 * against a user in the database. If the user exists in the database
38 * that users last login time will be updated.
39 *
40 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
41 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
42 * @author <a href="mailto:quintonm@bellsouth.net">Quinton McCombs</a>
43 * @version $Id: LoginUser.java 264148 2005-08-29 14:21:04Z henning $
44 */
45 public class LoginUser
46 extends Action
47 {
48 /*** CGI Parameter for the user name */
49 public static final String CGI_USERNAME = "username";
50
51 /*** CGI Parameter for the password */
52 public static final String CGI_PASSWORD = "password";
53
54 /*** Logging */
55 private static Log log = LogFactory.getLog(LoginUser.class);
56
57 /***
58 * Updates the user's LastLogin timestamp, sets their state to
59 * "logged in" and calls RunData.setUser() . If the user cannot
60 * be authenticated (database error?) the user is assigned
61 * anonymous status and, if tr.props contains a TEMPLATE_LOGIN,
62 * the screenTemplate is set to this, otherwise the screen is set
63 * to SCREEN_LOGIN
64 *
65 * @param data Turbine information.
66 * @exception TurbineSecurityException could not get instance of the
67 * anonymous user
68 */
69 public void doPerform(RunData data)
70 throws TurbineSecurityException
71 {
72 String username = data.getParameters().getString(CGI_USERNAME, "");
73 String password = data.getParameters().getString(CGI_PASSWORD, "");
74
75 if (StringUtils.isEmpty(username))
76 {
77 return;
78 }
79
80 try
81 {
82
83 User user = TurbineSecurity.getAuthenticatedUser(
84 username, password);
85
86
87 data.setUser(user);
88
89
90 user.setHasLoggedIn(Boolean.TRUE);
91
92
93 user.updateLastLogin();
94
95
96
97
98
99 data.save();
100
101
102
103
104
105
106
107
108
109
110 }
111 catch (Exception e)
112 {
113 Configuration conf = Turbine.getConfiguration();
114
115 if (e instanceof DataBackendException)
116 {
117 log.error(e);
118 }
119
120
121 data.setMessage(conf.getString(TurbineConstants.LOGIN_ERROR, ""));
122 data.setUser (TurbineSecurity.getAnonymousUser());
123
124 String loginTemplate = conf.getString(
125 TurbineConstants.TEMPLATE_LOGIN);
126
127 if (StringUtils.isNotEmpty(loginTemplate))
128 {
129
130 data.setScreenTemplate(loginTemplate);
131 }
132 else
133 {
134 data.setScreen(conf.getString(TurbineConstants.SCREEN_LOGIN));
135 }
136 }
137 }
138 }