1 package org.apache.turbine.modules.actions.sessionvalidator;
2
3 /*
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
19 * under the License.
20 */
21
22 import org.apache.commons.lang3.StringUtils;
23 import org.apache.logging.log4j.Logger;
24 import org.apache.logging.log4j.LogManager;
25 import org.apache.turbine.Turbine;
26 import org.apache.turbine.om.security.User;
27 import org.apache.turbine.pipeline.PipelineData;
28 import org.apache.turbine.util.RunData;
29
30 /**
31 * SessionValidator for use with the Template Service, the
32 * TemplateSessionValidator is virtually identical to the
33 * {@link TemplateSecureSessionValidator} except that it does not transfer to the
34 * login page when it detects a null user (or a user not logged in).
35 *
36 * <p>The Template Service requires a different Session Validator
37 * because of the way it handles screens.
38 *
39 * @see TemplateSecureSessionValidator
40 * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
41 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
42 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
43 * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
44 * @version $Id$
45 */
46 public class TemplateSessionValidator
47 extends SessionValidator
48 {
49 /** Logging */
50 private static Logger log = LogManager.getLogger(TemplateSessionValidator.class);
51
52 /**
53 * Execute the action.
54 *
55 * @param pipelineData Turbine information.
56 * @throws Exception The anonymous user could not be obtained
57 * from the security service
58 */
59 @Override
60 public void doPerform(PipelineData pipelineData) throws Exception
61 {
62 RunData data = pipelineData.getRunData();
63 // Pull user from session.
64 data.populate();
65
66 // The user may have not logged in, so create a "guest/anonymous" user.
67 if (data.getUser() == null)
68 {
69 log.debug("Creating an anonymous user object!");
70 User anonymousUser = security.getAnonymousUser();
71 data.setUser(anonymousUser);
72 data.save();
73 }
74
75 // Make sure we have some way to return a response
76 if (!data.hasScreen() && StringUtils.isEmpty(
77 data.getTemplateInfo().getScreenTemplate()))
78 {
79 if (StringUtils.isNotEmpty(templateHomepage))
80 {
81 data.getTemplateInfo().setScreenTemplate(templateHomepage);
82 }
83 else
84 {
85 data.setScreen(screenHomepage);
86 }
87 } else {
88 handleFormCounterToken(data, false);
89 }
90
91 // We do not want to allow both a screen and template parameter.
92 // The template parameter is dominant.
93 if (data.getTemplateInfo().getScreenTemplate() != null)
94 {
95 data.setScreen(null);
96 }
97
98 // Comply with Turbine 4.0 standards
99 pipelineData.get(Turbine.class).put(User.class, data.getUser());
100 }
101 }