1 package org.apache.turbine.modules.actions;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import org.apache.commons.configuration.Configuration;
23
24 import org.apache.commons.lang.StringUtils;
25
26 import org.apache.commons.logging.Log;
27 import org.apache.commons.logging.LogFactory;
28
29 import org.apache.turbine.Turbine;
30 import org.apache.turbine.TurbineConstants;
31 import org.apache.turbine.modules.Action;
32 import org.apache.turbine.om.security.User;
33 import org.apache.turbine.services.security.TurbineSecurity;
34 import org.apache.turbine.util.RunData;
35 import org.apache.turbine.util.security.DataBackendException;
36 import org.apache.turbine.util.security.TurbineSecurityException;
37
38 /***
39 * This is where we authenticate the user logging into the system
40 * against a user in the database. If the user exists in the database
41 * that users last login time will be updated.
42 *
43 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
44 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
45 * @author <a href="mailto:quintonm@bellsouth.net">Quinton McCombs</a>
46 * @version $Id: LoginUser.java 534527 2007-05-02 16:10:59Z tv $
47 */
48 public class LoginUser
49 extends Action
50 {
51 /*** CGI Parameter for the user name */
52 public static final String CGI_USERNAME = "username";
53
54 /*** CGI Parameter for the password */
55 public static final String CGI_PASSWORD = "password";
56
57 /*** Logging */
58 private static Log log = LogFactory.getLog(LoginUser.class);
59
60 /***
61 * Updates the user's LastLogin timestamp, sets their state to
62 * "logged in" and calls RunData.setUser() . If the user cannot
63 * be authenticated (database error?) the user is assigned
64 * anonymous status and, if tr.props contains a TEMPLATE_LOGIN,
65 * the screenTemplate is set to this, otherwise the screen is set
66 * to SCREEN_LOGIN
67 *
68 * @param data Turbine information.
69 * @exception TurbineSecurityException could not get instance of the
70 * anonymous user
71 */
72 public void doPerform(RunData data)
73 throws TurbineSecurityException
74 {
75 String username = data.getParameters().getString(CGI_USERNAME, "");
76 String password = data.getParameters().getString(CGI_PASSWORD, "");
77
78 if (StringUtils.isEmpty(username))
79 {
80 return;
81 }
82
83 try
84 {
85
86 User user = TurbineSecurity.getAuthenticatedUser(
87 username, password);
88
89
90 data.setUser(user);
91
92
93 user.setHasLoggedIn(Boolean.TRUE);
94
95
96 user.updateLastLogin();
97
98
99
100
101
102 data.save();
103
104
105
106
107
108
109
110
111
112
113 }
114 catch (Exception e)
115 {
116 Configuration conf = Turbine.getConfiguration();
117
118 if (e instanceof DataBackendException)
119 {
120 log.error(e);
121 }
122
123
124 data.setMessage(conf.getString(TurbineConstants.LOGIN_ERROR, ""));
125 data.setUser (TurbineSecurity.getAnonymousUser());
126
127 String loginTemplate = conf.getString(
128 TurbineConstants.TEMPLATE_LOGIN);
129
130 if (StringUtils.isNotEmpty(loginTemplate))
131 {
132
133 data.setScreenTemplate(loginTemplate);
134 }
135 else
136 {
137 data.setScreen(conf.getString(TurbineConstants.SCREEN_LOGIN));
138 }
139 }
140 }
141 }