/src/edu/ucsb/nceas/metacat/MetaCatServlet.java - Diff - Metacat - Ecoinformatics Redmine

« Previous | Next »

Revision 4780

Added by daigle about 15 years ago

Handle sessions with null ids gracefully.

             try {
                 sess = new AuthSession();
             } catch (Exception e) {
                 System.out.println("error in MetacatServlet.handleLoginAction: "
                         + e.getMessage());
                 out.println(e.getMessage());
             	String errorMsg = "Problem in MetacatServlet.handleLoginAction() authenicating session: "
                     + e.getMessage();
                 logMetacat.error(errorMsg);
                 out.println(errorMsg);
                 return;
+            }
             boolean isValid = sess.authenticate(request, un, pw);
-...
             if (isValid) {
                 HttpSession session = sess.getSessions();
                 String id = session.getId();
                 logMetacat.info("Store session id " + id
                 logMetacat.debug("Store session id " + id
                         + " which has username" + session.getAttribute("username")
                         + " into hash in login method");
                 SessionService.registerSession(id,
     					(String) session.getAttribute("username"),
     					(String[]) session.getAttribute("groupnames"),
     					(String) session.getAttribute("password"));
                 try {
     				SessionService.registerSession(id, (String) session
     						.getAttribute("username"), (String[]) session
     						.getAttribute("groupnames"), (String) session
     						.getAttribute("password"));
     			} catch (ServiceException se) {
     				String errorMsg = "Problem in MetacatServlet.handleLoginAction() registering session: "
     						+ se.getMessage();
     				logMetacat.error(errorMsg);
     				out.println(errorMsg);
     				return;
+    			}
+            }
             // format and transform the output
-...
                     trans.transformXMLDocument(sess.getMessage(),
                             "-//NCEAS//login//EN", "-//W3C//HTML//EN", qformat,
                             out, null);
                 } catch (Exception e) {
                     logMetacat.error(
                             "Error in MetaCatServlet.handleLoginAction: "
                 } catch (Exception e) {
                     logMetacat.error("Error in MetaCatServlet.handleLoginAction: "
                             + e.getMessage());
+                }
+            }

Also available in: Unified diff

Project

General

Profile

Metacat

Revision 4780

Added by daigle about 15 years ago