Revision 509
Added by bojilova over 23 years ago
| MetaCatServlet.java | ||
|---|---|---|
| 210 | 210 |
params.put(name,value); |
| 211 | 211 |
} |
| 212 | 212 |
|
| 213 |
//if the user clicked on the input images, decode which image |
|
| 214 |
//was clicked then set the action. |
|
| 213 | 215 |
String action = ((String[])params.get("action"))[0];
|
| 214 | 216 |
util.debugMessage("Line 213: Action is: " + action);
|
| 215 |
//if the user clicked on the input images, decode which image |
|
| 216 |
//was clicked then set the action. |
|
| 217 |
|
|
| 217 | 218 |
//MBJELIMINATE String action = decodeMouseAction(params); |
| 218 | 219 |
//if(action.equals("error"))
|
| 219 | 220 |
//{
|
| 220 |
// util.debugMessage("Line 218: Action is: " + action);
|
|
| 221 |
//util.debugMessage("Line 218: Action is: " + action);
|
|
| 221 | 222 |
//action = ((String[])params.get("action"))[0];
|
| 222 | 223 |
//} |
| 223 | 224 |
|
| 224 | 225 |
// This block handles session management for the servlet |
| 225 | 226 |
// by looking up the current session information for all actions |
| 226 |
// other than "Login" and "Logout" |
|
| 227 |
// handle login action |
|
| 227 |
// other than "login" and "logout" |
|
| 228 | 228 |
String username = null; |
| 229 | 229 |
String groupname = null; |
| 230 |
if (action.equals("Login") || action.equals("Login Client")) {
|
|
| 230 |
|
|
| 231 |
// handle login action |
|
| 232 |
if (action.equals("login")) {
|
|
| 233 |
|
|
| 231 | 234 |
handleLoginAction(response.getWriter(), params, request, response); |
| 235 |
|
|
| 232 | 236 |
// handle logout action |
| 233 |
} else if (action.equals("Logout") || action.equals("Logout Client")) {
|
|
| 234 |
HttpSession sess = request.getSession(false); |
|
| 235 |
if (sess != null) { sess.invalidate(); }
|
|
| 236 |
if (action.equals("Logout Client")) {
|
|
| 237 |
PrintWriter out = response.getWriter(); |
|
| 238 |
out.println("<?xml version=\"1.0\"?>");
|
|
| 239 |
out.println("<success>");
|
|
| 240 |
out.println("User logout.");
|
|
| 241 |
out.println("</success>");
|
|
| 242 |
return; |
|
| 243 |
} |
|
| 237 |
} else if (action.equals("logout")) {
|
|
| 244 | 238 |
|
| 245 |
response.sendRedirect(htmlpath + "/index.html");
|
|
| 239 |
handleLogoutAction(response.getWriter(), params, request, response);
|
|
| 246 | 240 |
|
| 247 | 241 |
// aware of session expiration on every request |
| 248 | 242 |
} else {
|
| 243 |
|
|
| 249 | 244 |
HttpSession sess = request.getSession(true); |
| 250 | 245 |
if (sess.isNew()) {
|
| 251 | 246 |
// session expired or has not been stored b/w user requests |
| 252 |
// redirect to default page for query only access |
|
| 253 |
// response.sendRedirect(htmlpath + "/sexpire.html"); |
|
| 254 | 247 |
username = "public"; |
| 255 | 248 |
} else {
|
| 256 | 249 |
username = (String)sess.getAttribute("username");
|
| ... | ... | |
| 298 | 291 |
} |
| 299 | 292 |
else if (action.equals("insert") || action.equals("update")) {
|
| 300 | 293 |
PrintWriter out = response.getWriter(); |
| 301 |
if ( !username.equals("public") && (username != null) ) {
|
|
| 294 |
if ( (username != null) && !username.equals("public") ) {
|
|
| 302 | 295 |
handleInsertOrUpdateAction(out, params, response, username, groupname); |
| 303 | 296 |
} else {
|
| 304 | 297 |
out.println("Permission denied for " + action);
|
| 305 | 298 |
} |
| 306 | 299 |
} else if (action.equals("delete")) {
|
| 307 | 300 |
PrintWriter out = response.getWriter(); |
| 308 |
if ( !username.equals("public") && (username != null) ) {
|
|
| 301 |
if ( (username != null) && !username.equals("public") ) {
|
|
| 309 | 302 |
handleDeleteAction(out, params, response, username, groupname); |
| 310 | 303 |
} else {
|
| 311 | 304 |
out.println("Permission denied for " + action);
|
| ... | ... | |
| 332 | 325 |
} else if (action.equals("getdataguide")) {
|
| 333 | 326 |
PrintWriter out = response.getWriter(); |
| 334 | 327 |
handleGetDataGuideAction(out, params, response); |
| 335 |
} else if (action.equals("Login") || action.equals("Login Client")) {
|
|
| 328 |
} else if (action.equals("login") || action.equals("logout")) {
|
|
| 336 | 329 |
} else {
|
| 337 | 330 |
PrintWriter out = response.getWriter(); |
| 338 | 331 |
out.println("Error: action not registered. Please report this error.");
|
| ... | ... | |
| 379 | 372 |
} |
| 380 | 373 |
|
| 381 | 374 |
/** |
| 382 |
* Handle the Login request. Create a new session object.
|
|
| 375 |
* Handle the login request. Create a new session object.
|
|
| 383 | 376 |
* Do user authentication through the session. |
| 384 | 377 |
*/ |
| 385 | 378 |
private void handleLoginAction(PrintWriter out, Hashtable params, |
| ... | ... | |
| 389 | 382 |
String un = ((String[])params.get("username"))[0];
|
| 390 | 383 |
String pw = ((String[])params.get("password"))[0];
|
| 391 | 384 |
String action = ((String[])params.get("action"))[0];
|
| 385 |
String qformat = ((String[])params.get("qformat"))[0];
|
|
| 392 | 386 |
|
| 393 | 387 |
try {
|
| 394 |
sess = new AuthSession(request, un, pw);
|
|
| 388 |
sess = new AuthSession(); |
|
| 395 | 389 |
} catch (Exception e) {
|
| 396 | 390 |
out.println(e.getMessage()); |
| 391 |
return; |
|
| 397 | 392 |
} |
| 398 | 393 |
|
| 399 |
String output = null;
|
|
| 400 |
boolean isValid = sess.authenticate(); |
|
| 401 |
if (action.equals("Login Client")) {
|
|
| 402 |
out.println(sess.getMessage());
|
|
| 403 |
} else {
|
|
| 394 |
boolean isValid = sess.authenticate(request, un, pw);
|
|
| 395 |
|
|
| 396 |
// format and transform the output
|
|
| 397 |
if (qformat.equals("html")) {
|
|
| 398 |
Connection conn = null;
|
|
| 404 | 399 |
try {
|
| 400 |
conn = util.getConnection(); |
|
| 401 |
DBTransform trans = new DBTransform(conn); |
|
| 402 |
response.setContentType("text/html");
|
|
| 403 |
// user authentication successful |
|
| 405 | 404 |
if (isValid) {
|
| 406 |
if (un.equals("public")) {
|
|
| 407 |
response.sendRedirect( |
|
| 408 |
response.encodeRedirectUrl(htmlpath + "/index.html")); |
|
| 409 |
} else {
|
|
| 410 |
response.sendRedirect( |
|
| 405 |
// trans.transformXMLDocument(sess.getMessage(), "-//NCEAS//login//EN", |
|
| 406 |
// "-//W3C//HTML//EN", out); |
|
| 407 |
response.sendRedirect( |
|
| 411 | 408 |
response.encodeRedirectUrl(htmlpath + "/metacat.html")); |
| 412 |
} |
|
| 409 |
|
|
| 410 |
// unsuccessful user authentication |
|
| 413 | 411 |
} else {
|
| 414 |
response.sendRedirect( |
|
| 415 |
response.encodeRedirectUrl(htmlpath + "/login.html")); |
|
| 412 |
// trans.transformXMLDocument(sess.getMessage(), "-//NCEAS//nologin//EN", |
|
| 413 |
// "-//W3C//HTML//EN", out); |
|
| 414 |
response.sendRedirect(htmlpath + "/login.html"); |
|
| 416 | 415 |
} |
| 417 |
} catch ( java.io.IOException ioe) {
|
|
| 418 |
String message = "handleLoginAction() - " + |
|
| 419 |
"Error on redirect of HttpServletResponse: " + |
|
| 420 |
ioe.getMessage(); |
|
| 421 |
out.println(message); |
|
| 422 |
} |
|
| 416 |
util.returnConnection(conn); |
|
| 417 |
} catch(Exception e) {
|
|
| 418 |
util.returnConnection(conn); |
|
| 419 |
} |
|
| 420 |
|
|
| 421 |
// any output is returned |
|
| 422 |
} else {
|
|
| 423 |
response.setContentType("text/xml");
|
|
| 424 |
out.println(sess.getMessage()); |
|
| 423 | 425 |
} |
| 426 |
|
|
| 427 |
// if (action.equals("Login Client")) {
|
|
| 428 |
// out.println(sess.getMessage()); |
|
| 429 |
// } else {
|
|
| 430 |
// try {
|
|
| 431 |
// if (isValid) {
|
|
| 432 |
// if (un.equals("public")) {
|
|
| 433 |
// response.sendRedirect( |
|
| 434 |
// response.encodeRedirectUrl(htmlpath + "/index.html")); |
|
| 435 |
// } else {
|
|
| 436 |
// response.sendRedirect( |
|
| 437 |
// response.encodeRedirectUrl(htmlpath + "/metacat.html")); |
|
| 438 |
// } |
|
| 439 |
// } else {
|
|
| 440 |
// response.sendRedirect(htmlpath + "/login.html"); |
|
| 441 |
// } |
|
| 442 |
// } catch ( java.io.IOException ioe) {
|
|
| 443 |
// String message = "handleLoginAction() - " + |
|
| 444 |
// "Error on redirect of HttpServletResponse: " + |
|
| 445 |
// ioe.getMessage(); |
|
| 446 |
// out.println(message); |
|
| 447 |
// } |
|
| 448 |
// } |
|
| 424 | 449 |
} |
| 450 |
|
|
| 451 |
/** |
|
| 452 |
* Handle the logout request. Close the connection. |
|
| 453 |
*/ |
|
| 454 |
private void handleLogoutAction(PrintWriter out, Hashtable params, |
|
| 455 |
HttpServletRequest request, HttpServletResponse response) {
|
|
| 456 |
|
|
| 457 |
String qformat = ((String[])params.get("qformat"))[0];
|
|
| 458 |
|
|
| 459 |
// close the connection |
|
| 460 |
HttpSession sess = request.getSession(false); |
|
| 461 |
if (sess != null) { sess.invalidate(); }
|
|
| 462 |
|
|
| 463 |
// produce output |
|
| 464 |
StringBuffer output = new StringBuffer(); |
|
| 465 |
output.append("<?xml version=\"1.0\"?>");
|
|
| 466 |
output.append("<success>");
|
|
| 467 |
output.append("User logout.");
|
|
| 468 |
output.append("</success>");
|
|
| 469 |
|
|
| 470 |
//format and transform the output |
|
| 471 |
if (qformat.equals("html")) {
|
|
| 472 |
Connection conn = null; |
|
| 473 |
try {
|
|
| 474 |
conn = util.getConnection(); |
|
| 475 |
DBTransform trans = new DBTransform(conn); |
|
| 476 |
response.setContentType("text/html");
|
|
| 477 |
//trans.transformXMLDocument(output, "-//NCEAS//logout//EN", |
|
| 478 |
// "-//W3C//HTML//EN", out); |
|
| 479 |
response.sendRedirect(htmlpath + "/index.html"); |
|
| 480 |
util.returnConnection(conn); |
|
| 481 |
} catch(Exception e) {
|
|
| 482 |
util.returnConnection(conn); |
|
| 483 |
} |
|
| 484 |
// any output is returned |
|
| 485 |
} else {
|
|
| 486 |
response.setContentType("text/xml");
|
|
| 487 |
out.println(output.toString()); |
|
| 488 |
} |
|
| 489 |
|
|
| 490 |
} |
|
| 491 |
|
|
| 425 | 492 |
|
| 426 | 493 |
/** |
| 427 | 494 |
* Retreive the squery xml, execute it and display it |
Also available in: Unified diff
AuthMcat
- new class for authentication through MCA; implements AuthInterface
AuthSession
- assigning HttpSession obj only after successful athentication;
- cleared isAuthenticated field - not needed
- cleared invalidate() method - not needed
AuthInterface
- added input parameters: user and password for getGroups() and getUsers() interfaces
needed for making connection to the auth server
MetaCatServlet
- changed the values of action paramet to "login" and "logout"
- added handleLogoutAction() method