protected static String getString(
      HttpServletRequest request, String propertyName, String propertyValueDefault) {
    String res = null;

    {
      try {
        Principal userPrincipal = request.getUserPrincipal();
        if (userPrincipal != null) {
          PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
          PreferenceAccessor a = f.getUserPreferenceAccessor();

          res = a.getPreferenceProperty(userPrincipal, propertyName);

          if (res == null || res.length() == 0) {
            if (propertyValueDefault != null) {
              res = propertyValueDefault;
            }
          }
        }
      } catch (Throwable ex) {
        ex.printStackTrace(); // TODO: Log!
      }
    }

    return res;
  }
Beispiel #2
0
 /**
  * Initialises the command. Here the parameters are extracted from the request.
  *
  * @param HttpServletRequest Object that encapsulates the request to the servlet
  * @throws EPlatformException necessary to fullfill abstract method signature
  */
 public void init(HttpServletRequest request) throws EPlatformException {
   LogHelper.trace(LogHelper.TRACE, "[SuspendCommand.init] init");
   /* get the pincodes */
   sPincode1 = request.getParameter("pincode1");
   sPincode2 = request.getParameter("pincode2");
   /* get the user */
   g_sUser = request.getUserPrincipal().getName();
 }
  protected static void setString(
      HttpServletRequest request, String propertyName, String propertyValue) {
    try {
      Principal userPrincipal = request.getUserPrincipal();
      if (userPrincipal != null) {
        PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
        PreferenceAccessor a = f.getUserPreferenceAccessor();

        a.setPreferenceProperty(userPrincipal, propertyName, propertyValue);
      }
    } catch (Throwable ex) {
      ex.printStackTrace(); // TODO: Log!
    }
  }
  public static String showSecurity(HttpServletRequest req, String role) {
    StringBuilder sbuff = new StringBuilder();

    sbuff.append("Security Info\n");
    sbuff.append(" req.getRemoteUser(): ").append(req.getRemoteUser()).append("\n");
    sbuff.append(" req.getUserPrincipal(): ").append(req.getUserPrincipal()).append("\n");
    sbuff
        .append(" req.isUserInRole(")
        .append(role)
        .append("):")
        .append(req.isUserInRole(role))
        .append("\n");
    sbuff.append(" ------------------\n");

    return sbuff.toString();
  }
  public static void setMenuPropertyValue(HttpServletRequest request, Integer v) {
    try {
      Principal userPrincipal = request.getUserPrincipal();
      if (userPrincipal != null) {
        PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
        PreferenceAccessor a = f.getUserPreferenceAccessor();

        if (v == null) {
          a.setPreferenceProperty(userPrincipal, MENU_PROPERTY_NAME, null);
        } else {
          String value = v.toString();
          a.setPreferenceProperty(userPrincipal, MENU_PROPERTY_NAME, value);
        }
      }
    } catch (Throwable ex) {
      ex.printStackTrace(); // TODO: Log!
    }
  }
  public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
    resp.setContentType("text/html");

    String username = req.getUserPrincipal().getName();

    String token = ChannelServiceFactory.getChannelService().createChannel(username);
    String tokenized =
        CharStreams.toString(
                new InputStreamReader(getServletContext().getResourceAsStream(PATH), ENCODING))
            .replace("TOKEN", token);

    DatastoreService store = DatastoreServiceFactory.getDatastoreService();
    Entity player = ensurePlayerExists(username, store);
    Entity map = ensureMapExists(player, store);

    OutputStream out = resp.getOutputStream();
    out.write(ENCODING.encode(tokenized).array());
    out.flush();
  }
  private static Integer getMenuPropertyValue(HttpServletRequest request) {
    Integer res = null;

    {
      try {
        Principal userPrincipal = request.getUserPrincipal();
        if (userPrincipal != null) {
          PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
          PreferenceAccessor a = f.getUserPreferenceAccessor();

          String name = a.getPreferenceProperty(userPrincipal, MENU_PROPERTY_NAME);
          if (name != null) {
            res = Integer.parseInt(name);
          }
        }
      } catch (Throwable ex) {
        ex.printStackTrace(); // TODO: Log!
      }
    }

    return res;
  }
  /**
   * Perform form authentication. Called from SecurityHandler.
   *
   * @return UserPrincipal if authenticated else null.
   */
  public Principal authenticate(
      UserRealm realm, String pathInContext, HttpRequest httpRequest, HttpResponse httpResponse)
      throws IOException {
    HttpServletRequest request = (ServletHttpRequest) httpRequest.getWrapper();
    HttpServletResponse response =
        httpResponse == null ? null : (HttpServletResponse) httpResponse.getWrapper();

    // Handle paths
    String uri = pathInContext;

    // Setup session
    HttpSession session = request.getSession(response != null);
    if (session == null) return null;

    // Handle a request for authentication.
    if (uri.substring(uri.lastIndexOf("/") + 1).startsWith(__J_SECURITY_CHECK)) {
      // Check the session object for login info.
      FormCredential form_cred = new FormCredential();
      form_cred.authenticate(
          realm,
          request.getParameter(__J_USERNAME),
          request.getParameter(__J_PASSWORD),
          httpRequest);

      String nuri = (String) session.getAttribute(__J_URI);
      if (nuri == null || nuri.length() == 0) {
        nuri = request.getContextPath();
        if (nuri.length() == 0) nuri = "/";
      }

      if (form_cred._userPrincipal != null) {
        // Authenticated OK
        if (log.isDebugEnabled()) log.debug("Form authentication OK for " + form_cred._jUserName);
        session.removeAttribute(__J_URI); // Remove popped return URI.
        httpRequest.setAuthType(SecurityConstraint.__FORM_AUTH);
        httpRequest.setAuthUser(form_cred._jUserName);
        httpRequest.setUserPrincipal(form_cred._userPrincipal);
        session.setAttribute(__J_AUTHENTICATED, form_cred);

        // Sign-on to SSO mechanism
        if (realm instanceof SSORealm) {
          ((SSORealm) realm)
              .setSingleSignOn(
                  httpRequest,
                  httpResponse,
                  form_cred._userPrincipal,
                  new Password(form_cred._jPassword));
        }

        // Redirect to original request
        if (response != null) {
          response.setContentLength(0);
          response.sendRedirect(response.encodeRedirectURL(nuri));
        }
      } else if (response != null) {
        if (log.isDebugEnabled())
          log.debug("Form authentication FAILED for " + form_cred._jUserName);
        if (_formErrorPage != null) {
          response.setContentLength(0);
          response.sendRedirect(
              response.encodeRedirectURL(URI.addPaths(request.getContextPath(), _formErrorPage)));
        } else {
          response.sendError(HttpResponse.__403_Forbidden);
        }
      }

      // Security check is always false, only true after final redirection.
      return null;
    }

    // Check if the session is already authenticated.
    FormCredential form_cred = (FormCredential) session.getAttribute(__J_AUTHENTICATED);

    if (form_cred != null) {
      // We have a form credential. Has it been distributed?
      if (form_cred._userPrincipal == null) {
        // This form_cred appears to have been distributed.  Need to reauth
        form_cred.authenticate(realm, httpRequest);

        // Sign-on to SSO mechanism
        if (form_cred._userPrincipal != null && realm instanceof SSORealm) {
          ((SSORealm) realm)
              .setSingleSignOn(
                  httpRequest,
                  httpResponse,
                  form_cred._userPrincipal,
                  new Password(form_cred._jPassword));
        }
      } else if (!realm.reauthenticate(form_cred._userPrincipal))
        // Else check that it is still authenticated.
        form_cred._userPrincipal = null;

      // If this credential is still authenticated
      if (form_cred._userPrincipal != null) {
        if (log.isDebugEnabled())
          log.debug("FORM Authenticated for " + form_cred._userPrincipal.getName());
        httpRequest.setAuthType(SecurityConstraint.__FORM_AUTH);
        httpRequest.setAuthUser(form_cred._userPrincipal.getName());
        httpRequest.setUserPrincipal(form_cred._userPrincipal);
        return form_cred._userPrincipal;
      } else session.setAttribute(__J_AUTHENTICATED, null);
    } else if (realm instanceof SSORealm) {
      // Try a single sign on.
      Credential cred = ((SSORealm) realm).getSingleSignOn(httpRequest, httpResponse);

      if (httpRequest.hasUserPrincipal()) {
        form_cred = new FormCredential();
        form_cred._userPrincipal = request.getUserPrincipal();
        form_cred._jUserName = form_cred._userPrincipal.getName();
        if (cred != null) form_cred._jPassword = cred.toString();
        if (log.isDebugEnabled()) log.debug("SSO for " + form_cred._userPrincipal);

        httpRequest.setAuthType(SecurityConstraint.__FORM_AUTH);
        session.setAttribute(__J_AUTHENTICATED, form_cred);
        return form_cred._userPrincipal;
      }
    }

    // Don't authenticate authform or errorpage
    if (isLoginOrErrorPage(pathInContext)) return SecurityConstraint.__NOBODY;

    // redirect to login page
    if (response != null) {
      if (httpRequest.getQuery() != null) uri += "?" + httpRequest.getQuery();
      session.setAttribute(
          __J_URI,
          request.getScheme()
              + "://"
              + request.getServerName()
              + ":"
              + request.getServerPort()
              + URI.addPaths(request.getContextPath(), uri));
      response.setContentLength(0);
      response.sendRedirect(
          response.encodeRedirectURL(URI.addPaths(request.getContextPath(), _formLoginPage)));
    }

    return null;
  }
 public Principal getUserPrincipal() {
   return request.getUserPrincipal();
 }
 // user predicates
 String getUsername() {
   Principal user = req.getUserPrincipal();
   return user != null ? user.toString() : null;
 }