Beispiel #1
0
  /**
   * Validates the login. Writes the isValid flag into the session along with the current user.
   *
   * @return true if OK, false if there's a problem
   */
  private boolean validateLogin(
      HttpSession session, HttpServletRequest req, HttpServletResponse res) throws Exception {

    // Creates a user database access bean.
    UserManager userManager = new UserManager();
    // (no setSession() here, since user may not exist yet)

    // Validates the login
    String username = req.getParameter("Username");
    String password = req.getParameter("Password");
    boolean isValid = userManager.isValidUser(username, password);
    boolean isAdmin = userManager.isAdmin(username);

    // To allow bootstrapping the system, if there are no users
    // yet, set this session valid, and grant admin privileges.
    if (userManager.getRecords().isEmpty()) {
      isValid = true;
      isAdmin = true;
    }

    if (isValid) {
      // Writes User object and validity flag to the session
      session.setAttribute("user", new User(username, password, isAdmin));
      session.setAttribute("isValid", new Boolean(isValid));
    } else {
      Util.putMessagePage(res, "Invalid user or password");
      return false;
    }
    return isValid;
  }
Beispiel #2
0
  /**
   * Creates a db connecton.
   *
   * @return true if OK, false if there's a problem
   */
  private boolean createDbConnection(
      HttpSession session, HttpServletRequest req, HttpServletResponse res) throws Exception {

    // At this point a driver and connection may already be set
    // up.  So here it first tests if a connection can be made.
    // If not, set params up, and test the setup.
    if (ConnManager.getConn() == null) {
      ConnManager.getInstance()
          .setLoginParams(
              session.getAttribute("dbtDbDriver"),
              session.getAttribute("dbtDbUrl"),
              session.getAttribute("dbtDbUser"),
              session.getAttribute("dbtDbPassword"));
      if (ConnManager.getConn() == null) {
        Util.putMessagePage(res, "Cannot login to DBT database");
        // Invalidates the session in case connection is "stuck" in error
        session.invalidate();
        return false;
      }
    }
    return true;
  }
Beispiel #3
0
  /** Cracks the command and invokes the appropriate next screen */
  public void doPost(HttpServletRequest req, HttpServletResponse res)
      throws ServletException, IOException {

    try {
      // Sets up session tracking
      ServletContext context = getServletContext();
      HttpSession session = req.getSession();

      // Gets command, which says what button was pressed
      String command = req.getParameter("command");
      if (command == null) {
        Util.putMessagePage(res, "Please go back and use a button");
        return;
      }

      // "Exit" invalidates the session
      if (command.equals("Exit")) {
        Util.exitSession(session, res);
        return;
      }

      // "Relogin" invalidates the session and starts over
      if (command.equals("Relogin")) {
        session.invalidate();
        RequestDispatcher dispatcher = context.getRequestDispatcher(Util.BASE + "index.jsp");
        dispatcher.forward(req, res);
        return;
      }

      // At this point the session may be new, or may be already
      // validated.  If session is not valid, or if a login was
      // specified, do a dbt database login, and validate the
      // user's login.
      if (!Util.isSessionValid(session, null) || req.getParameter("Username") != null) {
        if (!createDbConnection(session, req, res)) return;
        if (!validateLogin(session, req, res)) return;
      }

      // Shows the DBT_DB records
      if (command.indexOf("Databases") > -1) {
        RequestDispatcher dispatcher = context.getRequestDispatcher(Util.BASE + "ShowDbs.jsp");
        dispatcher.forward(req, res);
        return;
      }

      // Displays all the history records
      if (command.indexOf("History") > -1) {
        RequestDispatcher dispatcher = context.getRequestDispatcher(Util.BASE + "ShowHistory.jsp");
        dispatcher.forward(req, res);
        return;
      }

      // Changes the user's password
      if (command.indexOf("Password") > -1) {
        RequestDispatcher dispatcher =
            context.getRequestDispatcher(Util.BASE + "ChangePassword.jsp");
        dispatcher.forward(req, res);
        return;
      }

      // Performs admin functions
      if (command.indexOf("Admin") > -1) {
        RequestDispatcher dispatcher = context.getRequestDispatcher(Util.BASE + "AdminFnc.jsp");
        dispatcher.forward(req, res);
        return;
      }

      Util.putMessagePage(
          res, "<p>Dbtracker internal error<p>Unknown command in " + getServletInfo());
    } catch (ServletException e) {
      throw e;
    } catch (IOException e) {
      throw e;
    } catch (Throwable t) {
      Util.putExceptionPage(res, t);
    }
  }