protected XWikiContext initializeXWikiContext(
      ActionMapping mapping, ActionForm form, HttpServletRequest req, HttpServletResponse resp)
      throws XWikiException, ServletException {
    String action = mapping.getName();

    XWikiRequest request = new XWikiServletRequest(req);
    XWikiResponse response = new XWikiServletResponse(resp);
    XWikiContext context =
        Utils.prepareContext(
            action, request, response, new XWikiServletContext(this.servlet.getServletContext()));

    // This code is already called by struts.
    // However struts will also set all the parameters of the form data
    // directly from the request objects.
    // However because of bug http://jira.xwiki.org/jira/browse/XWIKI-2422
    // We need to perform encoding of windows-1252 chars in ISO mode
    // So we need to make sure this code is called
    // TODO: completely get rid of struts so that we control this part of the code and can reduce
    // drastically the
    // number of calls
    if (form != null) {
      form.reset(mapping, request);
    }

    // Add the form to the context
    context.setForm((XWikiForm) form);

    // Initialize the Container component which is the new way of transporting the Context in the
    // new
    // component architecture.
    initializeContainerComponent(context);

    return context;
  }
Beispiel #2
0
 public void reset(ActionMapping mapping, HttpServletRequest request) {
   try {
     request.setCharacterEncoding("UTF-8");
   } catch (UnsupportedEncodingException ex) {
     ex.printStackTrace();
   }
   super.reset(mapping, request);
 }
  public void reset(ActionMapping arg0, ServletRequest arg1) {
    // TODO Auto-generated method stub
    super.reset(arg0, arg1);

    this.idComando = "";

    this.descricaoComando = "";

    this.valorDebito = "";

    this.numeroCpf = "";

    this.numeroCnpj = "";

    this.idImovel = "";
  }
  /** Hooks into populate process to call form populate method if form is an instanceof PojoForm. */
  @Override
  protected void processPopulate(
      HttpServletRequest request,
      HttpServletResponse response,
      ActionForm form,
      ActionMapping mapping)
      throws ServletException {
    if (form instanceof KualiForm) {
      // Add the ActionForm to GlobalVariables
      // This will allow developers to retrieve both the Document and any
      // request parameters that are not
      // part of the Form and make them available in ValueFinder classes
      // and other places where they are needed.
      KNSGlobalVariables.setKualiForm((KualiForm) form);
    }

    // if not PojoForm, call struts populate
    if (!(form instanceof PojoForm)) {
      super.processPopulate(request, response, form, mapping);
      return;
    }

    final String previousRequestGuid =
        request.getParameter(
            KualiRequestProcessor.PREVIOUS_REQUEST_EDITABLE_PROPERTIES_GUID_PARAMETER_NAME);

    ((PojoForm) form).clearEditablePropertyInformation();
    ((PojoForm) form).registerStrutsActionMappingScope(mapping.getScope());

    String multipart = mapping.getMultipartClass();
    if (multipart != null) {
      request.setAttribute(Globals.MULTIPART_KEY, multipart);
    }

    form.setServlet(this.servlet);
    form.reset(mapping, request);

    ((PojoForm) form).setPopulateEditablePropertiesGuid(previousRequestGuid);
    // call populate on ActionForm
    ((PojoForm) form).populate(request);
    request.setAttribute("UnconvertedValues", ((PojoForm) form).getUnconvertedValues().keySet());
    request.setAttribute("UnconvertedHash", ((PojoForm) form).getUnconvertedValues());
  }
Beispiel #5
0
 public void reset(ActionMapping map, HttpServletRequest req) {
   super.reset(map, req);
 }
Beispiel #6
0
 @Override
 public void reset(ActionMapping mapping, HttpServletRequest request) {
   super.reset(mapping, request);
   username = null;
   password = null;
 }
Beispiel #7
0
 /**
  * Reset form bean.
  *
  * @param mapping the action mapping associated with this form bean
  * @param request the current http servlet request
  */
 @Override
 public void reset(ActionMapping mapping, HttpServletRequest request) {
   super.reset(mapping, request);
   reset();
 }
Beispiel #8
0
  public ActionForward execute(
      ActionMapping mapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {

    ActionMessages msgs = new ActionMessages();

    SessionInfo sessionInfo = LogonControllerFactory.getInstance().getSessionInfo(request);

    if (sessionInfo == null
        && request.getSession().getAttribute(Constants.SESSION_LOCKED) == null
        && LogonControllerFactory.getInstance().hasClientLoggedOn(request, response)
            == LogonController.LOGGED_ON) {
      if (log.isDebugEnabled()) log.debug(request.getRemoteHost() + " is already authenticated");

      return mapping.findForward("success");
    }

    /*
     * Get the authentication session and module to use to validate this
     * authentication attempt
     */
    AuthenticationScheme scheme =
        (AuthenticationScheme) request.getSession().getAttribute(Constants.AUTH_SESSION);
    LogonStateAndCache logonStateMachine =
        (LogonStateAndCache)
            request.getSession().getAttribute(LogonStateAndCache.LOGON_STATE_MACHINE);

    // there are different users so we need to logon again, clearing the authentication scheme and
    // logon machine.
    if (sessionInfo != null
        && logonStateMachine != null
        && !sessionInfo.getUser().equals(logonStateMachine.getUser())) {
      request.getSession().removeAttribute(Constants.AUTH_SESSION);
      request.getSession().removeAttribute(LogonStateAndCache.LOGON_STATE_MACHINE);
      LogonControllerFactory.getInstance().logoffSession(request, response);
      msgs.add(
          Globals.ERROR_KEY,
          new ActionMessage("login.logonNotAllowed", "Session no longer valid, logon again."));
      saveErrors(request, msgs);
      return new RedirectWithMessages(mapping.findForward("logon"), request);
    }

    if (logonStateMachine == null) {
      logonStateMachine =
          new LogonStateAndCache(LogonStateAndCache.STATE_STARTED, request.getSession());
      request.getSession().setAttribute(LogonStateAndCache.LOGON_STATE_MACHINE, logonStateMachine);
    }
    if (scheme == null) {

      ActionForward fwd = null;
      try {
        fwd =
            ShowLogonAction.checkAuthSession(
                null, false, mapping, request, response, logonStateMachine);
      } catch (CoreException ce) {

      } catch (Throwable e) {
        log.error("Logon not allowed.", e);
        ActionMessages errs = new ActionMessages();
        if (e instanceof CoreException) {
          errs.add(Globals.ERROR_KEY, ((CoreException) e).getBundleActionMessage());
        } else {
          errs.add(
              Globals.ERROR_KEY,
              new ActionMessage("login.logonNotAllowed", "Please contact your administrator."));
        }
        saveErrors(request, errs);
        request.getSession().removeAttribute(Constants.AUTH_SESSION);
        request.getSession().removeAttribute(LogonStateAndCache.LOGON_STATE_MACHINE);
        if (form != null) form.reset(mapping, request);
        return new RedirectWithMessages(mapping.findForward("failed"), request);
      }
      if (fwd != null) {
        scheme = (AuthenticationScheme) request.getSession().getAttribute(Constants.AUTH_SESSION);
      }
    }

    if (scheme != null) {
      AuthenticationModule module = scheme.currentAuthenticationModule();
      if (module == null) {
        log.error("No authentication module.");
        request.getSession().removeAttribute(Constants.AUTH_SESSION);
        return mapping.findForward("logon");
      }

      try {
        // If there is no user in the scheme then it is an invalid login
        if (scheme.getUser() == null) {
          throw new InvalidLoginCredentialsException();
        }

        // Check the account is enabled and not locked
        if (!PolicyUtil.isEnabled(scheme.getUser())) {
          throw new AccountLockedException(scheme.getUsername(), "Account disabled.", true, 0);
        }

        // Check for locks
        LogonControllerFactory.getInstance()
            .checkForAccountLock(
                scheme.getUsername(), scheme.getUser().getRealm().getResourceName());

        // Authenticate
        authenticate(scheme, request);

        // Check logon is currently allowed
        String logonNotAllowedReason =
            LogonControllerFactory.getInstance().checkLogonAllowed(scheme.getUser());

        if (logonNotAllowedReason != null) {
          log.warn("Logon not allowed because '" + logonNotAllowedReason + "'");
          msgs.add(
              Globals.ERROR_KEY, new ActionMessage("login.logonNotAllowed", logonNotAllowedReason));
          saveErrors(request, msgs);
          return new RedirectWithMessages(mapping.findForward("logon"), request);
        }

        // Check for the next authentication modules
        AuthenticationModule nextModule = scheme.nextAuthenticationModule();
        if (nextModule != null
            && request.getSession().getAttribute(Constants.SESSION_LOCKED) == null) {
          if (log.isDebugEnabled())
            log.debug(
                "There are more authentication modules to satisfy (current mapping = "
                    + mapping.getPath());
          ActionForward fw = new RedirectWithMessages(mapping.findForward("logon"), request);
          return fw;
        }

        return finishAuthentication(scheme, request, response);
      } catch (InputRequiredException ex) {
        // The page wants to display or redirect somewhere
        if (ex.getForward() == null) return mapping.findForward("logon");
        else return ex.getForward();
      } catch (AccountLockedException ale) {
        return accountLocked(mapping, request, ale, msgs);
      } catch (InvalidLoginCredentialsException ex) {
        log.error("[" + request.getRemoteHost() + "] authentication failed", ex);

        LogonForm logonForm = (LogonForm) form;

        CoreServlet.getServlet()
            .fireCoreEvent(
                new CoreEvent(this, CoreEventConstants.LOGON, null, null, ex)
                    .addAttribute(
                        CoreAttributeConstants.EVENT_ATTR_IP_ADDRESS, request.getRemoteAddr())
                    .addAttribute(CoreAttributeConstants.EVENT_ATTR_HOST, request.getRemoteHost())
                    .addAttribute(CoreAttributeConstants.EVENT_ATTR_SCHEME, scheme.getSchemeName())
                    .addAttribute(
                        CoreAttributeConstants.EVENT_ATTR_ACCOUNT, logonForm.getUsername()));

        request.getSession().removeAttribute(LogonStateAndCache.LOGON_STATE_MACHINE);
        request.getSession().removeAttribute(Constants.AUTH_SESSION);

        try {
          scheme.setAccountLock(
              LogonControllerFactory.getInstance()
                  .logonFailed(
                      ((LogonForm) form).getUsername(),
                      ((LogonForm) form).getRealmName(),
                      scheme.getAccountLock()));
        } catch (AccountLockedException ale) {
          return accountLocked(mapping, request, ale, msgs);
        }

        msgs.add(Globals.ERROR_KEY, new ActionMessage("login.invalidCredentials"));
        saveErrors(request, msgs);
        return new RedirectWithMessages(mapping.findForward("logon"), request);
      } catch (Exception e) {
        log.error("Internal error authenticating.", e);
        msgs.add(
            Globals.ERROR_KEY, new BundleActionMessage("security", "login.error", e.getMessage()));
        saveErrors(request, msgs);
        request.getSession().setAttribute(Constants.EXCEPTION, e);
        request.getSession().removeAttribute(LogonStateAndCache.LOGON_STATE_MACHINE);
        request.getSession().removeAttribute(Constants.AUTH_SESSION);
        return new RedirectWithMessages(mapping.findForward("logon"), request);
      }
    } else {
      ActionMessages errs = new ActionMessages();
      errs.add(
          Globals.MESSAGE_KEY,
          new BundleActionMessage("security", "login.logonNotAllowed", "No scheme available."));
      saveErrors(request, errs);
      request.getSession().removeAttribute(LogonStateAndCache.LOGON_STATE_MACHINE);
      request.getSession().removeAttribute(Constants.AUTH_SESSION);
      if (form != null) form.reset(mapping, request);
      return new RedirectWithMessages(mapping.findForward("logon"), request);
    }
  }