/** * @see org.apache.struts.action.Action#execute(org.apache.struts.action.ActionMapping, * org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse) */ @Override public ActionForward execute( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { SimpleAuthLoginForm simpleAuthLoginForm = (SimpleAuthLoginForm) form; String redirectTo = simpleAuthLoginForm.getRedirectTo(); String username = simpleAuthLoginForm.getUsername(); String password = simpleAuthLoginForm.getPassword(); logger.debug("Authenticating user: "******"Setting user principal in session..."); AuthEnvironment authEnv = new AuthEnvironment(request); UserPrincipal userPrincipal = new UserPrincipal(person.getUsername()); List<RolePrincipal> roles = new ArrayList<RolePrincipal>(); if (person.isActive()) { if (person.isAnonymous()) { roles.add(new RolePrincipal(RolePrincipal.ROLE_ANONYMUS)); } else { roles.add(new RolePrincipal(RolePrincipal.ROLE_MEMBER)); // XXX Only members can be administrators if (person.isAdministrator()) { roles.add(new RolePrincipal(RolePrincipal.ROLE_ADMINISTRATOR)); } } } userPrincipal.setRoles(roles); authEnv.setPrincipal(userPrincipal); if (redirectTo != null && redirectTo.length() > 0) { PathForwardFactory forwardFactory = new PathForwardFactory(); forward = forwardFactory.getRedirectForward(redirectTo); } else { forward = mapping.findForward("principalPath"); } } else { logger.debug("No person with the name [" + username + "] was found..."); forward = mapping.getInputForward(); } return forward; }
public Person authenticatePerson(String username, char[] password) throws HibernateException { Session session = HibernateSessionFactory.currentSession(); Transaction transaction = session.beginTransaction(); Criteria criteria = session.createCriteria(Person.class); criteria.add(Expression.eq("username", username)); criteria.setMaxResults(1); Person person = (Person) criteria.uniqueResult(); transaction.commit(); HibernateSessionFactory.closeSession(); logger.debug("Found person: " + person.getUsername()); if (person.checkPlainPassword(new String(password))) { return person; } return null; }