@Override
public ScreenState current(boolean create) {
ScreenState current = currentScreenState.get();
// Remove current state if not for active page
if (current != null && !current.isForPage(requestGlobals.getActivePageName())) {
currentScreenState.clear();
current = null;
}
if (current == null && create) {
return createNewScreenState(requestGlobals.getActivePageName());
}
return current;
}
void onValidateForm() {
provider.setUserDetailsService(userserve);
provider.setPasswordEncoder(new ShaPasswordEncoder());
authtoken = new UsernamePasswordAuthenticationToken(fLogin, fpass);
provider.setSaltSource(salt);
Authentication token = null;
try {
token = provider.authenticate(authtoken);
} catch (org.springframework.security.BadCredentialsException e) {
loginform.recordError("Either the Username or Password is incorrect, Please try again.");
return;
}
if (token.isAuthenticated()) {
System.out.println("user has been authenticated");
this.user = userDAO.findByUsername(fLogin);
SecurityContextHolder.getContext().setAuthentication(token);
SavedRequest savedRequest =
(SavedRequest)
requestGlobals
.getHTTPServletRequest()
.getSession()
.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY);
Session s = request.getSession(false);
s.invalidate();
s = request.getSession(true);
if (savedRequest != null) {
url = null;
try {
url = new URL(savedRequest.getRequestURL());
} catch (MalformedURLException e) {
System.out.println("malformed url:" + savedRequest.getRequestURI());
}
}
} else {
// fpass = null;
// fLogin = null;
loginform.recordError("Either the Username or Password is incorrect, Please try again.");
}
}
private HttpSession getHttpSession(boolean create) {
return requestGlobals.getHTTPServletRequest().getSession(create);
}
/**
* Initialize the SSO Service, prepare a login if required
*
* @param session The server session data
* @throws Exception if any errors occur
*/
@Override
public String ssoInit(JsonSessionState session) throws Exception {
// Keep track of the user switching portals for
// link building in other methods
String portalId = (String) session.get("portalId", defaultPortal);
ssoLoginUrl = serverUrlBase + portalId + SSO_LOGIN_PAGE;
// Find out what page we are on
String path = request.getAttribute("RequestURI").toString();
String currentAddress = serverUrlBase + path;
// Store the portal URL, might be required by implementers to build
// an interface (images etc).
session.set("ssoPortalUrl", serverUrlBase + portalId);
// Makes sure all SSO plugins get initialised
for (String ssoId : sso.keySet()) {
sso.get(ssoId).ssoInit(session, rg.getHTTPServletRequest());
}
// Are we logging in right now?
String ssoId = request.getParameter("ssoId");
// If this isn't the login page...
if (!currentAddress.contains(SSO_LOGIN_PAGE)) {
// Store the current address for use later
session.set("returnAddress", currentAddress);
// We might still be logging in from a deep link
if (ssoId == null) {
// No we're not, finished now
return null;
} else {
// Yes it's a deep link, store any extra query params
// since they probably won't survive the round-trip
// through SSO.
for (String param : request.getParameterNames()) {
if (!param.equals("ssoId")) {
// Store all the other parameters
session.set(SSO_STORAGE_PREFIX + param, request.getParameter(param));
}
}
}
}
// Get the last address to return the user to
String returnAddress = (String) session.get("returnAddress");
if (returnAddress == null) {
// Or use the home page
returnAddress = serverUrlBase + portalId + "/home";
}
// Which SSO provider did the user request?
if (ssoId == null) {
log.error("==== SSO: SSO ID not found!");
return null;
}
if (!sso.containsKey(ssoId)) {
log.error("==== SSO: SSO ID invalid: '{}'!", ssoId);
return null;
}
// The main event... finally
sso.get(ssoId).ssoPrepareLogin(session, returnAddress, serverUrlBase);
return ssoId;
}
