public Object userLogin(HttpServletRequest request) {
    SimpleRequestReader reader = new SimpleRequestReader(request);
    String loginName = reader.getString("loginName", false);
    String passwd = reader.getString("password", false);
    String type = reader.getString("clientType", false);
    String ip = reader.getClientIp();

    List<User> users = userManager.getUserByName(loginName);
    if (users.size() <= 0) {
      throw new BusinessException(
          ErrorCode.USER_NOT_FOUND, "login_name [" + loginName + "] not found!");
    }

    User user = users.get(0);

    if (!passwd.equals(MD5Util.MD5(user.getPassword()))) {
      throw new BusinessException(ErrorCode.PASSWORD_ERROR, "password error!");
    }
    // 判断OMC登录权限
    if (type.equals(TypeDefinition.CLIENT_TYPE_OMC)) {
      if (user.getAdminPriv() == 0) {
        throw new BusinessException(
            ErrorCode.USER_ROLE_INVALID, "user [" + user.getLogonName() + "] is not admin");
      }
    }
    // 生成ticket
    String ticket = onlineManager.csLogin(user, type, ip).getTicket();
    // 设置到用户session中
    request.getSession().setAttribute("userId", user.getId());
    request.getSession().setAttribute("userName", user.getName());
    request.getSession().setAttribute("ticket", ticket);
    request.getSession().setAttribute("userGroupId", user.getUserGroupId());

    BaseDTO dto = new BaseDTO();
    dto.setCode(ErrorCode.SUCCESS);
    dto.setMessage("");
    dto.setMethod("UserLogin");

    return dto;
  }
  public String csLogin(String message) {
    RequestReader reader = new RequestReader(message);
    String loginName = reader.getString("Request/LoginName", false);
    String passwd = reader.getString("Request/Password", false);
    String type = reader.getString("Request/ClientType", false);
    String ip = reader.getString("Request/IP", false);

    List<User> user = userManager.getUserByName(loginName);
    if (user.size() <= 0) {
      throw new BusinessException(
          ErrorCode.USER_NOT_FOUND, "login_name [" + loginName + "] not found!");
    }
    if (!passwd.equals(MD5Util.MD5(user.get(0).getPassword()))) {
      throw new BusinessException(ErrorCode.PASSWORD_ERROR, "password error!");
    }
    // 判断OMC登录权限
    if (type.equals(TypeDefinition.CLIENT_TYPE_OMC)) {
      if (user.get(0).getAdminPriv() == 0) {
        throw new BusinessException(
            ErrorCode.USER_ROLE_INVALID, "user [" + user.get(0).getLogonName() + "] is not admin");
      }
    }
    // 生成ticket
    String ticket = onlineManager.csLogin(user.get(0), type, ip).getTicket();

    Element root = DocumentHelper.createElement("Response");
    root.addAttribute("Method", "UserLogin");
    root.addAttribute("Code", "200");
    root.addAttribute("Message", "");
    Document doc = DocumentHelper.createDocument(root);
    Element ticketE = DocumentHelper.createElement("Ticket");
    Element userId = DocumentHelper.createElement("UseId");
    root.add(ticketE);
    root.add(userId);
    ticketE.setText(ticket);
    userId.setText(user.get(0).getId().toString());
    return XmlUtil.xmlToString(doc);
  }