/**
   * @see org.apache.struts.action.Action#execute(org.apache.struts.action.ActionMapping,
   *     org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest,
   *     javax.servlet.http.HttpServletResponse)
   */
  @Override
  public ActionForward execute(
      ActionMapping mapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {
    SimpleAuthLoginForm simpleAuthLoginForm = (SimpleAuthLoginForm) form;

    String redirectTo = simpleAuthLoginForm.getRedirectTo();
    String username = simpleAuthLoginForm.getUsername();
    String password = simpleAuthLoginForm.getPassword();
    logger.debug("Authenticating user: "******"Setting user principal in session...");
      AuthEnvironment authEnv = new AuthEnvironment(request);
      UserPrincipal userPrincipal = new UserPrincipal(person.getUsername());

      List<RolePrincipal> roles = new ArrayList<RolePrincipal>();
      if (person.isActive()) {
        if (person.isAnonymous()) {
          roles.add(new RolePrincipal(RolePrincipal.ROLE_ANONYMUS));
        } else {
          roles.add(new RolePrincipal(RolePrincipal.ROLE_MEMBER));
          // XXX Only members can be administrators
          if (person.isAdministrator()) {
            roles.add(new RolePrincipal(RolePrincipal.ROLE_ADMINISTRATOR));
          }
        }
      }
      userPrincipal.setRoles(roles);

      authEnv.setPrincipal(userPrincipal);
      if (redirectTo != null && redirectTo.length() > 0) {
        PathForwardFactory forwardFactory = new PathForwardFactory();
        forward = forwardFactory.getRedirectForward(redirectTo);
      } else {
        forward = mapping.findForward("principalPath");
      }
    } else {
      logger.debug("No person with the name [" + username + "] was found...");
      forward = mapping.getInputForward();
    }

    return forward;
  }
 public Person authenticatePerson(String username, char[] password) throws HibernateException {
   Session session = HibernateSessionFactory.currentSession();
   Transaction transaction = session.beginTransaction();
   Criteria criteria = session.createCriteria(Person.class);
   criteria.add(Expression.eq("username", username));
   criteria.setMaxResults(1);
   Person person = (Person) criteria.uniqueResult();
   transaction.commit();
   HibernateSessionFactory.closeSession();
   logger.debug("Found person: " + person.getUsername());
   if (person.checkPlainPassword(new String(password))) {
     return person;
   }
   return null;
 }