Esempio n. 1
0
 ActionForward getActionForwardHolydays() {
   String actionForwardURL = "/showCTCalendar.do?method=holydays";
   ActionForward ret = new ActionForward();
   ret.setPath(actionForwardURL);
   ret.setRedirect(false);
   return ret;
 }
Esempio n. 2
0
 ActionForward getActionForwardShow(String entityId, String regId) {
   String actionForwardURL =
       "/showCTCalendar.do?method=show&entityId=" + entityId + "&regId=" + regId;
   ActionForward ret = new ActionForward();
   ret.setPath(actionForwardURL);
   ret.setRedirect(true);
   return ret;
 }
Esempio n. 3
0
 ActionForward getActionForwardShowDelete(
     String entityId, String regId, String nombre, String diasSeleccionados) {
   String actionForwardURL =
       "/showCTCalendar.do?method=show&entityId=" + entityId + "&regId=" + regId;
   actionForwardURL += "&save=true&nombre=" + nombre + "&weekDaysSelect=" + diasSeleccionados;
   ActionForward ret = new ActionForward();
   ret.setPath(actionForwardURL);
   ret.setRedirect(true);
   return ret;
 }
  public ActionForward execute(
      ActionMapping mapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response) {
    ActionErrors errors = new ActionErrors();

    AuthenticationManager authenticationManager = null;
    AuthorizationManager authorizationManager = null;
    UserProvisioningManager userProvisioningManager = null;
    boolean loginSuccessful = false;
    boolean hasPermission = false;
    String uptContextName = DisplayConstants.UPT_CONTEXT_NAME;
    Application application = null;

    String serverInfoPathPort =
        (request.isSecure() ? "https://" : "http://")
            + request.getServerName()
            + ":"
            + request.getServerPort();
    ObjectFactory.initialize("upt-beans.xml");
    UPTProperties uptProperties = null;
    String urlContextForLoginApp = "";
    String centralUPTConfiguration = "";
    try {
      uptProperties = (UPTProperties) ObjectFactory.getObject("UPTProperties");
      urlContextForLoginApp =
          uptProperties.getBackwardsCompatibilityInformation().getLoginApplicationContextName();
      if (!StringUtils.isBlank(urlContextForLoginApp)) {
        serverInfoPathPort = serverInfoPathPort + "/" + urlContextForLoginApp + "/";
      } else {
        serverInfoPathPort =
            serverInfoPathPort + "/" + DisplayConstants.LOGIN_APPLICATION_CONTEXT_NAME + "/";
      }

      centralUPTConfiguration =
          uptProperties.getBackwardsCompatibilityInformation().getCentralUPTConfiguration();
      if ("true".equalsIgnoreCase(centralUPTConfiguration)) {
        uptContextName = DisplayConstants.UPT_AUTHENTICATION_CONTEXT_NAME;
      }
    } catch (UPTConfigurationException e) {
      serverInfoPathPort =
          serverInfoPathPort + "/" + DisplayConstants.LOGIN_APPLICATION_CONTEXT_NAME + "/";
    }

    //		System.out.println("centralUPTConfiguration: "+centralUPTConfiguration);
    //		System.out.println("urlContextForLoginApp: "+urlContextForLoginApp);
    //		System.out.println("serverInfoPathPort: "+serverInfoPathPort);

    LoginForm loginForm = (LoginForm) form;
    if (StringUtils.isBlank(loginForm.getApplicationContextName())
        || StringUtils.isBlank(loginForm.getLoginId())
        || StringUtils.isBlank(loginForm.getPassword())) {

      ActionForward newActionForward = new ActionForward();
      newActionForward.setPath(serverInfoPathPort);
      newActionForward.setRedirect(true);

      return newActionForward;
    }

    UserInfoHelper.setUserInfo(loginForm.getLoginId(), request.getSession().getId());
    errors.clear();

    try {
      //			System.out.println("uptContextName1: "+uptContextName);
      authorizationManager = SecurityServiceProvider.getAuthorizationManager(uptContextName);
      if (null == authorizationManager) {
        errors.add(
            ActionErrors.GLOBAL_ERROR,
            new ActionError(
                DisplayConstants.ERROR_ID,
                "Unable to initialize Authorization Manager for the given application context using new configuration"));
        saveErrors(request, errors);
        if (log.isDebugEnabled())
          log.debug(
              "|"
                  + loginForm.getLoginId()
                  + "||Login|Failure|Unable to instantiate Authorization Manager for UPT application using new configuration||");
        return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
      }
    } catch (CSException cse) {

      authorizationManager = null;
    }

    if (null == authorizationManager) {

      try {

        if (null == uptContextName || uptContextName.equalsIgnoreCase("")) {
          errors.add(
              ActionErrors.GLOBAL_ERROR,
              new ActionError(
                  DisplayConstants.ERROR_ID,
                  "Unable to read the UPT Context Name from Security Config File"));
          saveErrors(request, errors);
          if (log.isDebugEnabled())
            log.debug(
                "|"
                    + loginForm.getLoginId()
                    + "||Login|Failure|Unable to read the UPT Context Name from Security Config File");
          return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
        }
      } catch (Exception ex) {
        errors.add(
            ActionErrors.GLOBAL_ERROR,
            new ActionError(
                DisplayConstants.ERROR_ID,
                org.apache.commons.lang.StringEscapeUtils.escapeHtml(ex.getMessage())));
        saveErrors(request, errors);
        if (log.isDebugEnabled())
          log.debug(
              "|"
                  + loginForm.getLoginId()
                  + "||Login|Failure|Unable to read the UPT Context Name from Security Config File||");
        return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
      }
    }
    try {

      authenticationManager =
          SecurityServiceProvider.getAuthenticationManager(
              DisplayConstants.UPT_AUTHENTICATION_CONTEXT_NAME);
      if (null == authenticationManager) {
        errors.add(
            ActionErrors.GLOBAL_ERROR,
            new ActionError(
                DisplayConstants.ERROR_ID,
                "Unable to initialize Authentication Manager for the given application context"));
        saveErrors(request, errors);
        if (log.isDebugEnabled())
          log.debug(
              "|"
                  + loginForm.getLoginId()
                  + "||Login|Failure|Unable to instantiate AuthenticationManager for UPT application||");
        return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
      }
    } catch (CSException cse) {
      errors.add(
          ActionErrors.GLOBAL_ERROR,
          new ActionError(
              DisplayConstants.ERROR_ID,
              org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
      saveErrors(request, errors);
      if (log.isDebugEnabled())
        log.debug(
            "|"
                + loginForm.getLoginId()
                + "||Login|Failure|Unable to instantiate AuthenticationManager for UPT application|"
                + loginForm.toString()
                + "|"
                + cse.getMessage());
      return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
    }
    try {
      loginSuccessful =
          authenticationManager.login(loginForm.getLoginId(), loginForm.getPassword());
    } catch (CSCredentialExpiredException cse) {
      errors.add(
          ActionErrors.GLOBAL_ERROR,
          new ActionError(
              DisplayConstants.ERROR_ID,
              org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
      saveErrors(request, errors);
      if (log.isDebugEnabled())
        log.debug(
            "|"
                + loginForm.getLoginId()
                + "||Login|Failure|Password Expired for user name "
                + loginForm.getLoginId()
                + " and"
                + loginForm.getApplicationContextName()
                + " application|"
                + loginForm.toString()
                + "|"
                + cse.getMessage());
      return mapping.findForward(ForwardConstants.EXPIRED_PASSWORD);
    } catch (CSFirstTimeLoginException cse) {
      errors.add(
          ActionErrors.GLOBAL_ERROR,
          new ActionError(
              DisplayConstants.ERROR_ID,
              org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
      saveErrors(request, errors);
      if (log.isDebugEnabled())
        log.debug(
            "|"
                + loginForm.getLoginId()
                + "||Login|Failure|Password Expired for user name "
                + loginForm.getLoginId()
                + " and"
                + loginForm.getApplicationContextName()
                + " application|"
                + loginForm.toString()
                + "|"
                + cse.getMessage());
      return mapping.findForward(ForwardConstants.EXPIRED_PASSWORD);
    } catch (CSException cse) {
      errors.add(
          ActionErrors.GLOBAL_ERROR,
          new ActionError(
              DisplayConstants.ERROR_ID,
              org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
      saveErrors(request, errors);
      if (log.isDebugEnabled())
        log.debug(
            "|"
                + loginForm.getLoginId()
                + "||Login|Failure|Login Failed for user name "
                + loginForm.getLoginId()
                + " and"
                + loginForm.getApplicationContextName()
                + " application|"
                + loginForm.toString()
                + "|"
                + cse.getMessage());
      return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
    }

    try {
      authorizationManager = SecurityServiceProvider.getAuthorizationManager(uptContextName);
      if (null == authorizationManager) {
        errors.add(
            ActionErrors.GLOBAL_ERROR,
            new ActionError(
                DisplayConstants.ERROR_ID,
                "Unable to initialize Authorization Manager for the given application context"));
        saveErrors(request, errors);
        if (log.isDebugEnabled())
          log.debug(
              "|"
                  + loginForm.getLoginId()
                  + "||Login|Failure|Unable to instantiate Authorization Manager for UPT application||");
        return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
      }
    } catch (CSException cse) {
      errors.add(
          ActionErrors.GLOBAL_ERROR,
          new ActionError(
              DisplayConstants.ERROR_ID,
              org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
      saveErrors(request, errors);
      if (log.isDebugEnabled())
        log.debug(
            "|"
                + loginForm.getLoginId()
                + "||Login|Failure|Unable to instantiate AuthorizationManager for UPT application|"
                + loginForm.toString()
                + "|"
                + cse.getMessage());
      return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
    }
    try {
      hasPermission =
          authorizationManager.checkPermission(
              loginForm.getLoginId(), loginForm.getApplicationContextName(), null);
      if (!hasPermission) {
        try {
          userProvisioningManager =
              getUserProvisioningManager(
                  authorizationManager, loginForm.getApplicationContextName());
          if (null == userProvisioningManager) {
            errors.add(
                ActionErrors.GLOBAL_ERROR,
                new ActionError(
                    DisplayConstants.ERROR_ID,
                    "Unable to initialize Authorization Manager for the given application context"));
            saveErrors(request, errors);
            if (log.isDebugEnabled())
              log.debug(
                  "|"
                      + loginForm.getLoginId()
                      + "||Login|Failure|Unable to instantiate User Provisioning Manager for "
                      + loginForm.getApplicationContextName()
                      + " application||");
            return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
          }
        } catch (CSException cse) {
          errors.add(
              ActionErrors.GLOBAL_ERROR,
              new ActionError(
                  DisplayConstants.ERROR_ID,
                  org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
          saveErrors(request, errors);
          if (log.isDebugEnabled())
            log.debug(
                "|"
                    + loginForm.getLoginId()
                    + "||Login|Failure|Unable to instantiate User Provisioning Manager for |"
                    + loginForm.toString()
                    + "|"
                    + cse.getMessage());
          return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
        }
        HttpSession session = request.getSession(true);
        session.setAttribute(DisplayConstants.USER_PROVISIONING_MANAGER, userProvisioningManager);
        session.setAttribute(DisplayConstants.LOGIN_OBJECT, form);
        session.setAttribute(DisplayConstants.CURRENT_TABLE_ID, DisplayConstants.HOME_ID);

        session.setAttribute(
            Constants.UPT_USER_OPERATION + "_" + Constants.CSM_ACCESS_PRIVILEGE, "false");
        session.setAttribute(
            Constants.UPT_PROTECTION_ELEMENT_OPERATION + "_" + Constants.CSM_ACCESS_PRIVILEGE,
            "false");
        session.setAttribute(
            Constants.UPT_PRIVILEGE_OPERATION + "_" + Constants.CSM_ACCESS_PRIVILEGE, "false");
        session.setAttribute(
            Constants.UPT_GROUP_OPERATION + "_" + Constants.CSM_ACCESS_PRIVILEGE, "false");
        session.setAttribute(
            Constants.UPT_PROTECTION_GROUP_OPERATION + "_" + Constants.CSM_ACCESS_PRIVILEGE,
            "false");
        session.setAttribute(
            Constants.UPT_ROLE_OPERATION + "_" + Constants.CSM_ACCESS_PRIVILEGE, "false");
        session.setAttribute(
            Constants.UPT_INSTANCE_LEVEL_OPERATION + "_" + Constants.CSM_ACCESS_PRIVILEGE, "false");

        //				errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(DisplayConstants.ERROR_ID,
        // "Access permission denied for the application" ));
        //				saveErrors( request,errors );
        //				if (log.isDebugEnabled())
        //					log.debug("|"+loginForm.getLoginId()+
        //							"||Login|Failure|User "+loginForm.getLoginId()+" doesnot have permission on
        // "+loginForm.getApplicationContextName()+" application||");

        return mapping.findForward(ForwardConstants.LOGIN_SUCCESS);
      }
    } catch (CSException cse) {
      errors.add(
          ActionErrors.GLOBAL_ERROR,
          new ActionError(
              DisplayConstants.ERROR_ID,
              org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
      saveErrors(request, errors);
      if (log.isDebugEnabled())
        log.debug(
            "|"
                + loginForm.getLoginId()
                + "||Login|Failure|Error in checking permission|"
                + loginForm.toString()
                + "|"
                + cse.getMessage());
      return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
    }

    try {
      // UserProvisioningManager upm = (UserProvisioningManager)authorizationManager;
      application = authorizationManager.getApplication(loginForm.getApplicationContextName());
      userProvisioningManager =
          getUserProvisioningManager(authorizationManager, loginForm.getApplicationContextName());
      if (null == userProvisioningManager) {
        errors.add(
            ActionErrors.GLOBAL_ERROR,
            new ActionError(
                DisplayConstants.ERROR_ID,
                "Unable to initialize Authorization Manager for the given application context"));
        saveErrors(request, errors);
        if (log.isDebugEnabled())
          log.debug(
              "|"
                  + loginForm.getLoginId()
                  + "||Login|Failure|Unable to instantiate User Provisioning Manager for "
                  + loginForm.getApplicationContextName()
                  + " application||");
        return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
      }
    } catch (CSException cse) {
      errors.add(
          ActionErrors.GLOBAL_ERROR,
          new ActionError(
              DisplayConstants.ERROR_ID,
              org.apache.commons.lang.StringEscapeUtils.escapeHtml(cse.getMessage())));
      saveErrors(request, errors);
      if (log.isDebugEnabled())
        log.debug(
            "|"
                + loginForm.getLoginId()
                + "||Login|Failure|Unable to instantiate User Provisioning Manager for |"
                + loginForm.toString()
                + "|"
                + cse.getMessage());
      return mapping.findForward(ForwardConstants.LOGIN_FAILURE);
    }

    HttpSession session = request.getSession(true);
    session.setAttribute(DisplayConstants.USER_PROVISIONING_MANAGER, userProvisioningManager);
    session.setAttribute(DisplayConstants.LOGIN_OBJECT, form);
    session.setAttribute(DisplayConstants.CURRENT_TABLE_ID, DisplayConstants.HOME_ID);

    authenticationManager = null;
    authorizationManager = null;

    try {
      processUptOperation(
          userProvisioningManager,
          loginForm.getLoginId(),
          application.getApplicationName(),
          session);
    } catch (CSTransactionException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    }
    if (((LoginForm) form).getApplicationContextName().equalsIgnoreCase(uptContextName)) {
      session.setAttribute(DisplayConstants.ADMIN_USER, DisplayConstants.ADMIN_USER);
      if (log.isDebugEnabled())
        log.debug(
            session.getId()
                + "|"
                + ((LoginForm) session.getAttribute(DisplayConstants.LOGIN_OBJECT)).getLoginId()
                + "||Login|Success|Login Successful for user "
                + loginForm.getLoginId()
                + " and "
                + loginForm.getApplicationContextName()
                + " application, Forwarding to the Super Admin Home Page||");
      return (mapping.findForward(ForwardConstants.ADMIN_LOGIN_SUCCESS));
    } else {
      if (log.isDebugEnabled())
        log.debug(
            session.getId()
                + "|"
                + ((LoginForm) session.getAttribute(DisplayConstants.LOGIN_OBJECT)).getLoginId()
                + "||Login|Success|Login Successful for user "
                + loginForm.getLoginId()
                + " and "
                + loginForm.getApplicationContextName()
                + " application, Forwarding to the Home Page||");
      return (mapping.findForward(ForwardConstants.LOGIN_SUCCESS));
    }
  }