protected static String getString(
HttpServletRequest request, String propertyName, String propertyValueDefault) {
String res = null;
{
try {
Principal userPrincipal = request.getUserPrincipal();
if (userPrincipal != null) {
PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
PreferenceAccessor a = f.getUserPreferenceAccessor();
res = a.getPreferenceProperty(userPrincipal, propertyName);
if (res == null || res.length() == 0) {
if (propertyValueDefault != null) {
res = propertyValueDefault;
}
}
}
} catch (Throwable ex) {
ex.printStackTrace(); // TODO: Log!
}
}
return res;
}
/**
* Initialises the command. Here the parameters are extracted from the request.
*
* @param HttpServletRequest Object that encapsulates the request to the servlet
* @throws EPlatformException necessary to fullfill abstract method signature
*/
public void init(HttpServletRequest request) throws EPlatformException {
LogHelper.trace(LogHelper.TRACE, "[SuspendCommand.init] init");
/* get the pincodes */
sPincode1 = request.getParameter("pincode1");
sPincode2 = request.getParameter("pincode2");
/* get the user */
g_sUser = request.getUserPrincipal().getName();
}
protected static void setString(
HttpServletRequest request, String propertyName, String propertyValue) {
try {
Principal userPrincipal = request.getUserPrincipal();
if (userPrincipal != null) {
PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
PreferenceAccessor a = f.getUserPreferenceAccessor();
a.setPreferenceProperty(userPrincipal, propertyName, propertyValue);
}
} catch (Throwable ex) {
ex.printStackTrace(); // TODO: Log!
}
}
public static String showSecurity(HttpServletRequest req, String role) {
StringBuilder sbuff = new StringBuilder();
sbuff.append("Security Info\n");
sbuff.append(" req.getRemoteUser(): ").append(req.getRemoteUser()).append("\n");
sbuff.append(" req.getUserPrincipal(): ").append(req.getUserPrincipal()).append("\n");
sbuff
.append(" req.isUserInRole(")
.append(role)
.append("):")
.append(req.isUserInRole(role))
.append("\n");
sbuff.append(" ------------------\n");
return sbuff.toString();
}
public static void setMenuPropertyValue(HttpServletRequest request, Integer v) {
try {
Principal userPrincipal = request.getUserPrincipal();
if (userPrincipal != null) {
PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
PreferenceAccessor a = f.getUserPreferenceAccessor();
if (v == null) {
a.setPreferenceProperty(userPrincipal, MENU_PROPERTY_NAME, null);
} else {
String value = v.toString();
a.setPreferenceProperty(userPrincipal, MENU_PROPERTY_NAME, value);
}
}
} catch (Throwable ex) {
ex.printStackTrace(); // TODO: Log!
}
}
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
resp.setContentType("text/html");
String username = req.getUserPrincipal().getName();
String token = ChannelServiceFactory.getChannelService().createChannel(username);
String tokenized =
CharStreams.toString(
new InputStreamReader(getServletContext().getResourceAsStream(PATH), ENCODING))
.replace("TOKEN", token);
DatastoreService store = DatastoreServiceFactory.getDatastoreService();
Entity player = ensurePlayerExists(username, store);
Entity map = ensureMapExists(player, store);
OutputStream out = resp.getOutputStream();
out.write(ENCODING.encode(tokenized).array());
out.flush();
}
private static Integer getMenuPropertyValue(HttpServletRequest request) {
Integer res = null;
{
try {
Principal userPrincipal = request.getUserPrincipal();
if (userPrincipal != null) {
PreferenceAccessorFactory f = DefaultPreferenceAccessorFactory.getInstance();
PreferenceAccessor a = f.getUserPreferenceAccessor();
String name = a.getPreferenceProperty(userPrincipal, MENU_PROPERTY_NAME);
if (name != null) {
res = Integer.parseInt(name);
}
}
} catch (Throwable ex) {
ex.printStackTrace(); // TODO: Log!
}
}
return res;
}
/**
* Perform form authentication. Called from SecurityHandler.
*
* @return UserPrincipal if authenticated else null.
*/
public Principal authenticate(
UserRealm realm, String pathInContext, HttpRequest httpRequest, HttpResponse httpResponse)
throws IOException {
HttpServletRequest request = (ServletHttpRequest) httpRequest.getWrapper();
HttpServletResponse response =
httpResponse == null ? null : (HttpServletResponse) httpResponse.getWrapper();
// Handle paths
String uri = pathInContext;
// Setup session
HttpSession session = request.getSession(response != null);
if (session == null) return null;
// Handle a request for authentication.
if (uri.substring(uri.lastIndexOf("/") + 1).startsWith(__J_SECURITY_CHECK)) {
// Check the session object for login info.
FormCredential form_cred = new FormCredential();
form_cred.authenticate(
realm,
request.getParameter(__J_USERNAME),
request.getParameter(__J_PASSWORD),
httpRequest);
String nuri = (String) session.getAttribute(__J_URI);
if (nuri == null || nuri.length() == 0) {
nuri = request.getContextPath();
if (nuri.length() == 0) nuri = "/";
}
if (form_cred._userPrincipal != null) {
// Authenticated OK
if (log.isDebugEnabled()) log.debug("Form authentication OK for " + form_cred._jUserName);
session.removeAttribute(__J_URI); // Remove popped return URI.
httpRequest.setAuthType(SecurityConstraint.__FORM_AUTH);
httpRequest.setAuthUser(form_cred._jUserName);
httpRequest.setUserPrincipal(form_cred._userPrincipal);
session.setAttribute(__J_AUTHENTICATED, form_cred);
// Sign-on to SSO mechanism
if (realm instanceof SSORealm) {
((SSORealm) realm)
.setSingleSignOn(
httpRequest,
httpResponse,
form_cred._userPrincipal,
new Password(form_cred._jPassword));
}
// Redirect to original request
if (response != null) {
response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(nuri));
}
} else if (response != null) {
if (log.isDebugEnabled())
log.debug("Form authentication FAILED for " + form_cred._jUserName);
if (_formErrorPage != null) {
response.setContentLength(0);
response.sendRedirect(
response.encodeRedirectURL(URI.addPaths(request.getContextPath(), _formErrorPage)));
} else {
response.sendError(HttpResponse.__403_Forbidden);
}
}
// Security check is always false, only true after final redirection.
return null;
}
// Check if the session is already authenticated.
FormCredential form_cred = (FormCredential) session.getAttribute(__J_AUTHENTICATED);
if (form_cred != null) {
// We have a form credential. Has it been distributed?
if (form_cred._userPrincipal == null) {
// This form_cred appears to have been distributed. Need to reauth
form_cred.authenticate(realm, httpRequest);
// Sign-on to SSO mechanism
if (form_cred._userPrincipal != null && realm instanceof SSORealm) {
((SSORealm) realm)
.setSingleSignOn(
httpRequest,
httpResponse,
form_cred._userPrincipal,
new Password(form_cred._jPassword));
}
} else if (!realm.reauthenticate(form_cred._userPrincipal))
// Else check that it is still authenticated.
form_cred._userPrincipal = null;
// If this credential is still authenticated
if (form_cred._userPrincipal != null) {
if (log.isDebugEnabled())
log.debug("FORM Authenticated for " + form_cred._userPrincipal.getName());
httpRequest.setAuthType(SecurityConstraint.__FORM_AUTH);
httpRequest.setAuthUser(form_cred._userPrincipal.getName());
httpRequest.setUserPrincipal(form_cred._userPrincipal);
return form_cred._userPrincipal;
} else session.setAttribute(__J_AUTHENTICATED, null);
} else if (realm instanceof SSORealm) {
// Try a single sign on.
Credential cred = ((SSORealm) realm).getSingleSignOn(httpRequest, httpResponse);
if (httpRequest.hasUserPrincipal()) {
form_cred = new FormCredential();
form_cred._userPrincipal = request.getUserPrincipal();
form_cred._jUserName = form_cred._userPrincipal.getName();
if (cred != null) form_cred._jPassword = cred.toString();
if (log.isDebugEnabled()) log.debug("SSO for " + form_cred._userPrincipal);
httpRequest.setAuthType(SecurityConstraint.__FORM_AUTH);
session.setAttribute(__J_AUTHENTICATED, form_cred);
return form_cred._userPrincipal;
}
}
// Don't authenticate authform or errorpage
if (isLoginOrErrorPage(pathInContext)) return SecurityConstraint.__NOBODY;
// redirect to login page
if (response != null) {
if (httpRequest.getQuery() != null) uri += "?" + httpRequest.getQuery();
session.setAttribute(
__J_URI,
request.getScheme()
+ "://"
+ request.getServerName()
+ ":"
+ request.getServerPort()
+ URI.addPaths(request.getContextPath(), uri));
response.setContentLength(0);
response.sendRedirect(
response.encodeRedirectURL(URI.addPaths(request.getContextPath(), _formLoginPage)));
}
return null;
}
public Principal getUserPrincipal() {
return request.getUserPrincipal();
}
// user predicates
String getUsername() {
Principal user = req.getUserPrincipal();
return user != null ? user.toString() : null;
}
