public String create() throws Exception { setHeaderResources(); if (!validatePasswordNoSpaces(user.getNewPassword())) { addFieldError("newPassword", getText("admin.user.changePassword.NoSpaces")); return INPUT; } String checkResult = checkSubmit(user); if (checkResult != null) { return checkResult; } String userName = user.getName(); // add both a subject and a principal as normal log.trace("creating subject [" + userName + "]"); Integer sessionId = RequestUtils.getSessionId(getServletRequest()); AuthzSubject checkUser = authzBoss.findSubjectByName(sessionId, userName); if (checkUser != null) { log.error("User name '" + userName + "' already exists"); String msg = getText("exception.user.alreadyExists"); this.addFieldError("name", msg); return INPUT; } authzBoss.createSubject( sessionId, user.getName(), "yes".equals(user.getEnableLogin()), HQConstants.ApplicationName, user.getDepartment(), user.getEmailAddress(), user.getFirstName(), user.getLastName(), user.getPhoneNumber(), user.getSmsAddress(), user.isHtmlEmail()); log.trace("adding user [" + userName + "]"); authBoss.addUser(sessionId.intValue(), userName, user.getNewPassword()); log.trace("finding subject [" + userName + "]"); AuthzSubject newUser = authzBoss.findSubjectByName(sessionId, userName); getServletRequest().setAttribute(Constants.USER_PARAM, newUser.getId()); ActionContext.getContext().put(Constants.USER_PARAM, newUser.getId()); userId = newUser.getId().toString(); return "showCreated"; }
@RequestMapping(value = "/login", method = RequestMethod.GET) public ModelAndView login( HttpServletRequest request, HttpServletResponse response, HttpSession session) { final boolean debug = log.isDebugEnabled(); ModelAndView result = new ModelAndView(); // ...first check for an authentication object, if one exists we are already logged in... Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken) && authentication.isAuthenticated()) { try { if (debug) log.debug("User has already been authenticated. Redirecting to dashboard."); // Redirect to Dashboard.action for struts2 support response.sendRedirect("Dashboard.action"); return result; } catch (IOException e) { log.warn( "Could not perform the redirect for an authenticated user, displaying login page instead"); } } // ...we're dealing with an unauthenticated user, we're going to show the login form... AuthzSubject guestUser = authzSubjectManager.getSubjectById(AuthzConstants.guestId); // ...before we return, check for an error message... boolean loginError = request.getParameter("authfailed") != null; if (loginError) { if (session != null) { AuthenticationException ex = (AuthenticationException) session.getAttribute( AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); if (ex != null) { result.addObject("errorMessage", RequestUtils.message(request, ex.getMessage())); } } } result.addObject("guestUsername", (guestUser != null) ? guestUser.getName() : "guest"); result.addObject("guestEnabled", (guestUser != null && guestUser.getActive())); // ...set a response header so we can identify the login page explicitly... response.setHeader("hq-requires-auth", "1"); return result; }
public boolean equals(Object o) { if (o == this) return true; if (o == null || o instanceof UserDashboardConfig == false) return false; UserDashboardConfig oe = (UserDashboardConfig) o; if (!super.equals(oe)) return false; return _user.equals(oe.getUser()); }
public int hashCode() { int hash = super.hashCode(); hash = hash * 37 + _user.hashCode(); return hash; }