1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23 package org.apache.struts.webapp.example2;
24
25
26 import jakarta.servlet.http.HttpServletRequest;
27 import jakarta.servlet.http.HttpServletResponse;
28 import jakarta.servlet.http.HttpSession;
29
30 import org.apache.commons.beanutils.PropertyUtils;
31 import org.apache.struts.action.Action;
32 import org.apache.struts.action.ActionErrors;
33 import org.apache.struts.action.ActionForm;
34 import org.apache.struts.action.ActionForward;
35 import org.apache.struts.action.ActionMapping;
36 import org.apache.struts.action.ActionMessage;
37 import org.apache.struts.apps.mailreader.dao.ExpiredPasswordException;
38 import org.apache.struts.apps.mailreader.dao.User;
39 import org.apache.struts.apps.mailreader.dao.UserDatabase;
40 import org.apache.struts.util.ModuleException;
41 import org.slf4j.Logger;
42 import org.slf4j.LoggerFactory;
43
44
45
46
47
48
49
50
51
52 public final class LogonAction extends Action {
53 private static final long serialVersionUID = 4996537708066805369L;
54
55
56
57
58
59
60
61
62 private final static Logger LOG =
63 LoggerFactory.getLogger(LogonAction.class);
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83 public ActionForward execute(ActionMapping mapping,
84 ActionForm form,
85 HttpServletRequest request,
86 HttpServletResponse response)
87 throws Exception {
88
89
90 User user = null;
91
92
93 ActionErrors errors = new ActionErrors();
94 String username = (String)
95 PropertyUtils.getSimpleProperty(form, "username");
96 String password = (String)
97 PropertyUtils.getSimpleProperty(form, "password");
98 UserDatabase database = (UserDatabase)
99 servlet.getServletContext().getAttribute(Constants.DATABASE_KEY);
100 if (database == null)
101 errors.add(ActionErrors.GLOBAL_MESSAGE,
102 new ActionMessage("error.database.missing"));
103 else {
104 user = getUser(database, username);
105 if ((user != null) && !user.getPassword().equals(password))
106 user = null;
107 if (user == null)
108 errors.add(ActionErrors.GLOBAL_MESSAGE,
109 new ActionMessage("error.password.mismatch"));
110 }
111
112
113 if (!errors.isEmpty()) {
114 saveErrors(request, errors);
115 return (mapping.getInputForward());
116 }
117
118
119 HttpSession session = request.getSession();
120 session.setAttribute(Constants.USER_KEY, user);
121 LOG.debug("LogonAction: User '{}' logged on in session {}",
122 user.getUsername(), session.getId());
123
124
125 if (mapping.getAttribute() != null) {
126 if ("request".equals(mapping.getScope()))
127 request.removeAttribute(mapping.getAttribute());
128 else
129 session.removeAttribute(mapping.getAttribute());
130 }
131
132
133 return (mapping.findForward("success"));
134
135 }
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150 public User getUser(UserDatabase database, String username)
151 throws ModuleException {
152
153
154 if ("arithmetic".equals(username)) {
155 throw new ArithmeticException();
156 }
157
158
159 if ("expired".equals(username)) {
160 throw new ExpiredPasswordException(username);
161 }
162
163
164 return (database.findUser(username));
165 }
166 }