TreeMap errorMap = new TreeMap();
String userType = null;
UserObject userObject = null;
HttpSession session = request.getSession();
ModuleFieldRightMatrix mfrm = null;
LoginHome lh = (LoginHome)CVUtility.getHomeObject("com.centraview.login.LoginHome","Login");
try {
// first, let's get the username and password from the HTML form
DynaActionForm daf = (DynaActionForm)form;
formUsername = (String)daf.get("username");
formPassword = (String) daf.get("password");
// next, let's check for the existence of the CVRMID cookie.
boolean rmCookieExists = false;
Cookie requestCookie = null;
Cookie cookieList[] = request.getCookies();
if (cookieList != null) {
for (int i = 0; i < cookieList.length; i++) {
Cookie tmpCookie = cookieList[i];
if (tmpCookie.getName().equals("CVRMID")) {
rmCookieExists = true;
requestCookie = tmpCookie;
}
}
}
String cookieUsername = "";
String cookiePassword = "";
boolean useFormValues = false;
// now, if the cookie exists, then get the content
if (rmCookieExists) {
// unencode the content of the cookie
String unEncodedString = new String(Base64.decode(requestCookie.getValue()));
// split the parts of the string on the "/" character
String stringParts[] = unEncodedString.split("/");
// get the username and password values and save for use
cookieUsername = stringParts[0];
cookiePassword = stringParts[1];
// Note: In login.jsp, we checked to see if the cookie was set. If so, we
// got the username and password from the cookie; we set the username form
// value to the username from the cookie, and the password to "CVRMID-xxxxxxxx".
// Therefore, we will check the form password value here; if it is NOT
// "CVRMID-xxxxxxxx", the we know the user has manually typed in a different
// password, and we will use the form password vs. the cookie password.
if (formPassword != null && ! formPassword.equals("CVRMID-xxxxxxxx")) {
useFormValues = true;
}
if (remember == null || remember.equals("")) {
// if the user has *UN*-checked the Remember Me
// checkbox, then get rid of their cookie
this.forgetMe(response);
}
}
String username = "";
String password = "";
if (rmCookieExists) {
if (cookieUsername.equals(formUsername) && ! useFormValues) {
// if the userName in the cookie equals the username in the form,
// then, we'll authenticate on the cookie content
username = cookieUsername;
password = cookiePassword;
} else {
// if the username in the cookie does not match the username in the form,
// then, we'll authenticate on the form content
username = formUsername;
password = formPassword;
}
} else {
// if the cookie does not exist at all, authenticate on the form values
username = formUsername;
password = formPassword;
}
if (lh == null) {
return (mapping.findForward("dataerror"));
}
Login remote = lh.create();
remote.setDataSource(dataSource);
usrResult = remote.authenticateUser(username, password);
// Check to make sure the usrResult has all the fields we expect of it.
// if so then it was a valid login, if not, then we will fail with a general
// authentication error.