Package security.authentication.form

Source Code of security.authentication.form.HelperServlet

package security.authentication.form;

import static org.apache.http.HttpStatus.SC_EXPECTATION_FAILED;
import static org.apache.http.HttpStatus.SC_FORBIDDEN;
import static org.apache.http.HttpStatus.SC_OK;
import static org.apache.http.HttpStatus.SC_UNAUTHORIZED;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import br.gov.frameworkdemoiselle.security.Credentials;
import br.gov.frameworkdemoiselle.security.InvalidCredentialsException;
import br.gov.frameworkdemoiselle.security.NotLoggedInException;
import br.gov.frameworkdemoiselle.security.SecurityContext;
import br.gov.frameworkdemoiselle.util.Beans;
import br.gov.frameworkdemoiselle.util.Strings;

public class HelperServlet extends HttpServlet {

  private static final long serialVersionUID = 1L;

  @Override
  protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    if (request.getRequestURI().endsWith("/login")) {
      login(request, response);
    } else {
      logout(request, response);
    }
  }

  private void login(HttpServletRequest request, HttpServletResponse response) {
    loadCredentials(request);
    SecurityContext securityContext = Beans.getReference(SecurityContext.class);

    try {
      securityContext.login();

      if (securityContext.isLoggedIn()) {
        response.setStatus(SC_OK);
      } else {
        response.setStatus(SC_FORBIDDEN);
      }

    } catch (InvalidCredentialsException e) {
      response.setStatus(SC_FORBIDDEN);
    }
  }

  private void logout(HttpServletRequest request, HttpServletResponse response) {
    loadCredentials(request);
    SecurityContext securityContext = Beans.getReference(SecurityContext.class);

    if (isLogon(request)) {
      securityContext.login();
    }

    try {
      securityContext.logout();
     
      if (!securityContext.isLoggedIn()) {
        response.setStatus(SC_OK);
      } else {
        response.setStatus(SC_EXPECTATION_FAILED);
      }
     
    } catch (NotLoggedInException cause) {
      response.setStatus(SC_UNAUTHORIZED);
    }
  }

  private void loadCredentials(HttpServletRequest request) {
    Credentials credentials = Beans.getReference(Credentials.class);
    credentials.setUsername(request.getParameter("username"));
    credentials.setPassword(request.getParameter("password"));
  }

  private boolean isLogon(HttpServletRequest request) {
    return !Strings.isEmpty(request.getParameter("username"));
  }
}
TOP

Related Classes of security.authentication.form.HelperServlet

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.