Package org.beangle.emsapp.portal.action

Source Code of org.beangle.emsapp.portal.action.LoginAction

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
/* Copyright c 2005-2012.
* Licensed under GNU  LESSER General Public License, Version 3.
* http://www.gnu.org/licenses
*/
package org.beangle.emsapp.portal.action;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.beangle.security.auth.AuthenticationDetailsSource;
import org.beangle.security.auth.AuthenticationManager;
import org.beangle.security.auth.UsernamePasswordAuthentication;
import org.beangle.security.core.Authentication;
import org.beangle.security.core.AuthenticationException;
import org.beangle.security.core.context.AuthenticationUtils;
import org.beangle.security.core.context.SecurityContextHolder;
import org.beangle.security.core.session.SessionRegistry;
import org.beangle.struts2.action.BaseAction;

import com.octo.captcha.service.CaptchaService;
import com.octo.captcha.service.CaptchaServiceException;

public class LoginAction extends BaseAction {

  private CaptchaService captchaService;

  private AuthenticationDetailsSource<HttpServletRequest, Object> authenticationDetailsSource;

  private AuthenticationManager authenticationManager;

  private SessionRegistry sessionRegistry;

  public static final String LOGIN_FAILURE_COUNT = "loginFailureCount";

  public String index() {
    if (AuthenticationUtils.hasValidAuthentication()) { return "home"; }
    if (!shouldLogin()) { return "failure"; }
    String errorMsg = doLogin();
    if (StringUtils.isNotEmpty(errorMsg)) {
      addActionError(getText(errorMsg));
      increaseLoginFailure();
      return "failure";
    }
    clearLoginFailure();
    return "home";
  }

  protected boolean shouldLogin() {
    String username = get("username");
    String password = get("password");
    if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { return false; }
    if (notFailEnough()) { return true; }
    // 校验验证码
    if (null != captchaService) {
      try {
        String sessionId = getRequest().getSession().getId();
        String captchaText=get("captcha");
        if(StringUtils.isEmpty(captchaText)) {
          addActionError(getText("security.EmptyCaptcha"));
          return false;
        }
        Boolean valid = captchaService.validateResponseForID(sessionId,captchaText);
        if (Boolean.FALSE.equals(valid)) {
          addActionError(getText("security.WrongCaptcha"));
          return false;
        }
      } catch (CaptchaServiceException e) {
        addActionError(getText("security.WrongCaptcha"));
        return false;
      }
    }
    return true;
  }

  protected String doLogin() {
    String username = get("username");
    String password = get("password");
    if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { return "failure"; }
    username = username.trim();
    HttpServletRequest request = getRequest();
    UsernamePasswordAuthentication auth = new UsernamePasswordAuthentication(username, password);
    auth.setDetails(authenticationDetailsSource.buildDetails(request));
    Authentication authRequest = auth;
    try {
      authRequest = authenticationManager.authenticate(authRequest);
      sessionRegistry.register(authRequest, request.getSession().getId());
      SecurityContextHolder.getContext().setAuthentication(authRequest);
    } catch (AuthenticationException e) {
      return e.getMessage();
    }
    return null;
  }

  private boolean notFailEnough() {
    Integer loginFailureCount = (Integer) getSession().get(LOGIN_FAILURE_COUNT);
    if (null == loginFailureCount) {
      loginFailureCount = Integer.valueOf(0);
    }
    if (loginFailureCount.intValue() <= 1) { return true; }
    return false;
  }

  private void increaseLoginFailure() {
    Integer loginFailureCount = (Integer) getSession().get(LOGIN_FAILURE_COUNT);
    if (null == loginFailureCount) {
      loginFailureCount = Integer.valueOf(0);
    }
    loginFailureCount++;
    getSession().put(LOGIN_FAILURE_COUNT, loginFailureCount);
  }

  private void clearLoginFailure() {
    getSession().remove(LOGIN_FAILURE_COUNT);
  }

  public void setCaptchaService(CaptchaService captchaService) {
    this.captchaService = captchaService;
  }

  public void setAuthenticationDetailsSource(
      AuthenticationDetailsSource<HttpServletRequest, Object> authenticationDetailsSource) {
    this.authenticationDetailsSource = authenticationDetailsSource;
  }

  public void setAuthenticationManager(AuthenticationManager authenticationManager) {
    this.authenticationManager = authenticationManager;
  }

  public void setSessionRegistry(SessionRegistry sessionRegistry) {
    this.sessionRegistry = sessionRegistry;
  }
}
TOP

Related Classes of org.beangle.emsapp.portal.action.LoginAction

  • org.beangle.security.auth.UsernamePasswordAuthentication
  • org.beangle.security.core.Authentication
  • javax.servlet.http.HttpServletRequest
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.