logonaction.java

Chinaxp 论坛源代码

package org.redsoft.forum.web;

import org.apache.struts.action.*;
import org.redsoft.forum.ForumConstants;
import org.redsoft.forum.security.SimpleCallbackHandler;

import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;


/**
 * Title:        XP Forum
 * Description:  Login User by password
 * @author Peng, Luo
 * @version 1.0
 * March 26, 2002
 */

public class LogonAction extends Action{

    public ActionForward execute(ActionMapping mapping,
                				 ActionForm form,
				                 HttpServletRequest request,
				                 HttpServletResponse response)
	                      throws IOException, ServletException {

        HttpSession session = request.getSession(false);
        if (session == null) session = request.getSession(true);
        ActionErrors errors = new ActionErrors();
        String userName = ((LogonForm)form).getUserName();
	    String password = ((LogonForm)form).getPassword();
        boolean autoLogon = ((LogonForm)form).getAutoLogon();
        //System.out.println("AutoLogon: " + autoLogon);
        Subject subject = null;
        try{

            // let the LoginContext instantiate a new Subject
            LoginContext lc = new LoginContext("XForumLogin", new SimpleCallbackHandler( userName, password ) );
            lc.login();
            subject = lc.getSubject();

        }catch (LoginException ex) {
            //ex.printStackTrace();
            errors.add("User login", new ActionError("error.account.loginfailed") );
        }

         // Report any errors we have discovered back to the original form
    	if (!errors.isEmpty()) {
	        saveErrors(request, errors);
	        return (new ActionForward(mapping.getInput()));
	    }

        // Remove the obsolete form bean
	    if (mapping.getAttribute() != null) {
            if ("request".equals(mapping.getScope()))
                request.removeAttribute(mapping.getAttribute());
            else
                session.removeAttribute(mapping.getAttribute());
        }

        //Set account Object to session
        session.setAttribute( ForumConstants.USER_KEY, subject );

        // if user choose auto logon, save username to cookie
        if (autoLogon){
            Cookie cookie = new Cookie( ForumConstants.USER_KEY, userName );
            // default cookie's age is -1, indicating the cookie will persist until browser shutdown.
            // so set cookie's age to 120 days: 120 * 24 * 60 * 60 * 60 seconds
            cookie.setMaxAge( 622080000 );
            response.addCookie( cookie );
            System.out.println("Save user " + userName + " to cookie");
        }else{
            // Otherwise delete cookie
            Cookie cookie = new Cookie( ForumConstants.USER_KEY, userName );
            // set cookie's age to zero to delete it
            cookie.setMaxAge( 0 );
            response.addCookie( cookie );
            //System.out.println("Delete user " + userName + " from cookie");
        }

    	final String destinatedUrl = request.getParameter( ForumConstants.DEST_URL );

    	// If there is a destinated url,forward to this url
    	if( destinatedUrl != null && destinatedUrl.length() > 0 ){
			return new ActionForward( destinatedUrl );
		}else{
    		// Forward control to the specified success URI
	    	return (mapping.findForward("success"));
		}
    }

}