secureaction.java

OPIAM stands for Open Identity and Access Management. This Suite will provide modules for user & rig

/*
 * OPIAM Suite
 *
 * Distributable under LGPL license.
 * See terms of license at gnu.org.
 */

package opiam.admin.faare.struts.actions;

import opiam.admin.faare.struts.utils.SessionContext;

import org.apache.log4j.Logger;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


/**
 * All application Action classes (login excepted) should inherit from
 * this class.<br>
 * This class checks that the user is connected before calling the application
 * action methods.
 */
public class SecureAction extends Action
{
    /** Instance of logger. */
    private static Logger _logger = Logger.getLogger(SecureAction.class);

    /**
     * This method is called to execute the action once the checks have been
     * performed by this class. It must be overridden by the action classes.
     *
     * @param mapping Struts mapping data.
     * @param form Input form.
     * @param request HTTP request.
     * @param response HTTP response.
     *
     * @return forward to success
     *
     * @throws java.io.IOException see Action.execute()
     * @throws javax.servlet.ServletException see Action.execute()
     */
    public ActionForward secureExecute(ActionMapping mapping, ActionForm form,
        HttpServletRequest request, HttpServletResponse response)
        throws IOException, ServletException
    {
        _logger.debug("secureExecute");

        return (mapping.findForward("success"));
    }

    /**
     * Struts Action method.
     * This method checks whether the user is logged in or not. If it is
     * it calls the secureExecute() method. If it is not, it forwards
     * to the "deconnection" page.
     *
     * @param mapping Struts mapping data.
     * @param form Input form.
     * @param request HTTP request.
     * @param response HTTP response.
     *
     * @return forward to deconnection or return from secureExecute() method.
     *
     * @throws java.io.IOException see Action.execute()
     * @throws javax.servlet.ServletException see Action.execute()
     */
    public final ActionForward execute(ActionMapping mapping, ActionForm form,
        HttpServletRequest request, HttpServletResponse response)
        throws IOException, ServletException
    {
        _logger.debug("SecureAction - perform session : " +
            request.getSession().getId());

        try
        {
            if (isLoggedIn(request))
            {
                //Si l'utilisateur est corresctement logg