[Yanel-commits] rev 41929 - public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl

michi at wyona.com michi at wyona.com
Fri Mar 13 10:31:24 CET 2009 

Author: michi
Date: 2009-03-13 10:31:24 +0100 (Fri, 13 Mar 2009)
New Revision: 41929

Modified:
   public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java
Log:
set cookie if the login type and name shall be remembered

Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java	2009-03-13 09:11:37 UTC (rev 41928)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java	2009-03-13 09:31:24 UTC (rev 41929)
@@ -13,6 +13,7 @@
 import org.wyona.security.core.api.UserManager;
 
 import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
@@ -81,16 +82,16 @@
             String path = map.getPath(realm, request.getServletPath());
             //Realm realm = map.getRealm(new Path(request.getServletPath()));
             if (log.isDebugEnabled()) log.debug("Generic WebAuthenticator called for realm path " + path);
+            HttpSession session = request.getSession(true);
 
 
 
-
             // HTML Form based authentication
             String loginUsername = request.getParameter("yanel.login.username");
             String openID = request.getParameter("yanel.login.openid");
             String openIDSignature = request.getParameter("openid.sig");
+            boolean rememberMyLoginName = doRememberMyLoginName(request, response, loginUsername, openID);
             if(loginUsername != null) {
-                HttpSession session = request.getSession(true);
                 try {
                     User user = realm.getIdentityManager().getUserManager().getUser(loginUsername, true);
                     if (user != null && user.authenticate(request.getParameter("yanel.login.password"))) {
@@ -144,10 +145,10 @@
                         }
                         User user = uManager.getUser(openIdentity);
                         //User user = uManager.getUser(openIdentity, true);
-                        IdentityMap identityMap = (IdentityMap)request.getSession(true).getAttribute(YanelServlet.IDENTITY_MAP_KEY);
+                        IdentityMap identityMap = (IdentityMap)session.getAttribute(YanelServlet.IDENTITY_MAP_KEY);
                         if (identityMap == null) {
                             identityMap = new IdentityMap();
-                            request.getSession().setAttribute(YanelServlet.IDENTITY_MAP_KEY, identityMap);
+                            session.setAttribute(YanelServlet.IDENTITY_MAP_KEY, identityMap);
                         }
                         log.debug("User: " + user.getID());
                         identityMap.put(realm.getID(), new Identity(user));
@@ -166,6 +167,9 @@
                 if (log.isDebugEnabled()) log.debug("No form based authentication request.");
             }
 
+
+
+
             // Check for Neutron-Auth based authentication
             String yanelUsecase = request.getParameter("yanel.usecase");
             if(yanelUsecase != null && yanelUsecase.equals("neutron-auth")) {
@@ -199,7 +203,6 @@
                 log.debug("Username: " + username);
 
                 if (username != null) {
-                    HttpSession session = request.getSession(true);
                     log.debug("Realm ID: " + realm.getID());
                     User user = realm.getIdentityManager().getUserManager().getUser(username, true);
                     if (user != null && user.authenticate(password)) {
@@ -557,4 +560,32 @@
         }
         return null;
     }
+
+    /**
+     * Handle "remember my login"
+     */
+    private boolean doRememberMyLoginName(HttpServletRequest request, HttpServletResponse response, String loginUsername, String openID) {
+        boolean rememberMyLoginName = false;
+        if (request.getParameter("remember-my-login-name") != null) {
+                log.info("Remember my login name: " + loginUsername + "," + openID);
+                rememberMyLoginName = true;
+                Cookie rememberLoginNameCookie = null;
+                if (loginUsername != null) {
+                    rememberLoginNameCookie = new Cookie("_yanel-login-default", loginUsername);
+                } else if (openID != null) {
+                    rememberLoginNameCookie = new Cookie("_yanel-login-openid", openID);
+                } else {
+                    log.warn("Neither default nor OpenID login!");
+                }
+                if (rememberLoginNameCookie != null) {
+		    rememberLoginNameCookie.setMaxAge(86400); // 1 day is 86400 seconds
+                    response.addCookie(rememberLoginNameCookie);
+                }
+        } else {
+                log.info("Do not remember my login name: " + loginUsername + "," + openID);
+                rememberMyLoginName = false;
+                // TODO: Unset Cookie ...
+        }
+        return rememberMyLoginName;
+    }
 }

More information about the Yanel-commits mailing list