use of org.jaffa.presentation.portlet.session.UserSession in project jaffa-framework by jaffa-projects.
the class FormTag method doStartTagExt.
/**
* This method sets the component, componentId, tokenError(if found) on the FormBean
* It also invokes the initForm() method of the FormBean
*
* This has been extended so that is now set the security context for the thread
* of execution within the <xxx:form> tag.
*/
private void doStartTagExt() throws JspException {
try {
Object f = pageContext.findAttribute(getBeanName());
if (log.isDebugEnabled())
log.debug(this.NAME + ".doStartTagExt: Started FORM tag for bean " + getBeanName() + " id=" + getHtmlIdPrefix());
// Get the request stream
ServletRequest request = pageContext.getRequest();
if (!(request instanceof HttpServletRequest)) {
log.warn("Security Problem, Can't Set Thread Context Since Request is not HTTP");
} else {
try {
SecurityTag.setThreadContext((HttpServletRequest) request);
m_securityContextSet = true;
} catch (SecurityException e) {
log.error(this.NAME + ".doStartTagExt: Tag Failed, Could Not Set Security Context", e);
throw new JspException("Can't Set Security Context");
}
}
// Special handelling if this is a Jaffa Component
if (f instanceof FormBase) {
FormBase form = (FormBase) f;
// Get the UserSession so we can lookup the component
UserSession us = UserSession.getUserSession((HttpServletRequest) request);
// Set the component on the form
FormKey fk = (FormKey) request.getAttribute(FormKey.class.getName());
if (fk != null) {
String componentId = fk.getComponentId();
form.setComponent(us.getComponent(componentId));
}
// invoke the default initialization of the form-bean
if (log.isDebugEnabled())
log.debug(this.NAME + ".doStartTagExt: Invoking the initForm method of the Form");
form.initForm();
}
// -------------------------------------
// Initialize the PageContext attributes
// -------------------------------------
// The FormTag Object
pageContext.setAttribute(TagHelper.ATTRIBUTE_FORM_TAG, this, pageContext.REQUEST_SCOPE);
// The FormBean Object
pageContext.setAttribute(TagHelper.ATTRIBUTE_FORM_BASE, f, pageContext.REQUEST_SCOPE);
// The Name of the Struts Form Bean
pageContext.setAttribute(TagHelper.ATTRIBUTE_FORM_NAME, getBeanName(), pageContext.REQUEST_SCOPE);
// Inidcator that any inner tag is enclosed in a form tag
pageContext.setAttribute(TagHelper.ATTRIBUTE_ENCLOSED, Boolean.FALSE, pageContext.REQUEST_SCOPE);
// Html Id of the Form, to be appended to for inner widget id's
pageContext.setAttribute(TagHelper.ATTRIBUTE_ID_PREFIX, getHtmlIdPrefix(), pageContext.REQUEST_SCOPE);
// Jaffa Event prefix for the 'eventId' hidden field
pageContext.setAttribute(TagHelper.ATTRIBUTE_EVENT_PREFIX, "", pageContext.REQUEST_SCOPE);
// Cache previous attribute
m_oldForm = pageContext.findAttribute(TagHelper.ATTRIBUTE_EL_FORM);
// The FormBean Object for Expression Scripting
pageContext.setAttribute(TagHelper.ATTRIBUTE_EL_FORM, f, pageContext.REQUEST_SCOPE);
// write out the span tag <SPAN ID="formName_EntirePage" STYLE="display:none">
JspWriter writer = pageContext.getOut();
StringBuffer buf = new StringBuffer();
// TODO: use HeaderCache
buf.append("\n<span id='" + getHtmlIdPrefix() + ENTIRE_PAGE_SUFFIX + "' class='FormGuard'>");
writer.println(buf.toString());
} catch (IOException e) {
throw new JspException("error in FormTag: " + e);
}
}
use of org.jaffa.presentation.portlet.session.UserSession in project jaffa-framework by jaffa-projects.
the class PortletFilter method reAuthenticate.
/**
* On entry it is assumed that a UserSession object exists. The purpose of this
* function is to implement any required logic to re-validate that this UserSession is
* still ok.
*
* On exit, if the UserSession object still exists in the HttpSession it is assumed that
* it has been re-validated (regardless of whether it has been updated, or re-used for
* another user). If it has been removed from the session, the assumtion is that
* the reAuthentication failed.
*
* @param request HttpRequest that holds any log in context information
*/
private void reAuthenticate(HttpServletRequest request) throws IOException, ServletException {
// Get the Current Session
UserSession us = UserSession.getUserSession(request);
// If we have an authenticated user ...
if (request.getUserPrincipal() != null) {
// ...and it is the same user that the valid session is for, we are ok
if (us.isValid() && us.getUserId().equals(request.getUserPrincipal().getName())) {
// no nothing, life is peachy!
return;
} else {
// this is a differnt user, or an invalid session, so kill this UserSession and try an auto-authenticate
us.kill();
autoAuthenticate(request);
return;
}
}
/* else {
// We have reached the security manager, with out and authenticatic user,
// but we have a user session. We must therefore just kill it and continue.
us.kill();
}*/
}
use of org.jaffa.presentation.portlet.session.UserSession in project jaffa-framework by jaffa-projects.
the class ActionBase method processContainerFormKey.
/**
* Returns the ContainerFormKey, if the component specified by the input FormKey has one defined.
* For such a component a FormKeyChangeEvent will be sent to the registered FormKeyChangeListeners.
* @param fk The input FormKey.
* @return The ContainerFormKey, if exists, or just the input FormKey.
*/
protected FormKey processContainerFormKey(FormKey fk) {
// The following should probably be invoked recursively. Will do so if the need arises !!
UserSession us = UserSession.getUserSession(request);
Component component = us.getComponent(fk.getComponentId());
if (component != null && component.getContainerFormKey() != null && component.replaceWithContainerFormKey(fk)) {
FormKeyChangeListener[] listeners = component.getFormKeyChangeListeners();
if (listeners != null && listeners.length > 0) {
FormKeyChangeEvent e = new FormKeyChangeEvent(this, fk);
for (int i = 0; i < listeners.length; i++) listeners[i].formKeyChanged(e);
}
fk = component.getContainerFormKey();
if (log.isDebugEnabled())
log.debug("The component in the received form key has a ContainerFormKey. Fired the FormKeyChangeListeners on the component and using the ContainerFormKey " + fk);
}
return fk;
}
use of org.jaffa.presentation.portlet.session.UserSession in project jaffa-framework by jaffa-projects.
the class FormBase method reset.
/**
* This sets the Component & the WidgetCache fields
* @param mapping The mapping used to select this instance
* @param request The servlet request we are processing
*/
public void reset(ActionMapping mapping, HttpServletRequest request) {
/* NOTE: Prior to Struts1.1, only the ActionServlet was invoking the reset() method.
* But in Struts1.1, the reset() method is called from 2 places -
* 1- RequestProcessor (which in turn is invoked from ActionServlet)
* 2- FormTag
* While processing an action, we need to set the component on the formbean, before the other properties are set. Hence the need for setting the component here.
* However, it is quite possible, that an action on one screen, will result in returning a FormKey for a different component. In that case, when the other component's screen is being rendered, the FormTag will invoke this method, but pass the componentId of the original component in the request stream. This would mean an erroneous component being set on the formbean. However, the Jaffa-FormTag will ultimately set the correct component. We just shudn't be setting the widget-cache in this method.
*/
// this will set the Component & WidgetCache
UserSession us = UserSession.getUserSession(request);
String componentId = request.getParameter(FormTag.PARAMETER_COMPONENT_ID);
if (componentId != null)
setComponent(us.getComponent(componentId));
else
setComponent(null);
setWidgetCache(null);
}
use of org.jaffa.presentation.portlet.session.UserSession in project jaffa-framework by jaffa-projects.
the class PortletFilter method autoAuthenticate.
/**
* On entry it is assumed that there is no UserSession record. If there are some
* special reasons for a UserSession to be automatically created, this is the place
* to do it.
*
* On exit from this method, if a UserSession object has been created, it assumes that
* this is an authenticated Session.
*
* @param request HttpRequest that holds any log in context information
* @param userContext holds any log in context information
* @param register that lets you register the current session to SessionManager
*/
public void autoAuthenticate(HttpServletRequest request, UserContext userContext, boolean register) throws IOException, ServletException {
// Make sure there is an authenticated user
if (request.getUserPrincipal() != null) {
// This will create a new session if one doesn't exist
UserSession us = UserSession.getUserSession(request, register);
us.setUserId(request.getUserPrincipal().getName());
try {
if (userContext == null) {
initUserInfo(us);
} else {
initUserInfo(us, userContext);
}
} catch (UserSessionSetupException e) {
ApplicationExceptions appExps = new ApplicationExceptions();
appExps.add(e);
// This exception can be picked by some generic error-handling JSP, which will loop thru the ApplicationException objects inside the ApplicationExceptions, printing the corresponding error message.
throw new ServletException("Error in initializing the UserSession. " + e, appExps);
}
}
}
Aggregations