org.ofbiz.webapp.control
Class LoginWorker

java.lang.Object
  org.ofbiz.webapp.control.LoginWorker

public class LoginWorker
extends java.lang.Object

Common Workers

Field Summary

static java.lang.String	EXTERNAL_LOGIN_KEY_ATTR
static java.util.Map<java.lang.String,GenericValue>	externalLoginKeys This Map is keyed by the randomly generated externalLoginKey and the value is a UserLogin GenericValue object
static java.lang.String	module
static java.lang.String	resourceWebapp
static java.lang.String	X509_CERT_ATTR

Constructor Summary

LoginWorker()

Method Summary

static java.lang.String	autoLoginCheck(HttpServletRequest request, HttpServletResponse response)
static java.lang.String	autoLoginRemove(HttpServletRequest request, HttpServletResponse response)
static java.lang.String	autoLoginSet(HttpServletRequest request, HttpServletResponse response)
static java.lang.String	check509CertLogin(HttpServletRequest request, HttpServletResponse response)
static java.lang.String	checkExternalLoginKey(HttpServletRequest request, HttpServletResponse response)
static java.lang.String	checkLogin(HttpServletRequest request, HttpServletResponse response) An HTTP WebEvent handler that checks to see is a userLogin is logged in.
static java.lang.String	checkRequestHeaderLogin(HttpServletRequest request, HttpServletResponse response)
static java.lang.String	checkServletRequestRemoteUserLogin(HttpServletRequest request, HttpServletResponse response)
protected static boolean	checkValidIssuer(GenericDelegator delegator, java.util.Map<java.lang.String,java.lang.String> x500Map, java.math.BigInteger serialNumber)
static void	cleanupExternalLoginKey(HttpSession session)
static void	doBasicLogin(GenericValue userLogin, HttpServletRequest request)
static void	doBasicLogout(GenericValue userLogin, HttpServletRequest request)
static java.lang.String	doMainLogin(HttpServletRequest request, HttpServletResponse response, GenericValue userLogin, java.util.Map<java.lang.String,java.lang.Object> userLoginSession)
protected static java.lang.String	getAutoLoginCookieName(HttpServletRequest request)
static java.lang.String	getAutoUserLoginId(HttpServletRequest request)
static java.lang.String	getExternalLoginKey(HttpServletRequest request) Gets (and creates if necessary) a key to be used for an external login parameter
static java.util.Map<java.lang.String,java.lang.Object>	getUserLoginSession(GenericValue userLogin)
protected static boolean	hasBasePermission(GenericValue userLogin, HttpServletRequest request)
static boolean	isFlaggedLoggedOut(GenericValue userLogin)
static java.lang.String	login(HttpServletRequest request, HttpServletResponse response) An HTTP WebEvent handler that logs in a userLogin.
static java.lang.String	logout(HttpServletRequest request, HttpServletResponse response) An HTTP WebEvent handler that logs out a userLogin by clearing the session.
static StringUtil.StringWrapper	makeLoginUrl(HttpServletRequest request)
static StringUtil.StringWrapper	makeLoginUrl(HttpServletRequest request, java.lang.String requestName)
static StringUtil.StringWrapper	makeLoginUrl(PageContext pageContext)
static StringUtil.StringWrapper	makeLoginUrl(PageContext pageContext, java.lang.String requestName)
static void	setLoggedOut(java.lang.String userLoginId, GenericDelegator delegator)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

module

public static final java.lang.String module

resourceWebapp

public static final java.lang.String resourceWebapp

See Also:

Constant Field Values

EXTERNAL_LOGIN_KEY_ATTR

public static final java.lang.String EXTERNAL_LOGIN_KEY_ATTR

See Also:

Constant Field Values

X509_CERT_ATTR

public static final java.lang.String X509_CERT_ATTR

See Also:

Constant Field Values

externalLoginKeys

public static java.util.Map<java.lang.String,GenericValue> externalLoginKeys

This Map is keyed by the randomly generated externalLoginKey and the value is a UserLogin GenericValue object

Constructor Detail

LoginWorker

public LoginWorker()

Method Detail

makeLoginUrl

public static StringUtil.StringWrapper makeLoginUrl(PageContext pageContext)

makeLoginUrl

public static StringUtil.StringWrapper makeLoginUrl(HttpServletRequest request)

makeLoginUrl

public static StringUtil.StringWrapper makeLoginUrl(PageContext pageContext,
                                                    java.lang.String requestName)

makeLoginUrl

public static StringUtil.StringWrapper makeLoginUrl(HttpServletRequest request,
                                                    java.lang.String requestName)

getExternalLoginKey

public static java.lang.String getExternalLoginKey(HttpServletRequest request)

Gets (and creates if necessary) a key to be used for an external login parameter

cleanupExternalLoginKey

public static void cleanupExternalLoginKey(HttpSession session)

setLoggedOut

public static void setLoggedOut(java.lang.String userLoginId,
                                GenericDelegator delegator)

checkLogin

public static java.lang.String checkLogin(HttpServletRequest request,
                                          HttpServletResponse response)

An HTTP WebEvent handler that checks to see is a userLogin is logged in. If not, the user is forwarded to the login page.

Parameters:

request - The HTTP request object for the current JSP or Servlet request.

response - The HTTP response object for the current JSP or Servlet request.

Returns:

String

login

public static java.lang.String login(HttpServletRequest request,
                                     HttpServletResponse response)

An HTTP WebEvent handler that logs in a userLogin. This should run before the security check.

Parameters:

request - The HTTP request object for the current JSP or Servlet request.

response - The HTTP response object for the current JSP or Servlet request.

Returns:

Return a boolean which specifies whether or not the calling Servlet or JSP should generate its own content. This allows an event to override the default content.

doMainLogin

public static java.lang.String doMainLogin(HttpServletRequest request,
                                           HttpServletResponse response,
                                           GenericValue userLogin,
                                           java.util.Map<java.lang.String,java.lang.Object> userLoginSession)

doBasicLogin

public static void doBasicLogin(GenericValue userLogin,
                                HttpServletRequest request)

logout

public static java.lang.String logout(HttpServletRequest request,
                                      HttpServletResponse response)

An HTTP WebEvent handler that logs out a userLogin by clearing the session.

Parameters:

request - The HTTP request object for the current request.

response - The HTTP response object for the current request.

Returns:

Return a boolean which specifies whether or not the calling request should generate its own content. This allows an event to override the default content.

doBasicLogout

public static void doBasicLogout(GenericValue userLogin,
                                 HttpServletRequest request)

autoLoginSet

public static java.lang.String autoLoginSet(HttpServletRequest request,
                                            HttpServletResponse response)

getAutoLoginCookieName

protected static java.lang.String getAutoLoginCookieName(HttpServletRequest request)

getAutoUserLoginId

public static java.lang.String getAutoUserLoginId(HttpServletRequest request)

autoLoginCheck

public static java.lang.String autoLoginCheck(HttpServletRequest request,
                                              HttpServletResponse response)

autoLoginRemove

public static java.lang.String autoLoginRemove(HttpServletRequest request,
                                               HttpServletResponse response)

checkRequestHeaderLogin

public static java.lang.String checkRequestHeaderLogin(HttpServletRequest request,
                                                       HttpServletResponse response)

checkServletRequestRemoteUserLogin

public static java.lang.String checkServletRequestRemoteUserLogin(HttpServletRequest request,
                                                                  HttpServletResponse response)

check509CertLogin

public static java.lang.String check509CertLogin(HttpServletRequest request,
                                                 HttpServletResponse response)

checkValidIssuer

protected static boolean checkValidIssuer(GenericDelegator delegator,
                                          java.util.Map<java.lang.String,java.lang.String> x500Map,
                                          java.math.BigInteger serialNumber)
                                   throws GeneralException

Throws:

GeneralException

checkExternalLoginKey

public static java.lang.String checkExternalLoginKey(HttpServletRequest request,
                                                     HttpServletResponse response)

isFlaggedLoggedOut

public static boolean isFlaggedLoggedOut(GenericValue userLogin)

hasBasePermission

protected static boolean hasBasePermission(GenericValue userLogin,
                                           HttpServletRequest request)

getUserLoginSession

public static java.util.Map<java.lang.String,java.lang.Object> getUserLoginSession(GenericValue userLogin)