Story s1731 in ac2. Add LoginServlet and fixed LdapUserDAO.

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java

@@ -120,6 +120,22 @@ public interface UserPersistence<T extends Principal>
         throws UserNotFoundException, TransientException, 
                AccessControlException;
     
+    /**
+     * Attempt to login the specified user.
+     *
+     * @param userID The userID.
+     * @param password The password.
+     *
+     * @return Boolean
+     * 
+     * @throws UserNotFoundException when the user is not found.
+     * @throws TransientException If an temporary, unexpected problem occurred.
+     * @throws AccessControlException If the operation is not permitted.
+     */
+    Boolean loginUser(String userID, String password)
+            throws UserNotFoundException, TransientException, 
+            AccessControlException;
+   
     /**
      * Updated the user specified by User.
      *

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java

@@ -177,11 +177,11 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
      *
      * @param username username to verify.
      * @param password password to verify.
-     * @return User
+     * @return Boolean
      * @throws TransientException
      * @throws UserNotFoundException
      */
-    public User<T> loginUser(final String username, final String password)
+    public Boolean loginUser(final String username, final String password)
         throws TransientException, UserNotFoundException
     {
         try
@@ -191,7 +191,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
 
             if (bindResult != null && bindResult.getResultCode() == ResultCode.SUCCESS)
             {
-                return getUser((T) new HttpPrincipal(username));
+                return Boolean.TRUE;
             }
             else
             {
@@ -200,7 +200,16 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
         }
         catch (LDAPException e)
         {
-            logger.debug("addUser Exception: " + e, e);
+            logger.debug("loginUser Exception: " + e, e);
+
+            if (e.getResultCode() == ResultCode.INVALID_CREDENTIALS)
+            {
+                throw new AccessControlException("Invalid password");
+            }
+            else if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT)
+            {
+                throw new AccessControlException("Invalid username");
+            }
 
             throw new RuntimeException("Unexpected LDAP exception", e);
         }

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java

@@ -175,7 +175,36 @@ public class LdapUserPersistence<T extends Principal>
             }
         }
     }
-        
+
+    /**
+     * Get the user specified by userID.
+     *
+     * @param userID The userID.
+     *
+     * @return Boolean.
+     * 
+     * @throws UserNotFoundException when the user is not found.
+     * @throws TransientException If an temporary, unexpected problem occurred.
+     * @throws AccessControlException If the operation is not permitted.
+     */
+    public Boolean loginUser(String userID, String password)
+            throws UserNotFoundException, TransientException, AccessControlException
+    {
+        LdapUserDAO<T> userDAO = null;
+        try
+        {
+            userDAO = new LdapUserDAO<T>(this.config);
+            return userDAO.loginUser(userID, password);
+        }
+        finally
+        {
+            if (userDAO != null)
+            {
+                userDAO.close();
+            }
+        }
+    }
+       
     /**
      * Updated the user specified by User.
      *

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UsersServlet.java → projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java

@@ -3,7 +3,7 @@
  *******************  CANADIAN ASTRONOMY DATA CENTRE  *******************
  **************  CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES  **************
  *
- *  (c) 2015.                            (c) 2015.
+ *  (c) 2014.                            (c) 2014.
  *  Government of Canada                 Gouvernement du Canada
  *  National Research Council            Conseil national de recherches
  *  Ottawa, Canada, K1A 0R6              Ottawa, Canada, K1A 0R6
@@ -69,55 +69,84 @@
 package ca.nrc.cadc.ac.server.web.users;
 
 import java.io.IOException;
+import java.security.AccessControlException;
 
-import javax.security.auth.Subject;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import ca.nrc.cadc.ac.UserAlreadyExistsException;
-import ca.nrc.cadc.util.StringUtil;
 import org.apache.log4j.Logger;
 
-import ca.nrc.cadc.auth.AuthenticationUtil;
+import ca.nrc.cadc.ac.server.ldap.LdapUserPersistence;
+import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.auth.SSOCookieManager;
+import ca.nrc.cadc.log.ServletLogInfo;
+import ca.nrc.cadc.util.StringUtil;
 
-public class UsersServlet extends HttpServlet
+@SuppressWarnings("serial")
+public class LoginServlet extends HttpServlet
 {
-    private static final Logger log = Logger.getLogger(UsersServlet.class);
-
-
+    private static final Logger log = Logger.getLogger(LoginServlet.class);
+    private static final String CONTENT_TYPE = "text/plain";
     /**
-     * Create a UserAction and run the action safely.
+     * Attempt to login for userid/password.
      */
-    private void doAction(HttpServletRequest request, HttpServletResponse response)
+	@SuppressWarnings("rawtypes")
+	public void doPost(HttpServletRequest request, HttpServletResponse response)
         throws IOException
     {
         long start = System.currentTimeMillis();
-        UserLogInfo logInfo = new UserLogInfo(request);
-
+        ServletLogInfo logInfo = new ServletLogInfo(request);
         try
         {
             log.info(logInfo.start());
-            Subject subject = AuthenticationUtil.getSubject(request);
-            logInfo.setSubject(subject);
-            UsersAction action = UsersActionFactory.getUsersAction(request, logInfo);
-            action.setAcceptedContentType(getAcceptedContentType(request));
-            action.doAction(subject, response);
+            String userID = request.getParameter("userid");
+            String password = request.getParameter("password");
+            if (StringUtil.hasText(userID))
+            {
+                if (StringUtil.hasText(password))
+                {
+                	if (new LdapUserPersistence().loginUser(userID, password))
+                	{
+	            	    String token = new SSOCookieManager().generate(new HttpPrincipal(userID));
+	            	    response.setContentType(CONTENT_TYPE);
+	            	    response.setContentLength(token.length());
+	            	    response.getWriter().write(token);
+                	}
+                }
+                else
+                {
+                	throw new IllegalArgumentException("Missing password");
+                }
+            }
+            else
+            {
+            	throw new IllegalArgumentException("Missing userid");
+            }
         }
         catch (IllegalArgumentException e)
         {
             log.debug(e.getMessage(), e);
             logInfo.setMessage(e.getMessage());
-            logInfo.setSuccess(false);
+    	    response.setContentType(CONTENT_TYPE);
             response.getWriter().write(e.getMessage());
             response.setStatus(400);
         }
+        catch (AccessControlException e)
+        {
+            log.debug(e.getMessage(), e);
+            logInfo.setMessage(e.getMessage());
+    	    response.setContentType(CONTENT_TYPE);
+            response.getWriter().write(e.getMessage());
+            response.setStatus(401);
+        }
         catch (Throwable t)
         {
             String message = "Internal Server Error: " + t.getMessage();
             log.error(message, t);
             logInfo.setSuccess(false);
             logInfo.setMessage(message);
+    	    response.setContentType(CONTENT_TYPE);
             response.getWriter().write(message);
             response.setStatus(500);
         }
@@ -127,59 +156,4 @@ public class UsersServlet extends HttpServlet
             log.info(logInfo.end());
         }
     }
-
-    @Override
-    public void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws IOException
-    {
-        doAction(request, response);
-    }
-
-    @Override
-    public void doPost(HttpServletRequest request, HttpServletResponse response)
-        throws IOException
-    {
-        doAction(request, response);
-    }
-
-    @Override
-    public void doDelete(HttpServletRequest request, HttpServletResponse response)
-        throws IOException
-    {
-        doAction(request, response);
-    }
-
-    @Override
-    public void doPut(HttpServletRequest request, HttpServletResponse response)
-        throws IOException
-    {
-        doAction(request, response);
-    }
-
-    @Override
-    public void doHead(HttpServletRequest request, HttpServletResponse response)
-        throws IOException
-    {
-        doAction(request, response);
-    }
-
-    /**
-     * Obtain the requested (Accept) content type.
-     *
-     * @param request               The HTTP Request.
-     * @return                      String content type.
-     */
-    String getAcceptedContentType(final HttpServletRequest request)
-    {
-        final String requestedContentType = request.getHeader("Accept");
-
-        if (!UsersAction.JSON_CONTENT_TYPE.equals(requestedContentType))
-        {
-            return UsersAction.DEFAULT_CONTENT_TYPE;
-        }
-        else
-        {
-            return requestedContentType;
-        }
-    }
 }