diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
index 380961d8e65420b6822e7f689e6d39829bd6bcdd..1b369f709fc643f55e6713dfe80fcee4cdc38cbe 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
@@ -120,6 +120,22 @@ public interface UserPersistence<T extends Principal>
throws UserNotFoundException, TransientException,
AccessControlException;
+ /**
+ * Attempt to login the specified user.
+ *
+ * @param userID The userID.
+ * @param password The password.
+ *
+ * @return Boolean
+ *
+ * @throws UserNotFoundException when the user is not found.
+ * @throws TransientException If an temporary, unexpected problem occurred.
+ * @throws AccessControlException If the operation is not permitted.
+ */
+ Boolean loginUser(String userID, String password)
+ throws UserNotFoundException, TransientException,
+ AccessControlException;
+
/**
* Updated the user specified by User.
*
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index b133948eb0ef553f34d805512682f339d7b4cce4..5e0b281b83bf3451473c1aae836f2abb3857497d 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -177,11 +177,11 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
*
* @param username username to verify.
* @param password password to verify.
- * @return User
+ * @return Boolean
* @throws TransientException
* @throws UserNotFoundException
*/
- public User<T> loginUser(final String username, final String password)
+ public Boolean loginUser(final String username, final String password)
throws TransientException, UserNotFoundException
{
try
@@ -191,7 +191,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
if (bindResult != null && bindResult.getResultCode() == ResultCode.SUCCESS)
{
- return getUser((T) new HttpPrincipal(username));
+ return Boolean.TRUE;
}
else
{
@@ -200,7 +200,16 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
}
catch (LDAPException e)
{
- logger.debug("addUser Exception: " + e, e);
+ logger.debug("loginUser Exception: " + e, e);
+
+ if (e.getResultCode() == ResultCode.INVALID_CREDENTIALS)
+ {
+ throw new AccessControlException("Invalid password");
+ }
+ else if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT)
+ {
+ throw new AccessControlException("Invalid username");
+ }
throw new RuntimeException("Unexpected LDAP exception", e);
}
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
index af7662460e342b8ae107af471b1b57bf0aa8d019..05aedbac0b4c6e4eaae1f4cfbd1e09b7ebcf568f 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
@@ -175,7 +175,36 @@ public class LdapUserPersistence<T extends Principal>
}
}
}
-
+
+ /**
+ * Get the user specified by userID.
+ *
+ * @param userID The userID.
+ *
+ * @return Boolean.
+ *
+ * @throws UserNotFoundException when the user is not found.
+ * @throws TransientException If an temporary, unexpected problem occurred.
+ * @throws AccessControlException If the operation is not permitted.
+ */
+ public Boolean loginUser(String userID, String password)
+ throws UserNotFoundException, TransientException, AccessControlException
+ {
+ LdapUserDAO<T> userDAO = null;
+ try
+ {
+ userDAO = new LdapUserDAO<T>(this.config);
+ return userDAO.loginUser(userID, password);
+ }
+ finally
+ {
+ if (userDAO != null)
+ {
+ userDAO.close();
+ }
+ }
+ }
+
/**
* Updated the user specified by User.
*
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UsersServlet.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java
old mode 100644
new mode 100755
similarity index 69%
rename from projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UsersServlet.java
rename to projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java
index 926ce997fb15e7cd01df865088749b3f82c429e1..927031daa00b3c59c117b859cbc4d156fe16520e
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UsersServlet.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java
@@ -3,7 +3,7 @@
******************* CANADIAN ASTRONOMY DATA CENTRE *******************
************** CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES **************
*
- * (c) 2015. (c) 2015.
+ * (c) 2014. (c) 2014.
* Government of Canada Gouvernement du Canada
* National Research Council Conseil national de recherches
* Ottawa, Canada, K1A 0R6 Ottawa, Canada, K1A 0R6
@@ -69,55 +69,84 @@
package ca.nrc.cadc.ac.server.web.users;
import java.io.IOException;
+import java.security.AccessControlException;
-import javax.security.auth.Subject;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import ca.nrc.cadc.ac.UserAlreadyExistsException;
-import ca.nrc.cadc.util.StringUtil;
import org.apache.log4j.Logger;
-import ca.nrc.cadc.auth.AuthenticationUtil;
+import ca.nrc.cadc.ac.server.ldap.LdapUserPersistence;
+import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.auth.SSOCookieManager;
+import ca.nrc.cadc.log.ServletLogInfo;
+import ca.nrc.cadc.util.StringUtil;
-public class UsersServlet extends HttpServlet
+@SuppressWarnings("serial")
+public class LoginServlet extends HttpServlet
{
- private static final Logger log = Logger.getLogger(UsersServlet.class);
-
-
+ private static final Logger log = Logger.getLogger(LoginServlet.class);
+ private static final String CONTENT_TYPE = "text/plain";
/**
- * Create a UserAction and run the action safely.
+ * Attempt to login for userid/password.
*/
- private void doAction(HttpServletRequest request, HttpServletResponse response)
+ @SuppressWarnings("rawtypes")
+ public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException
{
long start = System.currentTimeMillis();
- UserLogInfo logInfo = new UserLogInfo(request);
-
+ ServletLogInfo logInfo = new ServletLogInfo(request);
try
{
log.info(logInfo.start());
- Subject subject = AuthenticationUtil.getSubject(request);
- logInfo.setSubject(subject);
- UsersAction action = UsersActionFactory.getUsersAction(request, logInfo);
- action.setAcceptedContentType(getAcceptedContentType(request));
- action.doAction(subject, response);
+ String userID = request.getParameter("userid");
+ String password = request.getParameter("password");
+ if (StringUtil.hasText(userID))
+ {
+ if (StringUtil.hasText(password))
+ {
+ if (new LdapUserPersistence().loginUser(userID, password))
+ {
+ String token = new SSOCookieManager().generate(new HttpPrincipal(userID));
+ response.setContentType(CONTENT_TYPE);
+ response.setContentLength(token.length());
+ response.getWriter().write(token);
+ }
+ }
+ else
+ {
+ throw new IllegalArgumentException("Missing password");
+ }
+ }
+ else
+ {
+ throw new IllegalArgumentException("Missing userid");
+ }
}
catch (IllegalArgumentException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
- logInfo.setSuccess(false);
+ response.setContentType(CONTENT_TYPE);
response.getWriter().write(e.getMessage());
response.setStatus(400);
}
+ catch (AccessControlException e)
+ {
+ log.debug(e.getMessage(), e);
+ logInfo.setMessage(e.getMessage());
+ response.setContentType(CONTENT_TYPE);
+ response.getWriter().write(e.getMessage());
+ response.setStatus(401);
+ }
catch (Throwable t)
{
String message = "Internal Server Error: " + t.getMessage();
log.error(message, t);
logInfo.setSuccess(false);
logInfo.setMessage(message);
+ response.setContentType(CONTENT_TYPE);
response.getWriter().write(message);
response.setStatus(500);
}
@@ -127,59 +156,4 @@ public class UsersServlet extends HttpServlet
log.info(logInfo.end());
}
}
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws IOException
- {
- doAction(request, response);
- }
-
- @Override
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws IOException
- {
- doAction(request, response);
- }
-
- @Override
- public void doDelete(HttpServletRequest request, HttpServletResponse response)
- throws IOException
- {
- doAction(request, response);
- }
-
- @Override
- public void doPut(HttpServletRequest request, HttpServletResponse response)
- throws IOException
- {
- doAction(request, response);
- }
-
- @Override
- public void doHead(HttpServletRequest request, HttpServletResponse response)
- throws IOException
- {
- doAction(request, response);
- }
-
- /**
- * Obtain the requested (Accept) content type.
- *
- * @param request The HTTP Request.
- * @return String content type.
- */
- String getAcceptedContentType(final HttpServletRequest request)
- {
- final String requestedContentType = request.getHeader("Accept");
-
- if (!UsersAction.JSON_CONTENT_TYPE.equals(requestedContentType))
- {
- return UsersAction.DEFAULT_CONTENT_TYPE;
- }
- else
- {
- return requestedContentType;
- }
- }
}