001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    package org.tynamo.security.components;
020    
021    import java.io.IOException;
022    
023    import org.apache.tapestry5.PersistenceConstants;
024    import org.apache.tapestry5.annotations.Persist;
025    import org.apache.tapestry5.annotations.Property;
026    import org.apache.tapestry5.ioc.annotations.Inject;
027    import org.apache.tapestry5.services.RequestGlobals;
028    import org.apache.tapestry5.services.Response;
029    import org.apache.shiro.authc.AuthenticationException;
030    import org.apache.shiro.authc.IncorrectCredentialsException;
031    import org.apache.shiro.authc.LockedAccountException;
032    import org.apache.shiro.authc.UnknownAccountException;
033    import org.apache.shiro.authc.UsernamePasswordToken;
034    import org.apache.shiro.subject.Subject;
035    import org.apache.shiro.util.StringUtils;
036    import org.apache.shiro.web.util.SavedRequest;
037    import org.apache.shiro.web.util.WebUtils;
038    import org.slf4j.Logger;
039    import org.slf4j.LoggerFactory;
040    import org.tynamo.security.services.PageService;
041    import org.tynamo.security.services.SecurityService;
042    
043    /**
044     * Login form component
045     *
046     */
047    public class LoginForm
048    {
049    
050            private static final Logger logger = LoggerFactory.getLogger(LoginForm.class);
051    
052            @Property
053            private String tynamoLogin;
054    
055            @Property
056            private String tynamoPassword;
057    
058            @Property
059            private boolean tynamoRememberMe;
060    
061            @Persist(PersistenceConstants.FLASH)
062            private String loginMessage;
063    
064            @Inject
065            private Response response;
066    
067            @Inject
068            private RequestGlobals requestGlobals;
069    
070            @Inject
071            private SecurityService securityService;
072    
073            @Inject
074            private PageService pageService;
075    
076            public Object onActionFromTynamoLoginForm()
077            {
078    
079                    Subject currentUser = securityService.getSubject();
080    
081                    if (currentUser == null)
082                    {
083                            throw new IllegalStateException("Subject can`t be null");
084                    }
085    
086                    UsernamePasswordToken token = new UsernamePasswordToken(tynamoLogin, tynamoPassword);
087                    token.setRememberMe(tynamoRememberMe);
088    
089    
090                    try
091                    {
092                            currentUser.login(token);
093                    } catch (UnknownAccountException e)
094                    {
095                            loginMessage = "Account not exists";
096                            return null;
097                    } catch (IncorrectCredentialsException e)
098                    {
099                            loginMessage = "Wrong password";
100                            return null;
101                    } catch (LockedAccountException e)
102                    {
103                            loginMessage = "Account locked";
104                            return null;
105                    } catch (AuthenticationException e)
106                    {
107                            loginMessage = "Authentication Error";
108                            return null;
109                    }
110    
111    
112                    SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(requestGlobals.getHTTPServletRequest());
113    
114                    if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase("GET"))
115                    {
116                            try
117                            {
118                                    response.sendRedirect(savedRequest.getRequestUrl());
119                                    return null;
120                            } catch (IOException e)
121                            {
122                                    logger.warn("Can't redirect to saved request.");
123                                    return pageService.getSuccessPage();
124                            }
125                    } else
126                    {
127                            return pageService.getSuccessPage();
128                    }
129    
130            }
131    
132            public void setLoginMessage(String loginMessage)
133            {
134                    this.loginMessage = loginMessage;
135            }
136    
137            public String getLoginMessage()
138            {
139                    if (StringUtils.hasText(loginMessage))
140                    {
141                            return loginMessage;
142                    } else
143                    {
144                            return " ";
145                    }
146            }
147    }