/* * Copyright (c) 2001, Xiaoping Jia. * All Rights Reserved. */ package expo2; import java.io.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; import org.apache.ecs.*; import org.apache.ecs.html.*; /** * Java Expo web app version 2. * The Java Expo web app login servlet. * * @version 1.1 2001/04/20 * @since 1.0 * @author Xiaoping Jia */ public class JavaExpoLogin extends JavaExpoBase { public boolean handleRequest(HttpServletRequest request, HttpServletResponse response, List contents) throws ServletException, IOException { String username = request.getParameter("username"); String password = request.getParameter("password"); if (username != null && password != null) { username = username.trim(); password = password.trim(); if (username.length() > 0) { if (password.length() > 0) { String pw = (String) users.get(username); if (pw != null) { if (pw.equals(password)) { String firstname = username; int i = username.indexOf(' '); if (i > 0) { firstname = username.substring(0, i); } contents.add(new H1("Login successful. Hello " + firstname + "!")); String direct = request.getParameter("direct"); if (direct != null && !"disabled".equals(direct)) { // direct log in enabled Cookie loginCookie = new Cookie("direct-login", firstname); if ("day".equals(direct)) { loginCookie.setMaxAge(60 * 60 * 24); // valid for one days } else if ("week".equals(direct)) { loginCookie.setMaxAge(60 * 60 * 24 * 7); // valid for one week } // default: valid for current session response.addCookie(loginCookie); } } else { contents.add(new H1("Sorry, incorrect password")); } } else { contents.add(new H1("Sorry, not a user")); } } else { contents.add(new H1("Sorry, no password")); } } else { contents.add(new H1("Sorry, no username")); } } else { Cookie[] cookies = request.getCookies(); Cookie loginCookie = null; if (cookies != null) { for (int i = 0; i < cookies.length; i++) { if ("direct-login".equals(cookies[i].getName())) { loginCookie = cookies[i]; } } } if (loginCookie != null) { // direct login successful contents.add(new H1("Direct login successful. Hello " + loginCookie.getValue() + "!")); } else { // direct login failed contents.add(new Form(response.encodeURL(urlPrefix + "JavaExpoLogin"), "post") .addElement(new Table(0) .addElement(new TR() .addElement(new TD("User name")) .addElement(new TD() .addElement(new Input(Input.text, "username", "").setSize(20)))) .addElement(new TR() .addElement(new TD("Password")) .addElement(new TD() .addElement(new Input(Input.password, "password", "").setSize(20)))) .addElement(new TR() .addElement(new TD().setColSpan(2) .addElement(new Input(Input.radio, "direct", "disabled") .setChecked(true) .addElement(" Disable direct login ")))) .addElement(new TR() .addElement(new TD().setColSpan(2) .addElement(new Input(Input.radio, "direct", "session") .addElement(" Direct login, current session ")))) .addElement(new TR() .addElement(new TD().setColSpan(2) .addElement(new Input(Input.radio, "direct", "day") .addElement(" Direct login, one day ")))) .addElement(new TR() .addElement(new TD().setColSpan(2) .addElement(new Input(Input.radio, "direct", "week") .addElement(" Direct login, one week "))))) .addElement(new Input(Input.submit, "submit", "Login"))); } } return true; } protected java.util.Map users = new HashMap(); public void init() { super.init(); try { // read user names and passwords from the config file /WEB-INF/passwd.cfg ServletContext ctx = getServletContext(); BufferedReader mfile = new BufferedReader(new FileReader(ctx.getRealPath("WEB-INF/passwd.cfg"))); String line; while ((line = mfile.readLine()) != null) { line = line.trim(); if (line.length() > 0 && line.charAt(0) != '#') { int i = line.indexOf(':'); if (i > 0) { String username = line.substring(0, i).trim(); String password = line.substring(i + 1).trim(); users.put(username, password); } } // skip empty or comment line } } catch (FileNotFoundException e) { System.out.println("Unable to open file passwd.cfg"); } catch (IOException e) { System.out.println("Error in reading file passwd.cfg"); } } }