Master/Reference Architectures and Patterns/EJB 3.0 Code/Gerald Examples/src/examples/shop/web/servlet/LoginServlet.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

package examples.shop.web.servlet;

import java.io.IOException;

import javax.ejb.EJB;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import examples.shop.logic.Cart;
import examples.shop.logic.UserManager;

/**
 * This is the very first servlet the client deals with. It's a Login
 * authentication servlet and asks the user for his name and password, 
 * and pass it to the UserManager stateless session bean for verificatiion.
 * 
 * If the user authenticates properly, a reference to a new Cart is saved 
 * in his HttpSession object, and the user can begin to add items to his 
 * cart and shop around.
 */
public class LoginServlet extends HttpServlet {

    /** the user manager used to authenticate the user */
    @EJB
    UserManager userManager;

    /** the user's cart object */
    @EJB
    Cart cart;

    /**
     * The servlet engine calls this method once to initialize a servlet
     * instance.
     */
    public void init(ServletConfig config) throws ServletException {
        super.init(config);
        try {
            /* 
             * Get the initial context using the above startup params.
             */
            
            Context ctx = new InitialContext();
            userManager = (UserManager) ctx.lookup(UserManager.class
                    .getName());            
            cart = (Cart) ctx.lookup(Cart.class.getName());

        } catch (Exception e) {
            log(e);
            throw new ServletException(e.toString());
        }
    }

    /**
     * The servlet engine calls this method when the user's desktop browser
     * sends an HTTP request.
     */
    public void service(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        /*
         * Set up the user's HttpSession
         */
        HttpSession session = request.getSession(true);

        System.out.println(request.getAttributeNames().toString());
        /*
         * Retrieve the login name / password from the URL string.
         */
        String loginName = request.getParameter("Login");
        String password = request.getParameter("Password");
        boolean isLogin = false;

        /*
         * If user has not tried to log in yet, present him with the login
         * screen.
         */
        if ((loginName == null) || (password == null)) {
            writeForm(request, response, false);
            return;
        } else {
            /*
             * Otherwise, the user has been to this screen already, and has
             * entered some information. Verify that information.
             */
            try {
                isLogin = userManager.validateUser(loginName, password);
            } catch (Exception e) {
                writeForm(request, response, true);
                e.printStackTrace();
                return;
            }
            /*
             * If the passwords match, make a new Cart Session Bean, and add it
             * to the user's HttpSession object. When the user navigates to
             * other servlets, the other servlets can access the HttpSession to
             * get the user's Cart.
             */
            if (isLogin) {
                try {
                    cart.setOwner(loginName);
                    cart.clear();
                    session.setAttribute("cart", cart);

                    /*
                     * Call the main page
                     */
                    RequestDispatcher disp = this.getServletContext()
                            .getRequestDispatcher("/wsf.jsp");
                    disp.forward(request, response);

                    return;
                } catch (Exception e) {
                    log(e);
                    throw new ServletException(e.toString());
                }
            } else
                writeForm(request, response, true);
        }

        /*
         * If there was no match, the user is not authenticated. Present another
         * login screen to him, with an error message indicating that he is not
         * authenticated.
         */
        writeForm(request, response, true);
    }

    /**
     * Writes the Login Screen (private use only)
     * 
     * @param showError
     *            true means show an error b/c client was not authenticated last
     *            time.
     */
    private void writeForm(HttpServletRequest request,
            HttpServletResponse response, boolean showError)
            throws ServletException, IOException {

        /*
         * Set a variable indicating whether or not we failed to log-in. The JSP
         * will read this variable.
         */
        request.setAttribute("loginFailed", new Boolean(showError));

        /*
         * Forward the request to the login JSP
         */
        RequestDispatcher disp = this.getServletContext().getRequestDispatcher(
                "/login.jsp");
        disp.forward(request, response);
    }

    private void log(Exception e) {
        e.printStackTrace();
    }

    public String getServletInfo() {
        return "The Login servlet verifies a user.";
    }
}