Java HttpServletRequest.login方法代码示例

import javax.servlet.http.HttpServletRequest; //导入方法依赖的package包/类
public boolean login(String p_username, String p_password, HttpServletRequest req) {		
	try {			
		req.logout();
		beginTx();
			User u = findUser(p_username);
		
			if (u == null) {
                   _logger.info("User with username " + p_username + " not found");
                   commitTx();	
                   return false;
               }
		
			req.login(u.getId().toString(), Security.getPasswordHash(p_password, u.getSalt()));
			
			u.updatePassword(p_password);				
			u.setLastLogin(new Date());
		commitTx();			
		return true;
	} catch (ServletException e) {
		_logger.error(e.getMessage(), e);
		return false;
	}		
}
 

import javax.servlet.http.HttpServletRequest; //导入方法依赖的package包/类
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
        throws ServletException, IOException {

    req.login(USER, PWD);

    if (!req.getRemoteUser().equals(USER))
        throw new ServletException();
    if (!req.getUserPrincipal().getName().equals(USER))
        throw new ServletException();

    req.logout();

    if (req.getRemoteUser() != null)
        throw new ServletException();
    if (req.getUserPrincipal() != null)
        throw new ServletException();

    resp.getWriter().write(OK);
}
 

import javax.servlet.http.HttpServletRequest; //导入方法依赖的package包/类
@POST
@Path("/login")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public LoginResponse login(@Context HttpServletRequest httpRequest, LoginRequest request) {
    LoginResponse response = new LoginResponse();

    if (httpRequest.getUserPrincipal() == null) {
        try {
            httpRequest.login(request.getUsername(), request.getPassword());
            httpRequest.getSession().getId(); //sometimes need to initialize session
            response.setSuccess(true);
        } catch (ServletException ex) {
            response.setSuccess(false);
        }
    } else {
        response.setSuccess(false);
    }

    return response;
}
 

import javax.servlet.http.HttpServletRequest; //导入方法依赖的package包/类
void loginUser(VOUser voUser, String password,
        HttpServletRequest httpRequest, HttpSession session)
        throws LoginException, CommunicationException {
    ServiceAccess serviceAccess = ServiceAccess
            .getServiceAcccessFor(session);
    IdentityService service = getIdService();

    // authenticate the user
    httpRequest.getSession();
    try {
        httpRequest.login(String.valueOf(voUser.getKey()), password);
    } catch (ServletException e) {
        throw new LoginException(e.getMessage());
    }
    serviceAccess.login(voUser, password, httpRequest, getResponse());

    // log info on the successful login
    logger.logInfo(Log4jLogger.ACCESS_LOG,
            LogMessageIdentifier.INFO_USER_LOGIN_SUCCESS,
            voUser.getUserId(), IPResolver.resolveIpAddress(httpRequest),
            voUser.getTenantId());

    // read the user details value object and store it in the session
    session.setAttribute(Constants.SESS_ATTR_USER,
            service.getCurrentUserDetails());
}
 

import javax.servlet.http.HttpServletRequest; //导入方法依赖的package包/类
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
		throws ServletException, IOException {
	response.setContentType("text/html;charset=UTF-8");
	PrintWriter out = response.getWriter();
	String user = request.getParameter("user");
	String password = request.getParameter("password");

	if (user != null && password != null) {
		request.login(user, password);
	}

	userDetails(out, request);
}
 

import javax.servlet.http.HttpServletRequest; //导入方法依赖的package包/类
/**
 * This method is not adapted used in SAML_SP case.
 * 
 */
void reLogginUserIfRequired(HttpServletRequest httpRequest,
        HttpServletResponse httpResponse, AuthorizationRequestData rdo,
        StringBuffer url) {
    final String userId = httpRequest.getParameter(PARAM_LOGIN_USER_ID);
    if (!ADMStringUtils.isBlank(userId)) {
        // user login data was just provided by the login dialog
        try {
            ServiceAccess serviceAccess = ServiceAccess
                    .getServiceAcccessFor(httpRequest.getSession());
            IdentityService identityService = serviceAccess
                    .getService(IdentityService.class);
            rdo.setUserId(userId);
            rdo.setPassword(httpRequest.getParameter(PARAM_LOGIN_PASSWORD));
            VOUser voUser = readTechnicalUserFromDb(identityService, rdo);
            httpRequest.getSession();
            httpRequest.login(String.valueOf(voUser.getKey()),
                    rdo.getPassword());
            // serviceAccess.login(voUser, rdo.getPassword(), httpRequest,
            // httpResponse);
            httpRequest.getSession().setAttribute(Constants.SESS_ATTR_USER,
                    identityService.getCurrentUserDetails());
        } catch (Exception e2) {
            httpRequest.setAttribute(Constants.REQ_ATTR_ERROR_KEY,
                    BaseBean.ERROR_LOGIN);
            // open marketplace login dialog again and fill in
            // userId
            appendParam(url, Constants.REQ_PARAM_AUTO_OPEN_MP_LOGIN_DIALOG,
                    Boolean.TRUE.toString(),
                    httpRequest.getCharacterEncoding());
            appendParam(url, Constants.REQ_PARAM_USER_ID, userId,
                    httpRequest.getCharacterEncoding());
        }
    }
}
 

import javax.servlet.http.HttpServletRequest; //导入方法依赖的package包/类
/**
 * Performs a login using JAAS / Container authentication. Further the method populates the session
 * attribute SUBJECT with a JAAS subject for the user. The subject is either populated from the container
 * such as jetty or an additional JAAS login is performed to obtain the subject.
 * @return
 *  SUCCESS if the login was successful, otherwise ERROR is returned.
 * @throws Exception
 */
public String login() throws Exception {

    if (isInvalid(getUsername())) {
        return INPUT;
    }
    if (isInvalid(getPassword())) {
        return INPUT;
    }

    final HttpServletRequest request = ServletActionContext.getRequest();
    final HttpSession session = request.getSession();

    //perform container login
    try {
        request.login(username, password);
    } catch(ServletException e){
        LOG.error("Login failed", e);
        return Action.ERROR;
    }

    //try to obtain the Subject from the container or perform an _additional_ login
    //in order to get the subject.
    final Optional<Subject> subject = Stream.of(jettySupport,
                                                new LoginModuleAuthSupport(getUsername(), getPassword()))
                                            .map(f -> f.apply(session))
                                            .findFirst()
                                            .flatMap(identity());

    //register the subject in the session so we can obtain it without vendor specific
    //access logic (such as Jetty's)
    //see RunAsInterceptor where we need this
    subject.ifPresent(subj -> session.setAttribute("SUBJECT", subj));
    return subject.map(s -> Action.SUCCESS).orElse(Action.ERROR);
}