pt.ua.dicoogle.server.web.auth

Class Session

java.lang.Object

pt.ua.dicoogle.server.web.auth.Session

public class Session
extends java.lang.Object

Handles and manages login requests and the information associated with it.

Constructor Summary

Constructors

Constructor and Description
Session()

Method Summary

Modifier and Type	Method and Description
static java.lang.String	getLastVisitedURL(HttpServletRequest request) Based on the request referer returns the address of the previously visited page or to the default main page if none.
static LoggedIn	getSuccessfulLogin(java.lang.String username, java.lang.String password) Attemps to login using the supplied params.
static LoggedIn	getUserLoggedIn(HttpSession session) Gets the LoggedIn object that has the information relative to user logged in on the session supplied.
static boolean	isSuccessfulLogin(java.lang.String username, java.lang.String password) Attemps to login using the supplied params.
static boolean	isUserLoggedIn(HttpSession session) Check if there is a user logged in on the session supplied.
static boolean	isUserLoggedInAnAdmin(HttpSession session) Check if there is a user logged in on the session supplied and if (s)he ia an administrator.
static boolean	logout(HttpServletRequest request) If there is a user logged in on the current HttpSession, log out.
static LoggedIn	servletLogin(HttpServletRequest request, HttpServletResponse response, boolean requiresAdminRights) Checks if the request made to a servlet was made by a logged is user, or if the request carries the required login information.
static LoggedInStatus	webappLogin(HttpServletRequest request, HttpServletResponse response, boolean requiresAdminRights) Checks if the request made to a webapp was made by a logged is user, or if the request carries the required login information.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Session

public Session()

Method Detail

isSuccessfulLogin

public static boolean isSuccessfulLogin(java.lang.String username,
                                        java.lang.String password)

Attemps to login using the supplied params.

Parameters:

username - the user name.

password - the users password.

Returns:

true if the login is successfull, false otherwise.

getSuccessfulLogin

public static LoggedIn getSuccessfulLogin(java.lang.String username,
                                          java.lang.String password)

Attemps to login using the supplied params.

Parameters:

username - the user name.

password - the users password.

Returns:

a LoggedIn object if the login is successfull, null otherwise.

isUserLoggedIn

public static boolean isUserLoggedIn(HttpSession session)

Check if there is a user logged in on the session supplied.

Parameters:

session - the HttpSession object of the request.

Returns:

true if there is a user logged in on the session supplied, false otherwise.

isUserLoggedInAnAdmin

public static boolean isUserLoggedInAnAdmin(HttpSession session)

Check if there is a user logged in on the session supplied and if (s)he ia an administrator.

Parameters:

session - the HttpSession object of the request.

Returns:

true if there is a user logged in on the session supplied and is an administrator, false otherwise.

getUserLoggedIn

public static LoggedIn getUserLoggedIn(HttpSession session)

Gets the LoggedIn object that has the information relative to user logged in on the session supplied.

Parameters:

session - the HttpSession object of the request.

Returns:

a LoggedIn object if there is a user logged in on the session supplied, null otherwise.

logout

public static boolean logout(HttpServletRequest request)

If there is a user logged in on the current HttpSession, log out.

Parameters:

session - the HttpSession object of the request.

Returns:

if there was a logout action performed or not.

servletLogin

public static LoggedIn servletLogin(HttpServletRequest request,
                                    HttpServletResponse response,
                                    boolean requiresAdminRights)
                             throws java.io.IOException

Checks if the request made to a servlet was made by a logged is user, or if the request carries the required login information.
This is done by first checking if the request has a valid (with valid login information) session (like an AJAX request from a cookies enabled browser), if not checks if the request parameters have valid login information (like made a REST[less] stand-alone application), and if none of the above situations happened send an adequate response to the client.

Parameters:

requiresAdminRights - if the current request requires admin rights to be served/performed.

Returns:

a LoggedIn object if the request is to be served, null otherwise.

Throws:

java.io.IOException

webappLogin

public static LoggedInStatus webappLogin(HttpServletRequest request,
                                         HttpServletResponse response,
                                         boolean requiresAdminRights)
                                  throws java.io.IOException

Checks if the request made to a webapp was made by a logged is user, or if the request carries the required login information.
This is done by first checking if the request has a valid (with valid login information) session (like an AJAX request from a cookies enabled browser), if not checks if the request parameters have valid login information (like made a REST[less] stand-alone application), and if none of the above situations happened send an adequate response to the client, on most cases a redirection to the login page will be sent.

Parameters:

requiresAdminRights - if the current request requires admin rights to be served/performed.

Returns:

a LoggedIn object if the request is to be served, null otherwise.

Throws:

java.io.IOException

getLastVisitedURL

public static java.lang.String getLastVisitedURL(HttpServletRequest request)

Based on the request referer returns the address of the previously visited page or to the default main page if none.

Parameters:

request - the original http request object.

Returns:

a string containing the previous URL.