List of usage examples for com.vaadin.server WrappedSession setAttribute
public void setAttribute(String name, Object value);
From source file:net.sf.gazpachoquest.questionnaires.views.login.OldLoginView.java
License:Open Source License
@Override public void buttonClick(ClickEvent event) { logger.info("Submitting login"); // List<QuestionnaireDTO> questionnaires = questionnairResource.list(); // System.out.println(questionnaires); ///*from w w w . java2 s.co m*/ // Validate the fields using the navigator. By using validors for the // fields we reduce the amount of queries we have to use to the database // for wrongly entered passwords // if (!invitationTextField.isValid()) { return; } String invitation = invitationTextField.getValue(); WrappedSession session = VaadinService.getCurrentRequest().getWrappedSession(); QuestionnaireResource proxy = JAXRSClientFactory.create("", QuestionnaireResource.class, Collections.singletonList(new JacksonJsonProvider()), "respondent", invitation, null); // // Validate username and password with database here. For examples sake // I use a dummy username and password. // boolean isValid = true; if (isValid) { // Store the current invitation in the service session getSession().setAttribute("invitation", invitation); session.setAttribute("username", "respondent"); session.setAttribute("password", invitation); // Navigate to main view getUI().getNavigator().navigateTo(QuestionnaireView.NAME); } else { // Wrong password clear the password field and refocuses it invitationTextField.setValue(null); invitationTextField.focus(); } }
From source file:org.vaadin.spring.security.internal.VaadinSharedSecurity.java
License:Apache License
@Override public Authentication login(Authentication authentication, boolean rememberMe) throws Exception { SecurityContext context = SecurityContextHolder.getContext(); final HttpServletRequest request = httpRequestResponseHolder.getCurrentRequest(); if (request == null) { throw new IllegalStateException("No HttpServletRequest bound to current thread"); }//from w ww. j av a 2s .c om final HttpServletResponse response = httpRequestResponseHolder.getCurrentResponse(); if (response == null) { throw new IllegalStateException("No HttpServletResponse bound to current thread"); } try { logger.debug("Attempting authentication of {}, rememberMe = {}", authentication, rememberMe); final Authentication fullyAuthenticated = getAuthenticationManager().authenticate(authentication); /* * Fix: #255 (VaadinSharedSecurity ignored sessionAuthenticationStrategy failures) * * Reorganized Authentication procedure * Authentication workflow set according to {@link AbstractAuthenticationProcessingFilter} * * #1 Check for Null Authentication and handle like Authentication Exception * And set {@link Authentication} Object to null out of security * * #2 Execute SessionStrategy * #3 Handle Successful login * #4 Execute LoginSuccessHandler */ // #1 Check NULL Authentication if (authentication == null) { // Handle failed authentication logger.debug("Authentication failed"); context = SecurityContextHolder.createEmptyContext(); if (hasRememberMeServices()) { logger.debug("Invoking RememberMeServices"); getRememberMeServices().loginFail(request, response); } /* * Return NULL * And set {@link Autentication} object reference to NULL */ authentication = null; return null; } // #2 Execute SessionStrategy logger.debug("Invoking session authentication strategy"); sessionAuthenticationStrategy.onAuthentication(fullyAuthenticated, request, response); // #3 Handle Successful Login context.setAuthentication(fullyAuthenticated); if (rememberMe) { if (hasRememberMeServices()) { logger.debug("Invoking RememberMeServices"); getRememberMeServices().loginSuccess(request, response, authentication); } else { throw new IllegalStateException( "Requested RememberMe authentication but no RememberBeServices are available"); } } // #4 Execute LoginSuccessHandler logger.debug("Invoking authentication success handler"); vaadinAuthenticationSuccessHandler.onAuthenticationSuccess(fullyAuthenticated); return authentication; } catch (AuthenticationException e) { logger.debug("Authentication failed"); context = SecurityContextHolder.createEmptyContext(); if (hasRememberMeServices()) { logger.debug("Invoking RememberMeServices"); getRememberMeServices().loginFail(request, response); } throw e; } finally { if (saveContextInSessionAfterLogin) { logger.debug("Saving security context in the session"); WrappedSession session = getSession(); if (session != null) { session.setAttribute(springSecurityContextKey, context); } else { logger.warn( "Tried to save security context in the session, but no session was bound to the current thread"); } } } }
From source file:org.vaadin.spring.security.shared.DefaultVaadinSharedSecurity.java
License:Apache License
@Override public Authentication login(Authentication authentication, boolean rememberMe) throws Exception { final HttpServletRequest request = new RememberMeRequestWrapper(getCurrentRequest(), rememberMe, getRememberMeParameter());//from w w w. j a v a2s .co m final HttpServletResponse response = getCurrentResponse(); try { LOGGER.debug("Attempting authentication of {}, rememberMe = {}", authentication, rememberMe); final Authentication fullyAuthenticated = getAuthenticationManager().authenticate(authentication); LOGGER.debug("Invoking session authentication strategy"); sessionAuthenticationStrategy.onAuthentication(fullyAuthenticated, request, response); successfulAuthentication(fullyAuthenticated, request, response); return fullyAuthenticated; } catch (Exception e) { unsuccessfulAuthentication(request, response); throw e; } finally { if (saveContextInSessionAfterLogin) { LOGGER.debug("Saving security context in the session"); WrappedSession session = getSession(); if (session != null) { session.setAttribute(springSecurityContextKey, SecurityContextHolder.getContext()); } else { LOGGER.warn( "Tried to save security context in the session, but no session was bound to the current thread"); } } } }