Java tutorial
/* * Copyright(C) 2014 * NEC Corporation All rights reserved. * * No permission to use, copy, modify and distribute this software * and its documentation for any purpose is granted. * This software is provided under applicable license agreement only. */ package com.nec.harvest.security.handler; import java.io.IOException; import java.util.Calendar; import java.util.Date; import java.util.GregorianCalendar; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import com.nec.harvest.constant.Constants; import com.nec.harvest.http.HttpServletContentType; import com.nec.harvest.model.BusinessDay; import com.nec.harvest.model.Organization; import com.nec.harvest.model.User; import com.nec.harvest.service.BusinessDayService; import com.nec.harvest.service.OrganizationService; import com.nec.harvest.userdetails.AuthenticatedUserDetails; /** * HarvestAuthenticationSuccessHandler set Session: business day, area code, * area code, department code, department name, user name * * @author hungpd * */ public class HarvestAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler { private static final Logger logger = LoggerFactory.getLogger(HarvestAuthenticationSuccessHandler.class); private final OrganizationService organizationService; private final BusinessDayService businessDayService; public HarvestAuthenticationSuccessHandler(OrganizationService organizationService, BusinessDayService businessDayService) { this.organizationService = organizationService; this.businessDayService = businessDayService; } @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { if (logger.isDebugEnabled()) { logger.debug( "Trying to store some information into session like business day, area code, area code, department code, department name, user name"); } if (authentication == null) { logger.info("Sorry, you don't have permission to access this url"); // Sorry, you don't have permission to access this url. Please login again with right permission sendRedirectToLogout(request, response); return; } final HttpSession session = request.getSession(); try { final User user = AuthenticatedUserDetails.getUserPrincipal(); if (user == null) { logger.info( "Sorry, you don't have permission to access this url. Please login again with right permission"); // Sorry, you don't have permission to access this url. Please login again with right permission sendRedirectToLogout(request, response); return; } Calendar calendar = GregorianCalendar.getInstance(); calendar.setTime(new Date()); final BusinessDay businessDay = businessDayService .findByEigyobiCode(Constants.DEFAULT_BUSINESS_DAY_CODE); if (businessDay == null || StringUtils.isEmpty(businessDay.getEigCode())) { logger.info( "Sorry, you don't have permission to access this url because business day is null or empty"); // Sorry, you don't have permission to access this url. Please login again with right permission sendRedirectToLogout(request, response); return; } final Organization authorizedOrg = AuthenticatedUserDetails.getOrganization(); if (authorizedOrg == null) { logger.info("Sorry, you don't have permission to access this url because there is no organization"); // Sorry, you don't have permission to access this url. Please login again with right permission sendRedirectToLogout(request, response); return; } final Organization organization = organizationService .findByOrgCodeAndKaisoBango(authorizedOrg.getStrCode(), Constants.DEFAULT_DEPARTMENTAL_CODE); if (organization == null || StringUtils.isEmpty(organization.getStrCode())) { logger.info("Sorry, you don't have permission to access this url because there is no organization"); // Sorry, you don't have permission to access this url. Please login again with right permission sendRedirectToLogout(request, response); return; } session.setAttribute(Constants.USER_LOGGED_IN_LASTTIME, calendar); session.setAttribute(Constants.SESS_ORGANIZATION_CODE, authorizedOrg.getStrCode()); session.setAttribute(Constants.SESS_BUSINESS_DAY, businessDay.getEigDate()); // Current business day is: {} logger.info("Current business day is: {}", businessDay.getEigDate()); } catch (Exception ex) { logger.error(ex.getMessage(), ex); // Sorry, you don't have permission to access this url. Please login again with right permission sendRedirectToLogout(request, response); return; } super.onAuthenticationSuccess(request, response, authentication); } protected void sendRedirectToLogout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType(HttpServletContentType.PLAN_TEXT); response.sendRedirect(request.getContextPath() + "/logout"); response.flushBuffer(); } }