X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FLoginPage.java;h=69b05887bb0babd9d381603504031e8cccb55d2e;hb=bdb770e853028d8510a941c936a290ab69cf675c;hp=c206ad444df43c5b0df0a08e4add6612fda6f5c4;hpb=2f50dbb24105e6345329b8e9ecb5ef4d67ab2a8c;p=gigi.git diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java index c206ad44..69b05887 100644 --- a/src/org/cacert/gigi/pages/LoginPage.java +++ b/src/org/cacert/gigi/pages/LoginPage.java @@ -39,12 +39,12 @@ public class LoginPage extends Page { } @Override - public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException { + public RedirectResult submit(HttpServletRequest req) throws GigiApiException { if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) { throw new RateLimitException(); } tryAuthWithUnpw(req); - return false; + return new RedirectResult(redirectPath(req)); } @Override @@ -56,18 +56,12 @@ public class LoginPage extends Page { public static final String LOGIN_RETURNPATH = "login-returnpath"; - private static final String SUBMIT_EXCEPTION = "login-submit-exception"; - public LoginPage() { super("Password Login"); } @Override public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { - Object o = req.getAttribute(SUBMIT_EXCEPTION); - if (o != null) { - ((GigiApiException) o).format(resp.getWriter(), getLanguage(req)); - } if (req.getHeader("Host").equals(ServerConstants.getSecureHostNamePort())) { resp.getWriter().println(getLanguage(req).getTranslation("Authentication with certificate failed. Try another certificate or use a password.")); } else { @@ -75,39 +69,45 @@ public class LoginPage extends Page { } } + @Override + public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { + if (Form.printFormErrors(req, resp.getWriter())) { + Form.getForm(req, LoginForm.class).output(resp.getWriter(), getLanguage(req), new HashMap()); + } + } + @Override public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException { - String redir = (String) req.getSession().getAttribute(LOGIN_RETURNPATH); if (req.getSession().getAttribute("loggedin") == null) { X509Certificate cert = getCertificateFromRequest(req); if (cert != null) { tryAuthWithCertificate(req, cert); } if (req.getMethod().equals("POST")) { - try { - Form.getForm(req, LoginForm.class).submit(resp.getWriter(), req); - } catch (GigiApiException e) { - req.setAttribute(SUBMIT_EXCEPTION, e); - return false; - } + return Form.getForm(req, LoginForm.class).submitExceptionProtected(req, resp); } } if (req.getSession().getAttribute("loggedin") != null) { - String s = redir; - if (s != null) { - if ( !s.startsWith("/")) { - s = "/" + s; - } - resp.sendRedirect(s); - } else { - resp.sendRedirect("/"); - } + resp.sendRedirect(redirectPath(req)); return true; } return false; } + private static String redirectPath(HttpServletRequest req) { + String redir = (String) req.getSession().getAttribute(LOGIN_RETURNPATH); + String s = redir; + if (s != null) { + if ( !s.startsWith("/")) { + s = "/" + s; + } + return s; + } else { + return "/"; + } + } + @Override public boolean needsLogin() { return false; @@ -164,11 +164,11 @@ public class LoginPage extends Page { } public static String extractSerialFormCert(X509Certificate x509Certificate) { - return x509Certificate.getSerialNumber().toString(16).toUpperCase(); + return x509Certificate.getSerialNumber().toString(16).toLowerCase(); } public static User fetchUserBySerial(String serial) { - if ( !serial.matches("[A-Fa-f0-9]+")) { + if ( !serial.matches("[a-f0-9]+")) { throw new Error("serial malformed."); } @@ -188,7 +188,7 @@ public class LoginPage extends Page { return uc; } - private static final Group LOGIN_BLOCKED = Group.getByString("blockedlogin"); + private static final Group LOGIN_BLOCKED = Group.BLOCKEDLOGIN; private void loginSession(HttpServletRequest req, User user) { if (user.isInGroup(LOGIN_BLOCKED)) {