From: Felix Dörre Date: Fri, 20 Jun 2014 12:13:03 +0000 (+0200) Subject: add a dummy login mechanism X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=3ad481bf50a3562142f3acd882e669acc9bc3f88 add a dummy login mechanism --- diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java new file mode 100644 index 00000000..7aa26d87 --- /dev/null +++ b/src/org/cacert/gigi/Gigi.java @@ -0,0 +1,67 @@ +package org.cacert.gigi; + +import java.io.IOException; +import java.security.cert.X509Certificate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +public class Gigi extends HttpServlet { + @Override + protected void service(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + X509Certificate[] cert = (X509Certificate[]) req + .getAttribute("javax.servlet.request.X509Certificate"); + HttpSession hs = req.getSession(false); + if (hs == null || !((Boolean) hs.getAttribute("loggedin"))) { + if (cert != null) { + tryAuthWithCertificate(req, cert[0]); + hs = req.getSession(false); + } + } + if (req.getMethod().equals("POST") && req.getPathInfo() != null + && req.getPathInfo().equals("/login")) { + authWithUnpw(req); + resp.sendRedirect("/"); + return; + } + if (req.getPathInfo() != null && req.getPathInfo().equals("/logout")) { + if (hs != null) { + hs.setAttribute("loggedin", false); + hs.invalidate(); + } + authWithUnpw(req); + resp.sendRedirect("/"); + return; + } + + if (hs == null || !((Boolean) hs.getAttribute("loggedin"))) { + resp.setContentType("text/html"); + resp.getWriter().println("Access denied. Sending login form."); + resp.getWriter() + .println( + "
" + + "" + + "
"); + return; + } + resp.getWriter().println("Access granted."); + + } + private void authWithUnpw(HttpServletRequest req) { + String un = req.getParameter("username"); + String pw = req.getParameter("password"); + // TODO dummy password check if (un.equals(pw)) { + HttpSession hs = req.getSession(); + hs.setAttribute("loggedin", true); + } + private void tryAuthWithCertificate(HttpServletRequest req, + X509Certificate x509Certificate) { + // TODO ckeck if certificate is valid + HttpSession hs = req.getSession(); + hs.setAttribute("loggedin", true); + } +} diff --git a/src/org/cacert/gigi/Launcher.java b/src/org/cacert/gigi/Launcher.java index 69180747..d0c9a44c 100644 --- a/src/org/cacert/gigi/Launcher.java +++ b/src/org/cacert/gigi/Launcher.java @@ -42,9 +42,10 @@ public class Launcher { connector.setHost("127.0.0.1"); connector.setPort(443); s.setConnectors(new Connector[]{connector}); - ServletContextHandler sh = new ServletContextHandler(); + ServletContextHandler sh = new ServletContextHandler( + ServletContextHandler.SESSIONS); s.setHandler(sh); - sh.addServlet(new ServletHolder(new TestServlet()), "/"); + sh.addServlet(new ServletHolder(new Gigi()), "/*"); s.start(); if (connector.getPort() <= 1024 && !System.getProperty("os.name").toLowerCase().contains("win")) {