PageRenderTime 55ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 1ms

/src-modules/org/opencms/workplace/CmsLogin.java

http://github.com/alkacon/opencms-core
Java | 1592 lines | 1089 code | 176 blank | 327 comment | 195 complexity | 7376f69d2e8698fd72a77b31e3001cda MD5 | raw file
Possible License(s): MIT, Apache-2.0, BSD-3-Clause, LGPL-2.1

Large files files are truncated, but you can click here to view the full file

  1. /*
  2. * This library is part of OpenCms -
  3. * the Open Source Content Management System
  4. *
  5. * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
  6. *
  7. * This library is free software; you can redistribute it and/or
  8. * modify it under the terms of the GNU Lesser General Public
  9. * License as published by the Free Software Foundation; either
  10. * version 2.1 of the License, or (at your option) any later version.
  11. *
  12. * This library is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  15. * Lesser General Public License for more details.
  16. *
  17. * For further information about Alkacon Software GmbH & Co. KG, please see the
  18. * company website: http://www.alkacon.com
  19. *
  20. * For further information about OpenCms, please see the
  21. * project website: http://www.opencms.org
  22. *
  23. * You should have received a copy of the GNU Lesser General Public
  24. * License along with this library; if not, write to the Free Software
  25. * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  26. */
  27. package org.opencms.workplace;
  28. import org.opencms.db.CmsLoginMessage;
  29. import org.opencms.db.CmsUserSettings;
  30. import org.opencms.file.CmsObject;
  31. import org.opencms.file.CmsProject;
  32. import org.opencms.file.CmsResource;
  33. import org.opencms.file.CmsResourceFilter;
  34. import org.opencms.i18n.CmsAcceptLanguageHeaderParser;
  35. import org.opencms.i18n.CmsEncoder;
  36. import org.opencms.i18n.CmsMessageContainer;
  37. import org.opencms.json.JSONArray;
  38. import org.opencms.json.JSONException;
  39. import org.opencms.json.JSONObject;
  40. import org.opencms.jsp.CmsJspLoginBean;
  41. import org.opencms.main.CmsException;
  42. import org.opencms.main.CmsLog;
  43. import org.opencms.main.OpenCms;
  44. import org.opencms.security.CmsCustomLoginException;
  45. import org.opencms.security.CmsOrganizationalUnit;
  46. import org.opencms.ui.CmsVaadinUtils;
  47. import org.opencms.ui.apps.CmsPageEditorConfiguration;
  48. import org.opencms.ui.login.CmsLoginUI;
  49. import org.opencms.util.CmsRequestUtil;
  50. import org.opencms.util.CmsStringUtil;
  51. import org.opencms.util.CmsUriSplitter;
  52. import java.io.IOException;
  53. import java.util.ArrayList;
  54. import java.util.Calendar;
  55. import java.util.Date;
  56. import java.util.GregorianCalendar;
  57. import java.util.Iterator;
  58. import java.util.List;
  59. import java.util.Locale;
  60. import javax.servlet.http.Cookie;
  61. import javax.servlet.http.HttpServletRequest;
  62. import javax.servlet.http.HttpServletResponse;
  63. import javax.servlet.http.HttpSession;
  64. import javax.servlet.jsp.PageContext;
  65. import org.apache.commons.logging.Log;
  66. /**
  67. * Handles the login of Users to the OpenCms workplace.<p>
  68. *
  69. * @since 6.0.0
  70. */
  71. public class CmsLogin extends CmsJspLoginBean {
  72. /** Action constant: Default action, display the dialog. */
  73. public static final int ACTION_DISPLAY = 0;
  74. /** Action constant: Login successful. */
  75. public static final int ACTION_LOGIN = 1;
  76. /** Action constant: Logout. */
  77. public static final int ACTION_LOGOUT = 2;
  78. /** The parameter name for the "getoulist" action. */
  79. public static final String PARAM_ACTION_GETOULIST = "getoulist";
  80. /** The parameter name for the "login" action. */
  81. public static final String PARAM_ACTION_LOGIN = "login";
  82. /** The parameter name for the "logout" action. */
  83. public static final String PARAM_ACTION_LOGOUT = "logout";
  84. /** The html id for the login form. */
  85. public static final String PARAM_FORM = "ocLoginForm";
  86. /** The parameter name for the organizational unit. */
  87. public static final String PARAM_OUFQN = "ocOuFqn";
  88. /** The parameter name for the search organizational unit. */
  89. public static final String PARAM_OUSEARCH = "ocOuSearch";
  90. /** The parameter name for the password. */
  91. public static final String PARAM_PASSWORD = "ocPword";
  92. /** The parameter name for the PC type. */
  93. public static final String PARAM_PCTYPE = "ocPcType";
  94. /** The parameter name for the organizational unit. */
  95. public static final String PARAM_PREDEF_OUFQN = "ocPredefOuFqn";
  96. /** The parameter name for the user name. */
  97. public static final String PARAM_USERNAME = "ocUname";
  98. /** The parameter name for the workplace data. */
  99. public static final String PARAM_WPDATA = "ocWpData";
  100. /** PC type constant: private PC. */
  101. public static final String PCTYPE_PRIVATE = "private";
  102. /** PC type constant: public PC. */
  103. public static final String PCTYPE_PUBLIC = "public";
  104. /** The oufqn cookie name. */
  105. private static final String COOKIE_OUFQN = "OpenCmsOuFqn";
  106. /** The PC type cookie name. */
  107. private static final String COOKIE_PCTYPE = "OpenCmsPcType";
  108. /** The username cookie name. */
  109. private static final String COOKIE_USERNAME = "OpenCmsUserName";
  110. /** The workplace data cookie name, value stores following information: ${left},${top},${width},${height}. */
  111. private static final String COOKIE_WP_DATA = "OpenCmsWpData";
  112. /** The log object for this class. */
  113. private static final Log LOG = CmsLog.getLog(CmsLogin.class);
  114. /** The action to perform. */
  115. private int m_action;
  116. /** The value of the "login" action parameter. */
  117. private String m_actionLogin;
  118. /** The value of the "logout" action parameter. */
  119. private String m_actionLogout;
  120. /** The path to open if direct edit is selected as start view. */
  121. private String m_directEditPath;
  122. /** The locale to use for display, this will not be the workplace locale, but the browser locale. */
  123. private Locale m_locale;
  124. /** The message to display with the dialog in a JavaScrip alert. */
  125. private CmsMessageContainer m_message;
  126. /** The selected organizational unit. */
  127. private CmsOrganizationalUnit m_ou;
  128. /** The value of the organizational unit parameter. */
  129. private String m_oufqn;
  130. /** The list of all organizational units. */
  131. private List<CmsOrganizationalUnit> m_ous;
  132. /** The value of the password parameter. */
  133. private String m_password;
  134. /** The value of the PC type parameter. */
  135. private String m_pcType;
  136. /** The redirect URL after a successful login. */
  137. private String m_requestedResource;
  138. /** The value of the user name parameter. */
  139. private String m_username;
  140. /**
  141. * Public constructor for login page.<p>
  142. *
  143. * @param context the JSP page context object
  144. * @param req the JSP request
  145. * @param res the JSP response
  146. */
  147. public CmsLogin(PageContext context, HttpServletRequest req, HttpServletResponse res) {
  148. super(context, req, res);
  149. // this page must never be cached
  150. res.setDateHeader(CmsRequestUtil.HEADER_LAST_MODIFIED, System.currentTimeMillis());
  151. CmsRequestUtil.setNoCacheHeaders(res);
  152. m_locale = getLocaleForRequest(req);
  153. }
  154. /**
  155. * Gets the copyright information HTML.<p>
  156. *
  157. * @param locale the locale for which to get the copyright info
  158. *
  159. * @return the copyright info HTML
  160. */
  161. public static String getCopyrightHtml(Locale locale) {
  162. StringBuffer html = new StringBuffer();
  163. html.append("<div style=\"text-align: center; font-size: 10px; white-space: nowrap;\">");
  164. html.append("<a href=\"http://www.opencms.org\" target=\"_blank\">OpenCms</a> ");
  165. html.append(Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_OPENCMS_IS_FREE_SOFTWARE_0));
  166. html.append("</div>\n");
  167. html.append("<div style=\"text-align: center; font-size: 10px; white-space: nowrap;\">");
  168. html.append(Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_TRADEMARKS_0));
  169. html.append("</div>\n");
  170. html.append("<div style=\"text-align: center; font-size: 10px; white-space: nowrap;\">");
  171. html.append("&copy; 2002 - 2015 Alkacon Software GmbH &amp; Co. KG. ");
  172. html.append(Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_RIGHTS_RESERVED_0));
  173. html.append("</div>\n");
  174. return html.toString();
  175. }
  176. /**
  177. * Returns the direct edit path from the user settings, or <code>null</code> if not set.<p>
  178. *
  179. * @param cms the CMS context to use
  180. * @param userSettings the user settings
  181. *
  182. * @return the direct edit path
  183. */
  184. public static String getDirectEditPath(CmsObject cms, CmsUserSettings userSettings) {
  185. if (userSettings.getStartView().equals(CmsWorkplace.VIEW_DIRECT_EDIT)
  186. | userSettings.getStartView().equals(CmsPageEditorConfiguration.APP_ID)) {
  187. try {
  188. CmsObject cloneCms = OpenCms.initCmsObject(cms);
  189. String startSite = CmsWorkplace.getStartSiteRoot(cloneCms, userSettings);
  190. cloneCms.getRequestContext().setSiteRoot(startSite);
  191. String projectName = userSettings.getStartProject();
  192. if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(projectName)) {
  193. cloneCms.getRequestContext().setCurrentProject(cloneCms.readProject(projectName));
  194. }
  195. String folder = userSettings.getStartFolder();
  196. CmsResource targetRes = cloneCms.readDefaultFile(folder);
  197. if (targetRes != null) {
  198. return cloneCms.getSitePath(targetRes);
  199. }
  200. } catch (Exception e) {
  201. LOG.debug(e);
  202. }
  203. }
  204. return null;
  205. }
  206. /**
  207. * Gets the list of OUs which should be selectable in the login dialog.<p>
  208. *
  209. * @param cms the CMS context to use
  210. * @param predefOu the predefined OU
  211. *
  212. * @return the list of organizational units for the OU selector
  213. */
  214. public static List<CmsOrganizationalUnit> getOrgUnitsForLoginDialog(CmsObject cms, String predefOu) {
  215. List<CmsOrganizationalUnit> result = new ArrayList<CmsOrganizationalUnit>();
  216. try {
  217. if (predefOu == null) {
  218. result.add(OpenCms.getOrgUnitManager().readOrganizationalUnit(cms, ""));
  219. result.addAll(OpenCms.getOrgUnitManager().getOrganizationalUnits(cms, "", true));
  220. Iterator<CmsOrganizationalUnit> itOus = result.iterator();
  221. while (itOus.hasNext()) {
  222. CmsOrganizationalUnit ou = itOus.next();
  223. if (ou.hasFlagHideLogin() || ou.hasFlagWebuser()) {
  224. itOus.remove();
  225. }
  226. }
  227. } else {
  228. result.add(OpenCms.getOrgUnitManager().readOrganizationalUnit(cms, predefOu));
  229. }
  230. } catch (CmsException e) {
  231. LOG.error(e.getLocalizedMessage(), e);
  232. }
  233. return result;
  234. }
  235. /**
  236. * Gets the window title for a given locale.<p>
  237. *
  238. * @param locale the locale
  239. * @return the window title
  240. */
  241. public static String getTitle(Locale locale) {
  242. return Messages.get().getBundle(locale).key(Messages.GUI_LOGIN_TITLE_0);
  243. }
  244. /**
  245. * Initializes the site and project for a CMS context after login, and returns the workplace settings for the corresponding user.<p>
  246. *
  247. * @param cms the CMS context which should be initialized
  248. * @return the workplace set
  249. */
  250. public static CmsWorkplaceSettings initSiteAndProject(CmsObject cms) {
  251. CmsWorkplaceSettings workplaceSettings = CmsWorkplace.initWorkplaceSettings(cms, null, false);
  252. String startSite = CmsWorkplace.getStartSiteRoot(cms, workplaceSettings);
  253. // switch to the preferred site
  254. workplaceSettings.setSite(startSite);
  255. cms.getRequestContext().setSiteRoot(startSite);
  256. // store the workplace settings
  257. CmsUserSettings settings = workplaceSettings.getUserSettings();
  258. // get the direct edit path
  259. try {
  260. CmsProject project = cms.readProject(settings.getStartProject());
  261. if (OpenCms.getOrgUnitManager().getAllAccessibleProjects(cms, project.getOuFqn(), false).contains(
  262. project)) {
  263. // user has access to the project, set this as current project
  264. workplaceSettings.setProject(project.getUuid());
  265. cms.getRequestContext().setCurrentProject(project);
  266. }
  267. } catch (CmsException e) {
  268. // unable to set the startup project, bad but not critical
  269. LOG.warn(
  270. Messages.get().getBundle().key(
  271. Messages.LOG_LOGIN_NO_STARTUP_PROJECT_2,
  272. cms.getRequestContext().getCurrentUser().getName(),
  273. settings.getStartProject()),
  274. e);
  275. }
  276. return workplaceSettings;
  277. }
  278. /**
  279. * Sets the cookie data.<p>
  280. *
  281. * @param pcType the pctype value
  282. * @param username the username value
  283. * @param oufqn the oufqn value
  284. *
  285. * @param request the current request
  286. * @param response the current response
  287. */
  288. public static void setCookieData(
  289. String pcType,
  290. String username,
  291. String oufqn,
  292. HttpServletRequest request,
  293. HttpServletResponse response) {
  294. // set the PC type cookie only if security dialog is enabled
  295. if (OpenCms.getLoginManager().isEnableSecurity() && CmsStringUtil.isNotEmpty(pcType)) {
  296. Cookie pcTypeCookie = getCookie(request, COOKIE_PCTYPE);
  297. pcTypeCookie.setValue(pcType);
  298. setCookie(pcTypeCookie, false, request, response);
  299. }
  300. // only store user name and OU cookies on private PC types
  301. if (PCTYPE_PRIVATE.equals(pcType)) {
  302. // set the user name cookie
  303. Cookie userNameCookie = getCookie(request, COOKIE_USERNAME);
  304. userNameCookie.setValue(username);
  305. setCookie(userNameCookie, false, request, response);
  306. // set the organizational unit cookie
  307. Cookie ouFqnCookie = getCookie(request, COOKIE_OUFQN);
  308. ouFqnCookie.setValue(oufqn);
  309. setCookie(ouFqnCookie, false, request, response);
  310. } else if (OpenCms.getLoginManager().isEnableSecurity() && PCTYPE_PUBLIC.equals(pcType)) {
  311. // delete user name and organizational unit cookies
  312. Cookie userNameCookie = getCookie(request, COOKIE_USERNAME);
  313. setCookie(userNameCookie, true, request, response);
  314. Cookie ouFqnCookie = getCookie(request, COOKIE_OUFQN);
  315. setCookie(ouFqnCookie, true, request, response);
  316. }
  317. }
  318. /**
  319. * Checks that the user name and password are not empty, and returns an error message if they are.<p>
  320. *
  321. * @param username the user name
  322. * @param password the password
  323. *
  324. * @return the error message, or null if the user name and password are OK
  325. */
  326. public static CmsMessageContainer validateUserAndPasswordNotEmpty(String username, String password) {
  327. boolean userEmpty = CmsStringUtil.isEmpty(username);
  328. boolean passwordEmpty = CmsStringUtil.isEmpty(password);
  329. // login was requested
  330. if (userEmpty && passwordEmpty) {
  331. return Messages.get().container(Messages.GUI_LOGIN_NO_DATA_0);
  332. } else if (userEmpty) {
  333. return Messages.get().container(Messages.GUI_LOGIN_NO_NAME_0);
  334. } else if (passwordEmpty) {
  335. return Messages.get().container(Messages.GUI_LOGIN_NO_PASSWORD_0);
  336. }
  337. return null;
  338. }
  339. /**
  340. * Returns the cookie with the given name, if not cookie is found a new one is created.<p>
  341. *
  342. * @param request the current request
  343. * @param name the name of the cookie
  344. *
  345. * @return the cookie
  346. */
  347. protected static Cookie getCookie(HttpServletRequest request, String name) {
  348. Cookie[] cookies = request.getCookies();
  349. for (int i = 0; (cookies != null) && (i < cookies.length); i++) {
  350. if (name.equalsIgnoreCase(cookies[i].getName())) {
  351. return cookies[i];
  352. }
  353. }
  354. return new Cookie(name, "");
  355. }
  356. /**
  357. * Sets the cookie in the response.<p>
  358. *
  359. * @param cookie the cookie to set
  360. * @param delete flag to determine if the cookir should be deleted
  361. * @param request the current request
  362. * @param response the current response
  363. */
  364. protected static void setCookie(
  365. Cookie cookie,
  366. boolean delete,
  367. HttpServletRequest request,
  368. HttpServletResponse response) {
  369. if (request.getAttribute(PARAM_PREDEF_OUFQN) != null) {
  370. // prevent the use of cookies if using a direct ou login url
  371. return;
  372. }
  373. int maxAge = 0;
  374. if (!delete) {
  375. // set the expiration date of the cookie to six months from today
  376. GregorianCalendar cal = new GregorianCalendar();
  377. cal.add(Calendar.MONTH, 6);
  378. maxAge = (int)((cal.getTimeInMillis() - System.currentTimeMillis()) / 1000);
  379. }
  380. cookie.setMaxAge(maxAge);
  381. // set the path
  382. cookie.setPath(CmsStringUtil.joinPaths(OpenCms.getStaticExportManager().getVfsPrefix(), "/system/login"));
  383. // set the cookie
  384. response.addCookie(cookie);
  385. }
  386. /**
  387. * Returns the best matching locale for the given request.<p>
  388. *
  389. * @param req the request
  390. *
  391. * @return the locale
  392. */
  393. private static Locale getLocaleForRequest(HttpServletRequest req) {
  394. CmsAcceptLanguageHeaderParser parser = new CmsAcceptLanguageHeaderParser(
  395. req,
  396. OpenCms.getWorkplaceManager().getDefaultLocale());
  397. List<Locale> acceptedLocales = parser.getAcceptedLocales();
  398. List<Locale> workplaceLocales = OpenCms.getWorkplaceManager().getLocales();
  399. Locale locale = OpenCms.getLocaleManager().getFirstMatchingLocale(acceptedLocales, workplaceLocales);
  400. if (locale == null) {
  401. // no match found - use OpenCms default locale
  402. locale = OpenCms.getWorkplaceManager().getDefaultLocale();
  403. }
  404. return locale;
  405. }
  406. /**
  407. * Returns the HTML code for selecting an organizational unit.<p>
  408. *
  409. * @return the HTML code for selecting an organizational unit
  410. */
  411. public String buildOrgUnitSelector() {
  412. StringBuffer html = new StringBuffer();
  413. html.append("<select style='width: 100%;' size='1' ");
  414. appendId(html, PARAM_OUFQN);
  415. html.append(">\n");
  416. for (CmsOrganizationalUnit ou : getOus()) {
  417. String selected = "";
  418. if (ou.getName().equals(m_oufqn)
  419. || (CmsStringUtil.isNotEmptyOrWhitespaceOnly(m_oufqn) && ou.getName().equals(m_oufqn.substring(1)))) {
  420. selected = " selected='selected'";
  421. }
  422. html.append("<option value='").append(ou.getName()).append("'").append(selected).append(">");
  423. html.append(ou.getDisplayName(m_locale));
  424. html.append("</option>\n");
  425. }
  426. html.append("</select>\n");
  427. return html.toString();
  428. }
  429. /**
  430. * Returns the HTML for the login dialog in it's current state.<p>
  431. *
  432. * @return the HTML for the login dialog
  433. *
  434. * @throws IOException in case a redirect fails
  435. * @throws CmsException in case displaying the login dialog fails
  436. */
  437. public String displayDialog() throws IOException, CmsException {
  438. if ((OpenCms.getSiteManager().getSites().size() > 1)
  439. && !OpenCms.getSiteManager().isWorkplaceRequest(getRequest())) {
  440. // this is a multi site-configuration, but not a request to the configured Workplace site
  441. // do not send any redirects to the workplace site for security reasons
  442. getResponse().sendError(HttpServletResponse.SC_NOT_FOUND);
  443. return null;
  444. }
  445. CmsObject cms = getCmsObject();
  446. if (shouldUseNewLogin() && (cms.getRequestContext().getCurrentUser().isGuestUser())) {
  447. if (getRequest().getParameter(PARAM_ACTION_LOGOUT) != null) {
  448. getResponse().sendRedirect(OpenCms.getLinkManager().substituteLink(cms, "/system/login"));
  449. return "";
  450. } else {
  451. return CmsLoginUI.displayVaadinLoginDialog(getRequest(), getResponse());
  452. }
  453. }
  454. m_message = null;
  455. if (cms.getRequestContext().getCurrentUser().isGuestUser()) {
  456. // user is not currently logged in
  457. m_action = ACTION_DISPLAY;
  458. m_username = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_USERNAME);
  459. if (m_username != null) {
  460. // remove white spaces, can only lead to confusion on user name
  461. m_username = m_username.trim();
  462. }
  463. m_password = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_PASSWORD);
  464. m_actionLogin = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_ACTION_LOGIN);
  465. m_oufqn = getRequest().getParameter(PARAM_OUFQN);
  466. if (m_oufqn == null) {
  467. m_oufqn = getPreDefOuFqn();
  468. }
  469. if (OpenCms.getLoginManager().isEnableSecurity()) {
  470. // security option is enabled, try to get PC type from request parameter
  471. m_pcType = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_PCTYPE);
  472. } else {
  473. // if security option is disabled, just set PC type to "private" to get common login dialog
  474. m_pcType = PCTYPE_PRIVATE;
  475. }
  476. // try to get some info from a cookie
  477. getCookieData();
  478. // set PC type to "public" as default if not already set by cookie, request or if security option is disabled
  479. if (m_pcType == null) {
  480. m_pcType = PCTYPE_PUBLIC;
  481. }
  482. } else {
  483. // user is already logged in
  484. m_oufqn = cms.getRequestContext().getOuFqn();
  485. m_action = ACTION_LOGIN;
  486. m_actionLogout = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_ACTION_LOGOUT);
  487. }
  488. if (m_oufqn == null) {
  489. m_oufqn = CmsOrganizationalUnit.SEPARATOR;
  490. }
  491. String actionGetOus = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_ACTION_GETOULIST);
  492. if (Boolean.TRUE.toString().equals(actionGetOus)) {
  493. return getJsonOrgUnitList();
  494. }
  495. // initialize the right ou
  496. m_ou = null;
  497. try {
  498. m_ou = OpenCms.getOrgUnitManager().readOrganizationalUnit(getCmsObject(), m_oufqn);
  499. } catch (CmsException e) {
  500. m_oufqn = CmsOrganizationalUnit.SEPARATOR;
  501. try {
  502. m_ou = OpenCms.getOrgUnitManager().readOrganizationalUnit(getCmsObject(), m_oufqn);
  503. } catch (CmsException exc) {
  504. LOG.error(exc.getLocalizedMessage(), exc);
  505. }
  506. }
  507. // initialize the requested resource
  508. m_requestedResource = CmsRequestUtil.getNotEmptyParameter(
  509. getRequest(),
  510. CmsWorkplaceManager.PARAM_LOGIN_REQUESTED_RESOURCE);
  511. if (m_requestedResource == null) {
  512. // no resource was requested, use default workplace URI
  513. m_requestedResource = CmsVaadinUtils.getWorkplaceLink();
  514. }
  515. if (Boolean.valueOf(m_actionLogin).booleanValue()) {
  516. CmsMessageContainer emptyValidation = validateUserAndPasswordNotEmpty(m_username, m_password);
  517. if (emptyValidation != null) {
  518. m_message = emptyValidation;
  519. } else {
  520. // try to login with the given user information
  521. login((m_oufqn == null ? CmsOrganizationalUnit.SEPARATOR : m_oufqn) + m_username, m_password);
  522. if (getLoginException() == null) {
  523. // the login was successful
  524. m_action = ACTION_LOGIN;
  525. CmsWorkplaceSettings settings = initSiteAndProject(cms);
  526. getRequest().getSession().setAttribute(CmsWorkplaceManager.SESSION_WORKPLACE_SETTINGS, settings);
  527. m_directEditPath = getDirectEditPath(cms, settings.getUserSettings());
  528. } else {
  529. // there was an error during login
  530. CmsException loginException = getLoginException();
  531. if (org.opencms.security.Messages.ERR_LOGIN_FAILED_DISABLED_2 == loginException.getMessageContainer().getKey()) {
  532. // the user account is disabled
  533. m_message = Messages.get().container(Messages.GUI_LOGIN_FAILED_DISABLED_0);
  534. } else if (org.opencms.security.Messages.ERR_LOGIN_FAILED_TEMP_DISABLED_4 == loginException.getMessageContainer().getKey()) {
  535. // the user account is temporarily disabled because of too many login failures
  536. m_message = Messages.get().container(Messages.GUI_LOGIN_FAILED_TEMP_DISABLED_0);
  537. } else if (org.opencms.security.Messages.ERR_LOGIN_FAILED_WITH_MESSAGE_1 == loginException.getMessageContainer().getKey()) {
  538. // all logins have been disabled be the Administration
  539. CmsLoginMessage loginMessage = OpenCms.getLoginManager().getLoginMessage();
  540. if (loginMessage != null) {
  541. m_message = Messages.get().container(
  542. Messages.GUI_LOGIN_FAILED_WITH_MESSAGE_1,
  543. loginMessage.getMessage());
  544. }
  545. }
  546. if (m_message == null) {
  547. if (loginException instanceof CmsCustomLoginException) {
  548. m_message = loginException.getMessageContainer();
  549. } else {
  550. // any other error - display default message
  551. m_message = Messages.get().container(Messages.GUI_LOGIN_FAILED_0);
  552. }
  553. }
  554. }
  555. }
  556. } else if (Boolean.valueOf(m_actionLogout).booleanValue()) {
  557. m_action = ACTION_LOGOUT;
  558. // store the workplace window data
  559. Cookie wpDataCookie = getCookie(getRequest(), COOKIE_WP_DATA);
  560. String wpData = CmsRequestUtil.getNotEmptyParameter(getRequest(), PARAM_WPDATA);
  561. if (wpData != null) {
  562. wpData = CmsEncoder.escapeXml(wpData);
  563. wpDataCookie.setValue(wpData);
  564. setCookie(wpDataCookie, false, getRequest(), getResponse());
  565. }
  566. // after logout this will automatically redirect to the login form again
  567. logout();
  568. return null;
  569. }
  570. if (m_action == ACTION_LOGIN) {
  571. // clear message
  572. m_message = null;
  573. // login is successful, check if the requested resource can be read
  574. CmsUriSplitter splitter = new CmsUriSplitter(m_requestedResource, true);
  575. String resource = splitter.getPrefix();
  576. if (CmsStringUtil.isEmptyOrWhitespaceOnly(resource)) {
  577. // bad resource name, use workplace as default
  578. resource = CmsWorkplace.JSP_WORKPLACE_URI;
  579. }
  580. if (CmsStringUtil.isEmptyOrWhitespaceOnly(m_directEditPath)
  581. && !getCmsObject().existsResource(resource, CmsResourceFilter.ONLY_VISIBLE_NO_DELETED)) {
  582. // requested resource does either not exist or is not readable by user
  583. if (CmsWorkplace.JSP_WORKPLACE_URI.equals(resource)) {
  584. // we know the Workplace exists, so the user does not have access to the Workplace
  585. // probably this is a "Guest" user in a default setup where "Guest" has no access to the Workplace
  586. m_message = Messages.get().container(Messages.GUI_LOGIN_FAILED_NO_WORKPLACE_PERMISSIONS_0);
  587. m_action = ACTION_DISPLAY;
  588. } else if (getCmsObject().existsResource(CmsWorkplace.JSP_WORKPLACE_URI)) {
  589. // resource does either not exist or is not readable, but general workplace permissions are granted
  590. m_message = Messages.get().container(Messages.GUI_LOGIN_UNKNOWN_RESOURCE_1, m_requestedResource);
  591. m_requestedResource = CmsWorkplace.JSP_WORKPLACE_URI;
  592. } else {
  593. // resource does not exist and no general workplace permissions granted
  594. m_message = Messages.get().container(
  595. Messages.GUI_LOGIN_FAILED_NO_TARGET_PERMISSIONS_1,
  596. m_requestedResource);
  597. m_action = ACTION_DISPLAY;
  598. }
  599. }
  600. if (m_action == ACTION_DISPLAY) {
  601. //the login was invalid
  602. m_requestedResource = null;
  603. // destroy the generated session
  604. HttpSession session = getRequest().getSession(false);
  605. if (session != null) {
  606. session.invalidate();
  607. }
  608. setCookieData(getRequest(), getResponse());
  609. } else {
  610. // successfully logged in, so set the cookie
  611. setCookieData(getRequest(), getResponse());
  612. }
  613. }
  614. return displayLoginForm();
  615. }
  616. /**
  617. * Gets the login info from the cookies.<p>
  618. */
  619. public void getCookieData() {
  620. // get the PC type cookie
  621. Cookie pcTypeCookie = getCookie(getRequest(), COOKIE_PCTYPE);
  622. if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(pcTypeCookie.getValue())) {
  623. // only set the data if needed
  624. if (m_pcType == null) {
  625. m_pcType = pcTypeCookie.getValue();
  626. }
  627. }
  628. if ("null".equals(m_pcType)) {
  629. m_pcType = null;
  630. }
  631. // get other cookies only on private PC types (or if security option is disabled)
  632. if ((m_pcType == null) || PCTYPE_PRIVATE.equals(m_pcType)) {
  633. // get the user name cookie
  634. Cookie userNameCookie = getCookie(getRequest(), COOKIE_USERNAME);
  635. if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(userNameCookie.getValue())) {
  636. // only set the data if needed
  637. if (CmsStringUtil.isEmptyOrWhitespaceOnly(m_username)) {
  638. m_username = userNameCookie.getValue();
  639. }
  640. if (m_pcType == null) {
  641. // set PC type to private PC if the user cookie is found
  642. m_pcType = PCTYPE_PRIVATE;
  643. }
  644. }
  645. if ("null".equals(m_username)) {
  646. m_username = null;
  647. }
  648. // get the organizational unit cookie
  649. Cookie ouFqnCookie = getCookie(getRequest(), COOKIE_OUFQN);
  650. if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(ouFqnCookie.getValue())) {
  651. // only set the data if needed
  652. if (m_oufqn == null) {
  653. m_oufqn = ouFqnCookie.getValue();
  654. }
  655. }
  656. if ("null".equals(m_oufqn)) {
  657. m_oufqn = null;
  658. }
  659. }
  660. }
  661. /**
  662. * @see org.opencms.jsp.CmsJspLoginBean#getFormLink()
  663. */
  664. @Override
  665. public String getFormLink() {
  666. if (getPreDefOuFqn() == null) {
  667. return super.getFormLink();
  668. }
  669. String preDefOuFqn = (String)getRequest().getAttribute(PARAM_PREDEF_OUFQN);
  670. try {
  671. OpenCms.getOrgUnitManager().readOrganizationalUnit(getCmsObject(), preDefOuFqn);
  672. } catch (CmsException e) {
  673. // organizational unit does not exist
  674. return super.getFormLink();
  675. }
  676. return link("/system/login" + CmsEncoder.escapeXml(preDefOuFqn));
  677. }
  678. /**
  679. * Returns the available organizational units as JSON array string.<p>
  680. *
  681. * @return the available organizational units as JSON array string
  682. */
  683. public String getJsonOrgUnitList() {
  684. List<CmsOrganizationalUnit> allOus = getOus();
  685. List<JSONObject> jsonOus = new ArrayList<JSONObject>(allOus.size());
  686. int index = 0;
  687. for (CmsOrganizationalUnit ou : allOus) {
  688. JSONObject jsonObj = new JSONObject();
  689. try {
  690. // 1: OU fully qualified name
  691. jsonObj.put("name", ou.getName());
  692. // 2: OU display name
  693. jsonObj.put("displayname", ou.getDisplayName(m_locale));
  694. // 3: OU simple name
  695. jsonObj.put("simplename", ou.getSimpleName());
  696. // 4: OU description
  697. jsonObj.put("description", ou.getDescription(m_locale));
  698. // 5: selection flag
  699. boolean isSelected = false;
  700. if (ou.getName().equals(m_oufqn)
  701. || (CmsStringUtil.isNotEmptyOrWhitespaceOnly(m_oufqn)
  702. && ou.getName().equals(m_oufqn.substring(1)))) {
  703. isSelected = true;
  704. }
  705. jsonObj.put("active", isSelected);
  706. // 6: level of the OU
  707. jsonObj.put("level", CmsResource.getPathLevel(ou.getName()));
  708. // 7: OU index
  709. jsonObj.put("index", index);
  710. // add the generated JSON object to the result list
  711. jsonOus.add(jsonObj);
  712. index++;
  713. } catch (JSONException e) {
  714. // error creating JSON object, skip this OU
  715. }
  716. }
  717. // generate a JSON array from the JSON object list
  718. JSONArray jsonArr = new JSONArray(jsonOus);
  719. return jsonArr.toString();
  720. }
  721. /**
  722. * Sets the cookie data.<p>
  723. *
  724. * @param request the current request
  725. * @param response the current response
  726. */
  727. public void setCookieData(HttpServletRequest request, HttpServletResponse response) {
  728. setCookieData(m_pcType, m_username, m_oufqn, request, response);
  729. }
  730. /**
  731. * Appends the JavaScript for the login screen to the given HTML buffer.<p>
  732. *
  733. * @param html the HTML buffer to append the script to
  734. * @param message the message to display after an unsuccessful login
  735. */
  736. protected void appendDefaultLoginScript(StringBuffer html, CmsMessageContainer message) {
  737. html.append("<script type=\"text/javascript\" src=\"");
  738. html.append(CmsWorkplace.getSkinUri()).append("jquery/packed/jquery.js");
  739. html.append("\"></script>\n");
  740. html.append("<script type=\"text/javascript\">\n");
  741. if (message != null) {
  742. html.append("function showAlert() {\n");
  743. html.append("\talert(\"");
  744. html.append(CmsStringUtil.escapeJavaScript(message.key(m_locale)));
  745. html.append("\");\n");
  746. html.append("}\n");
  747. }
  748. html.append("var orgUnitShow = false;\n");
  749. html.append("var orgUnits = null;\n");
  750. html.append("var activeOu = -1;\n");
  751. html.append("var searchTimeout;\n");
  752. html.append("var searchDefaultValue = \"");
  753. html.append(Messages.get().getBundle(m_locale).key(Messages.GUI_LOGIN_ORGUNIT_SEARCH_0));
  754. html.append("\";\n");
  755. // triggers the options to select the OU to login to
  756. html.append("function orgUnitSelection() {\n");
  757. html.append("\tif (!orgUnitShow) {\n");
  758. html.append("\t\tif (orgUnits == null) {\n");
  759. html.append("\t\t\t$.post(\"");
  760. html.append(getFormLink());
  761. html.append("\", { ");
  762. html.append(PARAM_ACTION_GETOULIST);
  763. html.append(": \"true\" }");
  764. html.append(", function(data){ fillOrgUnits(data); });\n");
  765. html.append("\t\t}\n");
  766. html.append("\t\tdocument.getElementById('ouSelId').style.display = 'block';\n");
  767. html.append("\t\tdocument.getElementById('ouLabelId').style.display = 'block';\n");
  768. html.append("\t\tdocument.getElementById('ouSearchId').style.display = 'block';\n");
  769. html.append("\t\tdocument.getElementById('ouBtnId').value = '");
  770. html.append(Messages.get().getBundle(m_locale).key(Messages.GUI_LOGIN_ORGUNIT_SELECT_OFF_0));
  771. html.append("';\n");
  772. html.append("\t} else {\n");
  773. html.append("\t\tdocument.getElementById('ouSelId').style.display = 'none';\n");
  774. html.append("\t\tdocument.getElementById('ouLabelId').style.display = 'none';\n");
  775. html.append("\t\tdocument.getElementById('ouSearchId').style.display = 'none';\n");
  776. html.append("\t\tdocument.getElementById('ouBtnId').value = '");
  777. html.append(Messages.get().getBundle(m_locale).key(Messages.GUI_LOGIN_ORGUNIT_SELECT_ON_0));
  778. html.append("';\n");
  779. html.append("\t}\n");
  780. html.append("\torgUnitShow = !orgUnitShow;\n");
  781. html.append("\tdocument.getElementById('titleId').style.display = 'block';\n");
  782. html.append("\tdocument.getElementById('titleIdOu').style.display = 'none';\n");
  783. html.append("}\n");
  784. // creates the HTML for the OUs to login to
  785. html.append("function fillOrgUnits(data) {\n");
  786. html.append("\torgUnits = eval(data);\n");
  787. html.append("\tvar html = \"\";\n");
  788. html.append("\tvar foundOu = false;\n");
  789. html.append("\tvar activeIndex = -1;\n");
  790. html.append("\tfor (var i = 0; i < orgUnits.length; i++) {\n");
  791. html.append("\t\tvar currOu = orgUnits[i];\n");
  792. html.append("\t\tvar actClass = \"\";\n");
  793. html.append("\t\tif (currOu.active == true) {\n");
  794. html.append("\t\t\t// this is the active OU\n");
  795. html.append("\t\t\tactiveOu = currOu.index;\n");
  796. html.append("\t\t\tactClass = \" class=\\\"active\\\"\";\n");
  797. html.append("\t\t}\n");
  798. html.append("\t\tvar actStyle = \"\";\n");
  799. html.append("\t\tif (currOu.level > 0) {\n");
  800. html.append("\t\t\tactStyle = \" style=\\\"margin-left: \" + (currOu.level * 20) + \"px;\\\"\";\n");
  801. html.append("\t\t}\n");
  802. html.append("\t\thtml += \"<div\";\n");
  803. html.append("\t\thtml += actClass;\n");
  804. html.append("\t\thtml += actStyle;\n");
  805. html.append("\t\thtml += \" id=\\\"ou\" + currOu.index;\n");
  806. html.append("\t\thtml += \"\\\" onclick=\\\"selectOu('\";\n");
  807. html.append("\t\thtml += currOu.name;\n");
  808. html.append("\t\thtml += \"', \" + currOu.index;\n");
  809. html.append("\t\thtml += \");\\\"><span class=\\\"name\\\">\";\n");
  810. html.append("\t\thtml += currOu.description;\n");
  811. html.append("\t\thtml += \"</span>\";\n");
  812. html.append("\t\tif (currOu.name != \"\") {\n");
  813. html.append("\t\t\thtml += \"<span class=\\\"path\\\"\";\n");
  814. html.append("\t\t\thtml += \" title=\\\"\";\n");
  815. html.append("\t\t\thtml += currOu.name;\n");
  816. html.append("\t\t\thtml += \"\\\">\";\n");
  817. html.append("\t\t\thtml += currOu.simplename;\n");
  818. html.append("\t\t\thtml += \"</span>\";\n");
  819. html.append("\t\t}\n");
  820. html.append("\t\thtml += \"</div>\";\n");
  821. html.append("\t}\n");
  822. html.append(
  823. "\thtml += \"<div id=\\\"nooufound\\\" style=\\\"display: none;\\\"><span class=\\\"name\\\">\";\n");
  824. html.append("\thtml += \"");
  825. html.append(Messages.get().getBundle(m_locale).key(Messages.GUI_LOGIN_ORGUNIT_SEARCH_NORESULTS_0));
  826. html.append("\";\n");
  827. html.append("\thtml += \"</span></div>\";\n");
  828. html.append("\t$(\"#ouSelId\").append(html);\n");
  829. html.append("\t$(\"#ouSelId\").slideDown();\n");
  830. html.append("\tscrollToActiveOu();\n");
  831. html.append("}\n");
  832. // shows the list of OUs matching the search term or all OUs if the search term is empty
  833. html.append("function showOrgUnits(searchTerm) {\n");
  834. html.append("\tvar html = \"\";\n");
  835. html.append("\tvar foundOu = false;\n");
  836. html.append("\tfor (var i = 0; i < orgUnits.length; i++) {\n");
  837. html.append("\t\tvar currOu = orgUnits[i];\n");
  838. html.append("\t\tif (searchTerm != \"\") {\n");
  839. html.append("\t\t\tvar stLower = searchTerm.toLowerCase();\n");
  840. html.append(
  841. "\t\t\tif (currOu.name.toLowerCase().indexOf(stLower )== -1 && currOu.description.toLowerCase().indexOf(stLower) == -1) {\n");
  842. html.append("\t\t\t\t$(\"#ou\" + i + \":visible\").slideUp();\n");
  843. html.append("\t\t\t} else {\n");
  844. html.append("\t\t\t\t$(\"#ou\" + i + \":hidden\").slideDown();\n");
  845. html.append("\t\t\t\t$(\"#ou\" + i).removeAttr(\"style\");\n");
  846. html.append("\t\t\t\tfoundOu = true;\n");
  847. html.append("\t\t\t}\n");
  848. html.append("\t\t} else {\n");
  849. html.append("\t\t\tfoundOu = true;\n");
  850. html.append("\t\t\tvar actStyle = \"\";\n");
  851. html.append("\t\t\tif (currOu.level > 0) {\n");
  852. html.append("\t\t\t\tactStyle = \"margin-left: \" + (currOu.level * 20) + \"px;\";\n");
  853. html.append("\t\t\t}\n");
  854. html.append("\t\t\t$(\"#ou\" + i).attr(\"style\", actStyle);\n");
  855. html.append("\t\t\t$(\"#ou\" + i + \":hidden\").slideDown();\n");
  856. html.append("\t\t}\n");
  857. html.append("\t}\n");
  858. html.append("\tif (searchTerm != \"\" && foundOu == false) {\n");
  859. html.append("\t\t$(\"#nooufound:hidden\").slideDown();\n");
  860. html.append("\t} else {\n");
  861. html.append("\t\t$(\"#nooufound:visible\").slideUp();\n");
  862. html.append("\t}\n");
  863. html.append("\tif (searchTerm == \"\") {\n");
  864. html.append("\t\tscrollToActiveOu();\n");
  865. html.append("\t}\n");
  866. html.append("}\n");
  867. // selects the OU to login to
  868. html.append("function selectOu(ouPath, ouIndex) {\n");
  869. html.append("\tif (ouIndex != -1 && ouIndex != activeOu) {\n");
  870. html.append("\t\t$(\"#ou\" + ouIndex).addClass(\"active\");\n");
  871. html.append("\t\torgUnits[ouIndex].active = true;\n");
  872. html.append("\t\t$(\"#");
  873. html.append(PARAM_OUFQN);
  874. html.append("\").val(ouPath);\n");
  875. html.append("\t\tif (activeOu != -1) {\n");
  876. html.append("\t\t\torgUnits[activeOu].active = false;\n");
  877. html.append("\t\t\t$(\"#ou\" + activeOu).removeClass();\n");
  878. html.append("\t\t}\n");
  879. html.append("\t\tactiveOu = ouIndex;\n");
  880. html.append("\t}\n");
  881. html.append("}\n");
  882. // filters the OUs by the provided search term using a timeout, called by the onkeyup event of the search input field
  883. html.append("function searchOu() {\n");
  884. html.append("\tvar searchElem = $(\"#");
  885. html.append(PARAM_OUSEARCH);
  886. html.append("\");\n");
  887. html.append("\tvar searchTerm = searchElem.val();\n");
  888. html.append("\tif (searchTerm == searchDefaultValue) {");
  889. html.append("\t\tsearchTerm = \"\";");
  890. html.append("\t}");
  891. html.append("\tclearTimeout(searchTimeout);\n");
  892. html.append("\tsearchTimeout = setTimeout(\"showOrgUnits(\\\"\" + trim(searchTerm) + \"\\\");\", 750);\n");
  893. html.append("}\n");
  894. // sets the value of the OU search input field, called by the onfocus and onblur event of the field
  895. html.append("function checkOuValue() {\n");
  896. html.append("\tvar searchElem = $(\"#");
  897. html.append(PARAM_OUSEARCH);
  898. html.append("\");\n");
  899. html.append("\tif (searchElem.val() == searchDefaultValue) {");
  900. html.append("\t\tsearchElem.val(\"\");");
  901. html.append("\t\tsearchElem.removeAttr(\"class\");");
  902. html.append("\t} else if (searchElem.val() == \"\") {");
  903. html.append("\t\tsearchElem.val(searchDefaultValue);");
  904. html.append("\t\tsearchElem.attr(\"class\", \"inactive\");");
  905. html.append("\t}");
  906. html.append("}\n");
  907. // scrolls to the currently selected OU if it is out of visible range
  908. html.append("function scrollToActiveOu() {\n");
  909. html.append("\tif (activeOu != -1) {\n");
  910. html.append("\t\tvar activeOffset = $(\"#ou\" + activeOu).offset().top;\n");
  911. html.append("\t\tvar parentOffset = $(\"#ouSelId\").offset().top;\n");
  912. html.append("\t\tactiveOffset = activeOffset - parentOffset;\n");
  913. html.append("\t\tif (activeOffset > $(\"#ouSelId\").height()) {;\n");
  914. html.append("\t\t\t$(\"#ouSelId\").animate({scrollTop: activeOffset}, 500);\n");
  915. html.append("\t\t};\n");
  916. html.append("\t}\n");
  917. html.append("}\n");
  918. // function to check IE version, in case of a version < IE8 login will be disabled and an error message shown.
  919. html.append("function checkBrowser(){\n ");
  920. html.append("var div = document.createElement(\"div\");\n");
  921. html.append("div.innerHTML = \"<!--[if lt IE 8]><i></i><![endif]-->\";\n");
  922. html.append("var isIeLessThan8 = (div.getElementsByTagName(\"i\").length == 1);\n");
  923. html.append("if (isIeLessThan8) {\n $('#");
  924. html.append(PARAM_FORM);
  925. html.append(
  926. "').after('<div style=\"color: #B31B34; font-weight: bold; font-size: 14px; margin: 20px; text-align: center;\">");
  927. html.append(Messages.get().getBundle(m_locale).key(Messages.GUI_LOGIN_UNSUPPORTED_BROWSER_0));
  928. html.append("</div>');\n $('#");
  929. html.append(PARAM_FORM);
  930. html.append(
  931. "').css(\"display\",\"none\"); /** $('input').attr('disabled', 'disabled');\n alert('wrong browser'); */\n}\n}\n");
  932. // called when the login form page is loaded
  933. html.append("function doOnload() {\n checkBrowser();\n");
  934. html.append("\tdocument.");
  935. html.append(PARAM_FORM);
  936. html.append(".");
  937. html.append(PARAM_USERNAME);
  938. html.append(".select();\n");
  939. html.append("\tdocument.");
  940. html.append(PARAM_FORM);
  941. html.append(".");
  942. html.append(PARAM_USERNAME);
  943. html.append(".focus();\n");
  944. if (message != null) {
  945. html.append("\tshowAlert();\n");
  946. }
  947. html.append("}\n");
  948. // helper function to trim a given string
  949. html.append("function trim (myStr) {\n");
  950. html.append("\treturn myStr.replace(/^\\s+/, '').replace (/\\s+$/, '');\n");
  951. html.append("}\n");
  952. html.append("</script>\n");
  953. }
  954. /**
  955. * Appends the JavaScript that opens the Direct Edit window after a successful login
  956. * to the given HTML buffer.<p>
  957. *
  958. * @param html the html buffer to append the script to
  959. */
  960. protected void appendDirectEditOpenerScript(StringBuffer html) {
  961. html.append("<script type=\"text/javascript\">\n");
  962. html.append("function doOnload() {\n");
  963. // the window's name must be the same as in:
  964. // system/workplace/resources/commons/explorer.js
  965. html.append("window.name='preview';");
  966. html.append("window.location.replace('");
  967. html.append(link(m_directEditPath));
  968. html.append("');");
  969. html.append("}\n");
  970. html.append("</script>\n");
  971. }
  972. /**
  973. * Appends the HTML form name/id code for the given id to the given html.<p>
  974. *
  975. * @param html the html where to append the id to
  976. * @param id the id to append
  977. */
  978. protected void appendId(StringBuffer html, String id) {
  979. html.append(" name=\"");
  980. html.append(id);
  981. html.append("\" id=\"");
  982. html.append(id);
  983. html.append("\" ");
  984. }
  985. /**
  986. * Appends the JavaScript that opens the Workplace window after a successful login
  987. * to the given HTML buffer.<p>
  988. *
  989. * @param html the html buffer to append the script to
  990. * @param requestedResource the requested resource to open in a new window
  991. * @param message the message to display if the originally requested resource is not available
  992. */
  993. protected void appendWorkplaceOpenerScript(
  994. StringBuffer html,
  995. String requestedResource,
  996. CmsMessageContainer message) {
  997. String winId = "OpenCms" + System.currentTimeMillis();
  998. html.append("<script type=\"text/javascript\">\n");
  999. html.append("function doOnload() {\n");
  1000. // display missing resource warning if required
  1001. if (message != null) {
  1002. html.append("\talert(\"");
  1003. html.append(CmsStringUtil.escapeJavaScript(message.key(m_locale)));
  1004. html.append("\");\n");
  1005. }
  1006. // display login message if required
  1007. CmsLoginMessage loginMessage = OpenCms.getLoginManager().getLoginMessage();
  1008. if ((loginMessage != null) && (loginMessage.isActive())) {
  1009. String msg;
  1010. if (loginMessage.isLoginForbidden()) {
  1011. // login forbidden for normal users, current user must be Administrator
  1012. msg = Messages.get().container(
  1013. Messages.GUI_LOGIN_SUCCESS_WITH_MESSAGE_2,
  1014. loginMessage.getMessage(),
  1015. new Date(loginMessage.getTimeEnd())).key(m_locale);
  1016. } else {
  1017. // just display the message
  1018. msg = loginMessage.getMessage();
  1019. }
  1020. html.append("\talert(\"");
  1021. html.append(CmsStringUtil.escapeJavaScript(msg));
  1022. html.append("\");\n");
  1023. }
  1024. String openResource = requestedResource;
  1025. // check if user agreement should be shown
  1026. CmsLoginUserAgreement agreementInfo = new CmsLoginUserAgreement(this);
  1027. if (agreementInfo.isShowUserAgreement()) {
  1028. openResource = agreementInfo.getConfigurationVfsPath()
  1029. + "?"
  1030. + CmsLoginUserAgreement.PARAM_WPRES
  1031. + "="
  1032. + requestedResource;
  1033. }
  1034. html.append("\tvar openUri = \"");
  1035. html.append(link(openResource));
  1036. html.append("\";\n");
  1037. html.append("\tvar workplaceWin = openWorkplace(openUri, \"");
  1038. html.append(winId);
  1039. html.append("\");\n");

Large files files are truncated, but you can click here to view the full file