MyLoginBean

1. package beans;
2.  
3. import javax.faces.application.FacesMessage;
4. import javax.faces.context.FacesContext;
5.  
6. import javax.security.auth.Subject;
7. import javax.security.auth.login.FailedLoginException;
8. import javax.security.auth.login.LoginException;
9.  
10. import javax.servlet.http.HttpServletRequest;
11. import javax.servlet.http.HttpServletResponse;
12.  
13. import weblogic.security.services.Authentication;
14.  
15. import javax.servlet.RequestDispatcher;
16. import javax.servlet.ServletException;
17.  
18. import java.io.IOException;
19.  
20. import weblogic.security.URLCallbackHandler;
21.  
22. import weblogic.servlet.security.ServletAuthentication;
23.  
24. public class LoginBean {
25.    
26.     private String _username;
27.     private String _password;
28.  
29.     public void setUsername(String _username) {
30.         this._username = _username.toLowerCase();
31.     }
32.  
33.     public String getUsername() {
34.         return _username;
35.     }
36.  
37.     public void setPassword(String _password) {
38.         this._password = _password;
39.     }
40.  
41.     public String getPassword() {
42.         return _password;
43.     }
44.    
45.     public String doLogin() {
46.         String un = _username;
47.         byte[] pw = _password.getBytes();
48.         FacesContext ctx = FacesContext.getCurrentInstance();
49.         HttpServletRequest request = (HttpServletRequest)ctx.getExternalContext().getRequest();
50.         try {
51.             Subject subject = Authentication.login(new URLCallbackHandler(un, pw));
52.             weblogic.servlet.security.ServletAuthentication.runAs(subject, request);
53.             ServletAuthentication.generateNewSessionID(request);
54.            
55.             String loginUrl = "/adfAuthentication?success_url=/faces/main";
56.             HttpServletResponse response = (HttpServletResponse)ctx.getExternalContext().getResponse();
57.             sendForward(request, response, loginUrl);
58.         } catch (FailedLoginException fle) {
59.             FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Incorrect Username or Password", "An incorrect Username or Password was specified");
60.             ctx.addMessage(null, msg);
61.         } catch (LoginException le) {
62.             reportUnexpectedLoginError("LoginException", le);
63.         }
64.         return null;
65.     }
66.  
67.     private void sendForward(HttpServletRequest request, HttpServletResponse response, String forwardUrl) {
68.         FacesContext ctx = FacesContext.getCurrentInstance();
69.         RequestDispatcher dispatcher = request.getRequestDispatcher(forwardUrl);
70.         try {
71.             dispatcher.forward(request, response);
72.         } catch (ServletException se) {
73.             reportUnexpectedLoginError("ServletException", se);
74.         } catch (IOException ie) {
75.             reportUnexpectedLoginError("IOException", ie);
76.         }
77.         ctx.responseComplete();
78.     }
79.  
80.     private void reportUnexpectedLoginError(String errType, Exception e) {
81.         FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Unexpected error during login",
82.                              "Unexpected error during login (" + errType + "), please consult logs for detail");
83.         FacesContext.getCurrentInstance().addMessage(null, msg);
84.         e.printStackTrace();
85.     }
86. }