API tools faq
paste
Guest User

Untitled

a guest
Nov 1st, 2017
31
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.75 KB | None | 0 0
raw download clone embed print report
  1. package SagaBG.SeP.CRIS.PortalView.backing.user.login;
  2.  
  3. import SagaBG.SeP.CRIS.DomainObject.AuthorizationData;
  4. import SagaBG.SeP.CRIS.DomainObject.InsuranceTaxPayer;
  5. import SagaBG.SeP.CRIS.Exceptions.CustomException;
  6. import SagaBG.SeP.CRIS.PortalView.common.utils.ELUtils;
  7.  
  8. import SagaBG.SeP.CRIS.WebFacadeLayer.WebFacade;
  9.  
  10. import java.io.IOException;
  11.  
  12. import java.util.AbstractMap;
  13. import java.util.List;
  14. import java.util.Set;
  15.  
  16. import javax.faces.application.FacesMessage;
  17. import javax.faces.context.ExternalContext;
  18. import javax.faces.context.FacesContext;
  19.  
  20. import javax.faces.event.ActionEvent;
  21.  
  22. import javax.faces.validator.ValidatorException;
  23.  
  24. import javax.naming.NamingException;
  25.  
  26. import javax.security.auth.Subject;
  27. import javax.security.auth.callback.CallbackHandler;
  28. import javax.security.auth.login.FailedLoginException;
  29. import javax.security.auth.login.LoginException;
  30.  
  31. import javax.servlet.RequestDispatcher;
  32. import javax.servlet.ServletException;
  33. import javax.servlet.http.HttpServletRequest;
  34. import javax.servlet.http.HttpServletResponse;
  35.  
  36. import javax.servlet.http.HttpSession;
  37.  
  38. import oracle.adf.share.ADFContext;
  39.  
  40. import oracle.adf.view.rich.render.ClientEvent;
  41.  
  42. import weblogic.security.URLCallbackHandler;
  43. import weblogic.security.services.Authentication;
  44.  
  45. import weblogic.servlet.security.ServletAuthentication;
  46.  
  47. public class LoginTaxPayer {
  48. private static final String AuthorizationDataUserType = "OBVEZNIK";
  49.  
  50. public LoginTaxPayer() {
  51. super();
  52. }
  53.  
  54. private String _username;
  55. private String _password;
  56. private String _personalIdentityNumber;
  57. private String _pib;
  58. private String _taxPayerIdentificator;
  59. private String _taxPayerCRNumber;
  60. private String _taxPayerName;
  61. String errorText;
  62.  
  63. public void setUsername(String _username) {
  64. this._username = _username;
  65. }
  66.  
  67. public String getUsername() {
  68. return _username;
  69. }
  70.  
  71. public void setPassword(String _password) {
  72. this._password = _password;
  73. }
  74.  
  75. public String getPassword() {
  76. return _password;
  77. }
  78.  
  79. public void setPersonalIdentityNumber(String _personalIdentityNumber) {
  80. this._personalIdentityNumber = _personalIdentityNumber;
  81. }
  82.  
  83. public String getPersonalIdentityNumber() {
  84. return _personalIdentityNumber;
  85. }
  86.  
  87. public void setPib(String _pib) {
  88. this._pib = _pib;
  89. }
  90.  
  91. public String getPib() {
  92. return _pib;
  93. }
  94.  
  95. public String doLogin() {
  96. String un = _username;
  97. byte[] pw = (_password != null) ? _password.getBytes() : new byte[0];
  98. FacesContext ctx = FacesContext.getCurrentInstance();
  99. HttpServletRequest request =
  100. (HttpServletRequest)ctx.getExternalContext().getRequest();
  101. CallbackHandler handler = new URLCallbackHandler(un, pw);
  102. try {
  103. Subject mySubject = Authentication.login(handler);
  104. ServletAuthentication.runAs(mySubject, request);
  105. ServletAuthentication.generateNewSessionID(request);
  106. String viewId = ctx.getViewRoot().getViewId();
  107. if (viewId.equals("/Login.jspx")) {
  108. viewId = "/home.jspx";
  109. }
  110. String loginUrl = "/adfAuthentication?success_url=/faces" + viewId;
  111. HttpServletResponse response =
  112. (HttpServletResponse)ctx.getExternalContext().getResponse();
  113. // ADFContext.getCurrent().getSessionScope().put("personalIdentityNumber", _personalIdentityNumber);
  114. // ADFContext.getCurrent().getSessionScope().put("pib", _pib);
  115.  
  116.  
  117. sendForward(request, response, loginUrl);
  118. } catch (FailedLoginException fle) {
  119. FacesMessage msg =
  120. new FacesMessage(FacesMessage.SEVERITY_ERROR, "Neuspešna prijava",
  121. fle.getMessage());
  122. ctx.addMessage(null, msg);
  123. } catch (LoginException le) {
  124. reportUnexpectedLoginError("LoginException", le);
  125. }
  126. return null;
  127. }
  128.  
  129. public String doCertificateLogin(ClientEvent event) {
  130. String ticket = (String)event.getParameters().get("ticket");
  131. return doCertificateLogin(ticket, true);
  132. }
  133.  
  134. public String doCertificateLogin(String ticket,
  135. String taxPayerIdentificator) {
  136. _taxPayerIdentificator = taxPayerIdentificator;
  137. return doCertificateLogin(ticket, false);
  138. }
  139.  
  140. private String doCertificateLogin(String ticket, boolean redirect) {
  141. if ((Boolean)ELUtils.evaluateEL("#{loginBean.taxPayerLoginAllowed}") ==
  142. false) {
  143. throw new RuntimeException("Tax payer cannot be logged on this instance");
  144. }
  145.  
  146. if (ticket == null || ticket.length() == 0) {
  147. reportUnexpectedLoginError("LoginException",
  148. new RuntimeException("Ticket cannot be null"));
  149. return null;
  150. }
  151.  
  152. String un = _username;
  153. byte[] pw = (_password != null) ? _password.getBytes() : new byte[0];
  154. FacesContext ctx = FacesContext.getCurrentInstance();
  155. HttpServletRequest request =
  156. (HttpServletRequest)ctx.getExternalContext().getRequest();
  157. TicketCallbackHandler handler =
  158. new TicketCallbackHandler(ticket, _taxPayerIdentificator,
  159. "Obveznik");
  160. try {
  161. Subject mySubject = Authentication.login(handler);
  162.  
  163.  
  164. if (handler.getError() != null) {
  165.  
  166. String error = handler.getError();
  167. if (error.equalsIgnoreCase("NIJE_AKTIVAN"))
  168. errorText = "Korisnik nije aktivan u sistemu CROSO";
  169. if (error.equalsIgnoreCase("ISTEKAO_SERTIFIKAT"))
  170. errorText = "Sertifikat Vam je istekao.";
  171. throw new ValidatorException(new FacesMessage(errorText));
  172. }
  173.  
  174. _personalIdentityNumber =
  175. getPersonalIdentityNumber(mySubject.getPublicCredentials());
  176. loadTaxPayerCRNumber();
  177.  
  178. setUserData(mySubject.getPublicCredentials());
  179.  
  180. ServletAuthentication.runAs(mySubject, request);
  181. ServletAuthentication.generateNewSessionID(request);
  182.  
  183. if (redirect) {
  184. String viewId = ctx.getViewRoot().getViewId();
  185.  
  186. if (viewId.equals("/Login.jspx")) {
  187. viewId = "/home.jspx";
  188. }
  189. String loginUrl =
  190. "/adfAuthentication?success_url=/faces" + viewId;
  191.  
  192. HttpServletResponse response =
  193. (HttpServletResponse)ctx.getExternalContext().getResponse();
  194.  
  195. sendForward(request, response, loginUrl);
  196. }
  197. } catch (FailedLoginException fle) {
  198. String greska = "";
  199. if ("Signed XML document not valid, cannot verify signature.".equals(fle.getMessage()))
  200. greska = "Poruka je nevalidna, provera potpisa nije uspela.";
  201. if ("Signed XML document not valid, wrong challenge number.".equals(fle.getMessage()))
  202. greska =
  203. "Poruka je nevalidna, serverski broj nije dobar, pokušajte ponovo.";
  204. if ("igned XML document not valid, certificate is revoked.".equals(fle.getMessage()))
  205. greska =
  206. "Poruka je nevalidna, vaš sertifikat je povu?en, kontaktirajte sertifikaciono telo za više detalja.";
  207. if ("Signed XML document not valid, certificate chain is incomplete.".equals(fle.getMessage()))
  208. greska =
  209. "Poruka je nevalidna, sertifikat nije izdalo verifikovano sertifikaciono telo.";
  210. if ("Signed XML document not valid, certificate has expired.".equals(fle.getMessage()))
  211. greska = "Poruka je nevalidna, vaš sertifikat je istekao.";
  212. if ("Social identity number cannot be located".equals(fle.getMessage()))
  213. greska = "Poruka je nevalidna, nije prona?en JMBG.";
  214. if (greska.equals(""))
  215. greska = fle.getMessage();
  216. FacesMessage msg =
  217. new FacesMessage(FacesMessage.SEVERITY_ERROR, "Neuspešna prijava",
  218. fle.getMessage());
  219. ctx.addMessage(null, msg);
  220. } catch (ValidatorException ve) {
  221. reportUnexpectedLoginError(errorText,ve);
  222. } catch (LoginException le) {
  223. String error = le.getMessage();
  224. reportUnexpectedLoginError("LoginException", le);
  225. } catch (CustomException e) {
  226. FacesMessage msg =
  227. new FacesMessage(FacesMessage.SEVERITY_ERROR, "Neuspešna prijava",
  228. e.getMessage());
  229. ctx.addMessage(null, msg);
  230. }
  231. return null;
  232. }
  233.  
  234. private void sendForward(HttpServletRequest request,
  235. HttpServletResponse response, String forwardUrl) {
  236. FacesContext ctx = FacesContext.getCurrentInstance();
  237. RequestDispatcher dispatcher =
  238. request.getRequestDispatcher(forwardUrl);
  239. try {
  240. dispatcher.forward(request, response);
  241. } catch (ServletException se) {
  242. reportUnexpectedLoginError("ServletException", se);
  243. } catch (IOException ie) {
  244. reportUnexpectedLoginError("IOException", ie);
  245. }
  246. ctx.responseComplete();
  247. }
  248.  
  249. private void reportUnexpectedLoginError(String errType, Exception e) {
  250. FacesMessage msg =
  251. new FacesMessage(FacesMessage.SEVERITY_ERROR, "Neocekivana gre\u0161ka prilikom logovanja",
  252. "Neo\u010Dekivana gre\u0161ka prilikom logovanja (" +
  253. errType +
  254. "), molim Vas kontaktirajte korisni\u010Dki servis.");
  255. FacesContext.getCurrentInstance().addMessage(null, msg);
  256. e.printStackTrace();
  257. }
  258.  
  259. private void setUserData(Set<Object> publicCredentials) {
  260. ADFContext.getCurrent().getSessionScope().put("authorizationDataUserType",
  261. AuthorizationDataUserType);
  262. ADFContext.getCurrent().getSessionScope().put("taxPayerId",
  263. _taxPayerIdentificator);
  264. // ako identifikator ima 9 cifara onda je pib, ako ima 13 cifara onda je jmbg
  265. if (_taxPayerIdentificator != null) {
  266. if (isPib(_taxPayerIdentificator)) {
  267. ADFContext.getCurrent().getSessionScope().put("pib",
  268. _taxPayerIdentificator);
  269. FacesContext fctx = FacesContext.getCurrentInstance();
  270. ExternalContext ectx = fctx.getExternalContext();
  271. HttpSession userSession = (HttpSession) ectx.getSession(false);
  272. userSession.setAttribute("sesija.osiguranik.pib",_taxPayerIdentificator);
  273. } else if (isPersonalIdentityNumber(_taxPayerIdentificator)) {
  274. ADFContext.getCurrent().getSessionScope().put("taxPayerPersonalIdentityNumber",
  275. _taxPayerIdentificator);
  276. }
  277. }
  278.  
  279. ADFContext.getCurrent().getSessionScope().put("taxPayerCRNumber",
  280. _taxPayerCRNumber);
  281. ADFContext.getCurrent().getSessionScope().put("taxPayerName",
  282. _taxPayerName);
  283.  
  284. for (Object publicCredential : publicCredentials) {
  285. if (publicCredential instanceof AbstractMap.SimpleEntry) {
  286. AbstractMap.SimpleEntry<Object, Object> entryCredential =
  287. (AbstractMap.SimpleEntry<Object, Object>)publicCredential;
  288. Object key = entryCredential.getKey();
  289.  
  290. if ("JMBG".equals(key)) {
  291. ADFContext.getCurrent().getSessionScope().put("personalIdentityNumber",
  292. entryCredential.getValue());
  293. }
  294. }
  295. }
  296. }
  297.  
  298. private String getPersonalIdentityNumber(Set<Object> publicCredentials) {
  299. for (Object publicCredential : publicCredentials) {
  300. if (publicCredential instanceof AbstractMap.SimpleEntry) {
  301. AbstractMap.SimpleEntry<Object, Object> entryCredential =
  302. (AbstractMap.SimpleEntry<Object, Object>)publicCredential;
  303. Object key = entryCredential.getKey();
  304.  
  305. if ("JMBG".equals(key)) {
  306. return (String)entryCredential.getValue();
  307. }
  308. }
  309. }
  310.  
  311. throw new RuntimeException("JMBG not found in publicCredentials");
  312. }
  313.  
  314. public void setTaxPayerIdentificator(String _taxPayerIdentificator) {
  315. this._taxPayerIdentificator = _taxPayerIdentificator;
  316. }
  317.  
  318. public String getTaxPayerIdentificator() {
  319. return _taxPayerIdentificator;
  320. }
  321.  
  322. public void doCertificateLogin(ActionEvent actionEvent) throws CustomException {
  323. String ticket = (String)ELUtils.evaluateEL("#{pageFlowScope.ticket}");
  324. _taxPayerIdentificator =
  325. (String)ELUtils.evaluateEL("#{pageFlowScope.taxPayerIdentificator}");
  326.  
  327. // loadTaxPayerCRNumber();
  328.  
  329. doCertificateLogin(ticket, true);
  330. }
  331.  
  332. private void loadTaxPayerCRNumber() throws CustomException {
  333. AuthorizationData authorizationData = new AuthorizationData();
  334. // TODO: prebaci ovo u konfiguraciju
  335. authorizationData.setUserType("APLIKACIJA");
  336. authorizationData.setUserId("CLWEBC.CRIS");
  337.  
  338. WebFacade facade = new WebFacade();
  339. InsuranceTaxPayer taxPayer;
  340. // TODO: ovo ce mozda morati da se uradi nakon login-a, nakon sto se ucita authorization data
  341. if (isPib(_taxPayerIdentificator))
  342. taxPayer =
  343. facade.GetTaxPayerDetailsByPib(_taxPayerIdentificator, authorizationData);
  344. else if (isPersonalIdentityNumber(_taxPayerIdentificator))
  345. taxPayer =
  346. facade.GetTaxPayerDetailsByPersonalIdentityNumber(_taxPayerIdentificator,
  347. authorizationData);
  348. else
  349. throw new RuntimeException(String.format("Unexpected value of taxPayerIdentificator '%s'",
  350. _taxPayerIdentificator));
  351.  
  352. if (taxPayer == null)
  353. HandleError("Ne postoji registrovani korisnik sa datim sertifikatom, kod pravnog lica sa PIB: " +
  354. _taxPayerIdentificator);
  355. //throw new RuntimeException(String.format("No tax payer data returned from service for identificator '%s'", _taxPayerIdentificator));
  356.  
  357. _taxPayerCRNumber = taxPayer.getCrNumber();
  358. _taxPayerName = taxPayer.getNameOfInsuranceTaxPayer();
  359. }
  360.  
  361. private void HandleError(String message) {
  362. FacesMessage msg =
  363. new FacesMessage(FacesMessage.SEVERITY_ERROR, "Greška", message);
  364. FacesContext.getCurrentInstance().addMessage(null, msg);
  365.  
  366. }
  367.  
  368. public boolean isPib(String taxPayerIdentificator) {
  369. return taxPayerIdentificator != null &&
  370. taxPayerIdentificator.length() == 9;
  371. }
  372.  
  373. public boolean isPersonalIdentityNumber(String taxPayerIdentificator) {
  374. return taxPayerIdentificator != null &&
  375. taxPayerIdentificator.length() == 13;
  376. }
  377.  
  378. public void setErrorText(String errorText) {
  379. this.errorText = errorText;
  380. }
  381.  
  382. public String getErrorText() {
  383. return errorText;
  384. }
  385. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!