001    package railo.runtime.tag;
002    
003    import java.io.IOException;
004    
005    import railo.runtime.coder.Base64Coder;
006    import railo.runtime.exp.PageException;
007    import railo.runtime.ext.tag.BodyTagImpl;
008    import railo.runtime.listener.ApplicationContext;
009    import railo.runtime.op.Caster;
010    import railo.runtime.security.Credential;
011    import railo.runtime.type.Array;
012    import railo.runtime.type.Collection.Key;
013    import railo.runtime.type.KeyImpl;
014    import railo.runtime.type.Struct;
015    import railo.runtime.type.StructImpl;
016    import railo.runtime.type.util.KeyConstants;
017    import railo.runtime.type.util.ListUtil;
018    
019    /**
020     * 
021     */
022    public final class Login extends BodyTagImpl {
023        
024        private static final Key CFLOGIN = KeyImpl.intern("cflogin");
025            private int idletimeout=1800;
026        private String applicationtoken;
027        private String cookiedomain;
028        
029        @Override
030        public void release() {
031            super.release();
032            idletimeout=1800;
033            applicationtoken=null;
034            cookiedomain=null;
035        }
036        
037        /**
038         * @param applicationtoken The applicationtoken to set.
039         */
040        public void setApplicationtoken(String applicationtoken) {
041            this.applicationtoken = applicationtoken;
042        }
043        /**
044         * @param cookiedomain The cookiedomain to set.
045         */
046        public void setCookiedomain(String cookiedomain) {
047            this.cookiedomain = cookiedomain;
048        }
049        /**
050         * @param idletimeout The idletimout to set.
051         */
052        public void setIdletimeout(double idletimeout) {
053            this.idletimeout = (int) idletimeout;
054        }
055        
056    
057        @Override
058        public int doStartTag() throws PageException  {
059            
060            ApplicationContext ac=pageContext.getApplicationContext();
061            ac.setSecuritySettings(applicationtoken,cookiedomain,idletimeout);
062            
063            Credential remoteUser = pageContext.getRemoteUser();
064            if(remoteUser==null) {
065                
066                // Form
067                Object name=pageContext.formScope().get("j_username",null);
068                Object password=pageContext.formScope().get("j_password",null);
069                if(name!=null) {
070                    setCFLogin(name,password);
071                    return EVAL_BODY_INCLUDE;
072                }
073                // Header
074                String strAuth = pageContext. getHttpServletRequest().getHeader("authorization");
075                if(strAuth!=null) {
076                    int pos=strAuth.indexOf(' ');
077                    if(pos!=-1) {
078                        String format=strAuth.substring(0,pos).toLowerCase();
079                        if(format.equals("basic")) {
080                            String encoded=strAuth.substring(pos+1);
081                            String dec;
082                            try {
083                                                            dec=Base64Coder.decodeToString(encoded,"UTF-8");
084                                                    } catch (IOException e) {
085                                                            throw Caster.toPageException(e);
086                                                    }
087                            
088                            //print.ln("encoded:"+encoded);
089                            //print.ln("decoded:"+Base64Util.decodeBase64(encoded));
090                            Array arr=ListUtil.listToArray(dec,":");
091                            if(arr.size()<3) {
092                                if(arr.size()==1) setCFLogin(arr.get(1,null),"");
093                                else setCFLogin(arr.get(1,null),arr.get(2,null));
094                            }
095                        }
096                        
097                    }
098                }
099                return EVAL_BODY_INCLUDE;
100            }
101            return SKIP_BODY;
102        }
103        
104        /**
105         * @param username
106         * @param password
107         */
108        private void setCFLogin(Object username, Object password) {
109            if(username==null) return;
110            if(password==null) password="";
111            
112            Struct sct=new StructImpl();
113            sct.setEL(KeyConstants._name,username);
114            sct.setEL(KeyConstants._password,password);
115            pageContext.undefinedScope().setEL(CFLOGIN,sct);
116        }
117    
118        @Override
119        public int doEndTag() {
120            pageContext.undefinedScope().removeEL(CFLOGIN);
121            return EVAL_PAGE;
122        }
123    
124            public static String getApplicationName(ApplicationContext appContext) {
125                    return "cfauthorization_"+appContext.getSecurityApplicationToken();
126            }
127    
128            public static String getCookieDomain(ApplicationContext appContext) {
129                    return appContext.getSecurityCookieDomain();
130            }
131    
132            public static int getIdleTimeout(ApplicationContext appContext) {
133                    return appContext.getSecurityIdleTimeout();
134            }
135    }