Added Authentication against database

git-svn-id: https://oreka.svn.sourceforge.net/svnroot/oreka/trunk@84 09dcff7a-b715-0410-9601-b79a96267cd0

17 files changed, 271 insertions, 62 deletions

diff --git a/orkweb/context/WEB-INF/Home.html b/orkweb/context/WEB-INF/Home.html
index 4256a96..6b7fed1 100644
--- a/orkweb/context/WEB-INF/Home.html
+++ b/orkweb/context/WEB-INF/Home.html
@@ -1,4 +1,4 @@
-<html jwcid="@Shell" stylesheet="ognl:assets.mystyle" title="Welcome to OrkWeb" >
+<html jwcid="@Shell" stylesheet="asset:globalStylesheet" title="Welcome to OrkWeb" >
 <link jwcid="@If" condition="false" href="orekastyle.css" rel="stylesheet" type="text/css"/>
 
 <body>
diff --git a/orkweb/context/WEB-INF/Home.page b/orkweb/context/WEB-INF/Home.page
index 93a41cd..7d70dd3 100644
--- a/orkweb/context/WEB-INF/Home.page
+++ b/orkweb/context/WEB-INF/Home.page
@@ -4,8 +4,8 @@
       "http://jakarta.apache.org/tapestry/dtd/Tapestry_3_0.dtd">
 <!-- generated by Spindle, http://spindle.sourceforge.net -->
 
-<page-specification class="net.sf.oreka.pages.Home">
+<page-specification class="net.sf.oreka.pages.HomePage">
     <description><![CDATA[   add a description   ]]></description>
     
-    <external-asset name="mystyle" URL="./css/orekastyle.css" />
+    <!--<external-asset name="mystyle" URL="./css/orekastyle.css" />-->
 </page-specification>
diff --git a/orkweb/context/WEB-INF/RecSegments.html b/orkweb/context/WEB-INF/RecSegments.html
index 31b977b..75c5263 100644
--- a/orkweb/context/WEB-INF/RecSegments.html
+++ b/orkweb/context/WEB-INF/RecSegments.html
@@ -1,4 +1,4 @@
-<html jwcid="@Shell" stylesheet="ognl:assets.mystyle" title="Browse segments" >
+<html jwcid="@Shell" stylesheet="asset:globalStylesheet" title="Browse segments" >
 <link jwcid="@If" condition="false" href="orekastyle.css" rel="stylesheet" type="text/css"/>
 <body jwcid="@Body">
 <table width="99%" border="0" align="center" cellpadding="0" cellspacing="0">
diff --git a/orkweb/context/WEB-INF/RecSegments.page b/orkweb/context/WEB-INF/RecSegments.page
index 96f3e4c..e13003d 100644
--- a/orkweb/context/WEB-INF/RecSegments.page
+++ b/orkweb/context/WEB-INF/RecSegments.page
@@ -19,7 +19,7 @@
     </property-specification>
        	
     <!--<context-asset name="myimage" path="/images/Czech.gif"/>-->
-    <external-asset name="mystyle" URL="./css/orekastyle.css" />
+    <!--<external-asset name="mystyle" URL="./css/orekastyle.css" />-->
     <context-asset name="play" path="/images/common/icon_play.gif"/>
     <context-asset name="cal" path="/images/common/icon_calendar.gif"/>
     
diff --git a/orkweb/context/WEB-INF/hivemodule.xml b/orkweb/context/WEB-INF/hivemodule.xml
new file mode 100644
index 0000000..66ed176
--- /dev/null
+++ b/orkweb/context/WEB-INF/hivemodule.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0"?>
+<module id="orkweb" version="0.0.3">
+    
+<contribution configuration-id="tapestry.state.ApplicationObjects">
+  <state-object name="session-state-object" scope="session">
+    <create-instance class="net.sf.oreka.pages.SessionStateObject"/>
+  </state-object>  
+</contribution>   
+</module>
\ No newline at end of file
diff --git a/orkweb/deploy-template.xml b/orkweb/deploy-template.xml
index 343e65a..6e54379 100644
--- a/orkweb/deploy-template.xml
+++ b/orkweb/deploy-template.xml
@@ -66,7 +66,8 @@
 	      	   <include name="WEB-INF/*.application" />
 	      	   <include name="WEB-INF/*.jwc" />
 	      	   <include name="WEB-INF/*.html" />
-	      	   <include name="WEB-INF/*.properties" />      	   
+	      	   <include name="WEB-INF/*.properties" />   
+	      	   <include name="WEB-INF/*.xml" />    	    	   
 	      	   <include name="css/*.css" />
 	      	</fileset>
 	      </war>
diff --git a/orkweb/src/net/sf/oreka/orkweb/ContextListener.java b/orkweb/src/net/sf/oreka/orkweb/ContextListener.java
index 52ab577..ea21194 100644
--- a/orkweb/src/net/sf/oreka/orkweb/ContextListener.java
+++ b/orkweb/src/net/sf/oreka/orkweb/ContextListener.java
@@ -46,7 +46,7 @@ public class ContextListener implements ServletContextListener {
 		}		
 		
 		try {
-			HibernateManager.configure(hibernateConfigFile);
+			OrkWeb.hibernateManager.configure(hibernateConfigFile);
 		}
 		catch (Exception e) {
 			log.error("orkweb.ContextListener: Error configuring Hibernate: " + e.getMessage());				
diff --git a/orkweb/src/net/sf/oreka/orkweb/OrkWeb.java b/orkweb/src/net/sf/oreka/orkweb/OrkWeb.java
new file mode 100644
index 0000000..e55a1e9
--- /dev/null
+++ b/orkweb/src/net/sf/oreka/orkweb/OrkWeb.java
@@ -0,0 +1,8 @@
+package net.sf.oreka.orkweb;
+
+import net.sf.oreka.HibernateManager;
+
+public class OrkWeb {
+
+	public static HibernateManager hibernateManager = new HibernateManager();
+}
diff --git a/orkweb/src/net/sf/oreka/pages/Home.java b/orkweb/src/net/sf/oreka/pages/Home.java
deleted file mode 100644
index 4cec56e..0000000
--- a/orkweb/src/net/sf/oreka/pages/Home.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Oreka -- A media capture and retrieval platform
- * 
- * Copyright (C) 2005, orecx LLC
- *
- * http://www.orecx.com
- *
- * This program is free software, distributed under the terms of
- * the GNU General Public License.
- * Please refer to http://www.gnu.org/copyleft/gpl.html
- *
- */
-
-package net.sf.oreka.pages;
-
-import net.sf.oreka.orkweb.ContextListener;
-
-import org.apache.tapestry.IRequestCycle;
-import org.apache.tapestry.html.BasePage;
-
-public abstract class Home extends BasePage {
-	
-	public abstract String getUsername();
-	public abstract void setUsername(String username);
-
-	public abstract String getPassword();
-	public abstract void setPassword(String password);
-	
-	//@Persist
-	public abstract String getErrorMessage();
-	public abstract void setErrorMessage(String msg);
-	
-	public Home() {
-
-	}
-
-	public void formSubmit(IRequestCycle cycle) {
-
-			if(		getUsername() != null && getPassword() != null && 
-					getUsername().equals("admin") && 
-					getPassword().equals("admin")			)
-			{
-				cycle.activate("RecSegments");
-			}
-			else if(ContextListener.debugSwitch == true) {
-				cycle.activate("RecSegments");
-			}
-			else {
-				setErrorMessage("Invalid login or password");
-			}
-	}
-}
diff --git a/orkweb/src/net/sf/oreka/pages/HomePage.java b/orkweb/src/net/sf/oreka/pages/HomePage.java
new file mode 100644
index 0000000..dc32314
--- /dev/null
+++ b/orkweb/src/net/sf/oreka/pages/HomePage.java
@@ -0,0 +1,69 @@
+/*
+ /*
+ * Oreka -- A media capture and retrieval platform
+ * 
+ * Copyright (C) 2005, orecx LLC
+ *
+ * http://www.orecx.com
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU General Public License.
+ * Please refer to http://www.gnu.org/copyleft/gpl.html
+ *
+ */
+
+package net.sf.oreka.pages;
+
+import net.sf.oreka.orkweb.ContextListener;
+import net.sf.oreka.persistent.User;
+import net.sf.oreka.services.UserServiceHbn;
+
+import org.apache.tapestry.IRequestCycle;
+import org.apache.tapestry.PageRedirectException;
+import org.apache.tapestry.annotations.Persist;
+import org.apache.tapestry.event.PageBeginRenderListener;
+import org.apache.tapestry.event.PageEvent;
+
+public abstract class HomePage extends OrkPage implements PageBeginRenderListener {
+	
+	static UserServiceHbn srv = new UserServiceHbn();
+	
+	public abstract String getUsername();
+	public abstract void setUsername(String username);
+
+	public abstract String getPassword();
+	public abstract void setPassword(String password);
+	
+	@Persist
+	public abstract String getErrorMessage();
+	public abstract void setErrorMessage(String msg);
+	
+	public HomePage() {
+
+	}
+
+	public void formSubmit(IRequestCycle cycle) {
+
+		if (ContextListener.debugSwitch == true && getUsername() == null) {
+			// In debug mode, make user = admin by default
+			setUsername("admin");
+		}
+		
+		User user = srv.login(getUsername(), getPassword());
+		if (user != null) {
+			getSessionStateObject().setUser(user);
+			cycle.activate("RecSegments");
+		}
+		else {
+			setErrorMessage("Invalid login or password");
+		}
+	}
+	
+	public void pageBeginRender(PageEvent event) {
+		
+		if(getSessionStateObject().getUser() != null) {
+			RecSegmentsPage pg = (RecSegmentsPage)getRequestCycle().getPage("RecSegments");	
+			throw new PageRedirectException(pg);	
+		}
+	}
+}
diff --git a/orkweb/src/net/sf/oreka/pages/OrkPage.java b/orkweb/src/net/sf/oreka/pages/OrkPage.java
new file mode 100644
index 0000000..3ffd40e
--- /dev/null
+++ b/orkweb/src/net/sf/oreka/pages/OrkPage.java
@@ -0,0 +1,15 @@
+package net.sf.oreka.pages;
+
+import org.apache.tapestry.IAsset;
+import org.apache.tapestry.annotations.Asset;
+import org.apache.tapestry.annotations.InjectState;
+import org.apache.tapestry.html.BasePage;
+
+public abstract class OrkPage extends BasePage
+{
+	 @InjectState("session-state-object")
+	  public abstract SessionStateObject getSessionStateObject();
+	 
+	  @Asset("css/orekastyle.css")
+	  public abstract IAsset getGlobalStylesheet();
+}
diff --git a/orkweb/src/net/sf/oreka/pages/ProtectedPage.java b/orkweb/src/net/sf/oreka/pages/ProtectedPage.java
new file mode 100644
index 0000000..dc2e79f
--- /dev/null
+++ b/orkweb/src/net/sf/oreka/pages/ProtectedPage.java
@@ -0,0 +1,21 @@
+package net.sf.oreka.pages;
+
+import org.apache.tapestry.PageRedirectException;
+import org.apache.tapestry.event.PageEvent;
+import org.apache.tapestry.event.PageValidateListener;
+
+
+public abstract class ProtectedPage extends OrkPage implements PageValidateListener
+{
+	public void pageValidate(PageEvent event)
+	{
+		if(getSessionStateObject().isUserLoggedIn()) {
+			return;	// Ok, all fine
+		}
+		// Need to authenticate user
+		HomePage home = (HomePage) getRequestCycle().getPage("Home");	
+		throw new PageRedirectException(home);
+		
+		// #### See if we can set a callback here
+	}
+}
\ No newline at end of file
diff --git a/orkweb/src/net/sf/oreka/pages/RecSegmentsPage.java b/orkweb/src/net/sf/oreka/pages/RecSegmentsPage.java
index f431c3c..d9f2f22 100644
--- a/orkweb/src/net/sf/oreka/pages/RecSegmentsPage.java
+++ b/orkweb/src/net/sf/oreka/pages/RecSegmentsPage.java
@@ -31,7 +31,7 @@ import org.apache.tapestry.event.PageEvent;
 import org.apache.tapestry.event.PageRenderListener;
 import org.apache.tapestry.html.BasePage;
 
-public abstract class RecSegmentsPage extends BasePage implements PageRenderListener {
+public abstract class RecSegmentsPage extends ProtectedPage implements PageRenderListener {
 
 	static Logger logger = Logger.getLogger(RecSegmentsPage.class);
 
diff --git a/orkweb/src/net/sf/oreka/pages/SessionStateObject.java b/orkweb/src/net/sf/oreka/pages/SessionStateObject.java
new file mode 100644
index 0000000..aba5f29
--- /dev/null
+++ b/orkweb/src/net/sf/oreka/pages/SessionStateObject.java
@@ -0,0 +1,26 @@
+package net.sf.oreka.pages;
+
+import net.sf.oreka.persistent.User;
+
+public class SessionStateObject {
+
+	private User user = null;
+	
+	public boolean isUserLoggedIn() {
+		if(user == null) {
+			return false;
+		}
+		return true;
+	}
+
+	public User getUser() {
+		return user;
+	}
+	
+
+	public void setUser(User user) {
+		this.user = user;
+	}
+	
+	
+}
diff --git a/orkweb/src/net/sf/oreka/services/RecSegmentServiceHbn.java b/orkweb/src/net/sf/oreka/services/RecSegmentServiceHbn.java
index 26a3746..03289f0 100644
--- a/orkweb/src/net/sf/oreka/services/RecSegmentServiceHbn.java
+++ b/orkweb/src/net/sf/oreka/services/RecSegmentServiceHbn.java
@@ -20,7 +20,7 @@ import java.text.SimpleDateFormat;
 import java.util.List;
 
 import net.sf.oreka.Direction;
-import net.sf.oreka.HibernateManager;
+import net.sf.oreka.orkweb.OrkWeb;
 import net.sf.oreka.persistent.RecSegment;
 
 import org.apache.log4j.Level;
@@ -92,7 +92,7 @@ public class RecSegmentServiceHbn implements RecSegmentService{
 		Session session = null;
 		try
 		{
-			session = HibernateManager.getSession();
+			session = OrkWeb.hibernateManager.getSession();
 
 			StringBuffer queryString = new StringBuffer("from RecSegment as seg left join seg.recTape as tape left join tape.service as srv ");
 			//StringBuffer queryString = new StringBuffer("from RecSegment as seg ");
diff --git a/orkweb/src/net/sf/oreka/services/UserService.java b/orkweb/src/net/sf/oreka/services/UserService.java
new file mode 100644
index 0000000..2ac4ff8
--- /dev/null
+++ b/orkweb/src/net/sf/oreka/services/UserService.java
@@ -0,0 +1,10 @@
+package net.sf.oreka.services;
+
+import net.sf.oreka.persistent.User;
+
+public interface UserService {
+
+	public User login(String username, String password);
+	public boolean changePassword(int userId, String oldPassword, String newPassword);
+	
+}
diff --git a/orkweb/src/net/sf/oreka/services/UserServiceHbn.java b/orkweb/src/net/sf/oreka/services/UserServiceHbn.java
new file mode 100644
index 0000000..f78947d
--- /dev/null
+++ b/orkweb/src/net/sf/oreka/services/UserServiceHbn.java
@@ -0,0 +1,102 @@
+package net.sf.oreka.services;
+
+import java.util.ArrayList;
+
+import net.sf.oreka.HibernateManager;
+import net.sf.oreka.orkweb.ContextListener;
+import net.sf.oreka.orkweb.OrkWeb;
+import net.sf.oreka.persistent.User;
+
+import org.apache.log4j.Level;
+import org.apache.log4j.Logger;
+import org.hibernate.HibernateException;
+import org.hibernate.Query;
+import org.hibernate.Session;
+import org.hibernate.Transaction;
+
+public class UserServiceHbn implements UserService {
+
+	static Logger logger = Logger.getLogger(UserServiceHbn.class);	
+	
+	public User login(String username, String password) {
+		
+		Session hbnSession = null;
+		User user = null;
+		
+		logger.debug("Trying to login user:" + username + " with passwd:" + password);
+		
+		try
+		{
+			hbnSession = OrkWeb.hibernateManager.getSession();
+			
+			String queryString = new String("from LoginString as ls left join ls.user as user where ls.loginString=:ls");
+			if (ContextListener.debugSwitch == false) {
+				queryString = queryString + " and user.password=:password";
+			}
+			Query query = hbnSession.createQuery(queryString);
+			query.setString("ls", username);
+			if (ContextListener.debugSwitch == false) {
+				query.setString("password", password);
+			}
+			ArrayList results = (ArrayList)query.list();
+			Object[] row = (Object[])query.uniqueResult();
+			if (row != null) {
+				user = (User)row[1];
+				logger.debug("Found userid:" + user.getId() + " for login string:" + username);
+			}
+		}
+		catch ( HibernateException he ) {
+			logger.error("login: exception:" + he.getClass().getName());
+		}
+		catch (Exception e)
+		{
+			logger.error("login: exception:", e);
+		}
+		finally {
+			if(hbnSession != null) {hbnSession.close();}
+		}
+		return user;
+	}
+
+	public boolean changePassword(int userId, String oldPassword, String newPassword) {
+		
+		Session hbnSession = null;
+		Transaction tx = null;
+		User user = null;
+		boolean success = false;
+		
+		logger.debug("Trying to change password for userid:" + userId);
+		
+		try
+		{
+			hbnSession = OrkWeb.hibernateManager.getSession();
+
+			
+			user = (User)hbnSession.get(User.class, userId);
+			if(user == null) {
+				logger.warn("Userid:" + userId + " does not exist");
+			}
+			else {
+				if(user.getPassword().equals(oldPassword)) {
+					tx = hbnSession.beginTransaction();
+					user.setPassword(newPassword);
+					hbnSession.save(user);
+					tx.commit();
+					success = true;
+					logger.debug("Changed password for userid:" + userId);
+				}
+			}
+		}
+		catch ( HibernateException he ) {
+			logger.error("changePassword: exception:" + he.getClass().getName());
+		}
+		catch (Exception e)
+		{
+			logger.error("changePassword: exception:", e);
+		}
+		finally {
+			if(hbnSession != null) {hbnSession.close();}
+		}
+		return success;		
+	}
+}