/*
    * $Id: LogonAction.java 471754 2006-11-06 14:55:09Z husted $
    *
    * Licensed to the Apache Software Foundation (ASF) under one
    * or more contributor license agreements.  See the NOTICE file
    * distributed with this work for additional information
    * regarding copyright ownership.  The ASF licenses this file
    * to you under the Apache License, Version 2.0 (the
    * "License"); you may not use this file except in compliance
   * with the License.  You may obtain a copy of the License at
   *
   *  http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing,
   * software distributed under the License is distributed on an
   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   * KIND, either express or implied.  See the License for the
   * specific language governing permissions and limitations
   * under the License.
   */
  
  
  package org.apache.struts.webapp.example2;
  
  
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import javax.servlet.http.HttpSession;
  import org.apache.commons.beanutils.PropertyUtils;
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
  import org.apache.struts.action.Action;
  import org.apache.struts.action.ActionMessage;
  import org.apache.struts.action.ActionErrors;
  import org.apache.struts.action.ActionForm;
  import org.apache.struts.action.ActionForward;
  import org.apache.struts.action.ActionMapping;
  import org.apache.struts.util.ModuleException;
  
  
  /**
   * Implementation of <strong>Action</strong> that validates a user logon.
   *
   * @author Craig R. McClanahan
   * @version $Rev: 471754 $ $Date: 2006-11-06 08:55:09 -0600 (Mon, 06 Nov 2006) $
   */
  
  public final class LogonAction extends Action {
  
  
      // ----------------------------------------------------- Instance Variables
  
  
      /**
       * The <code>Log</code> instance for this application.
       */
      private Log log =
          LogFactory.getLog("org.apache.struts.webapp.Example");
  
  
      // --------------------------------------------------------- Public Methods
  
  
      /**
       * Process the specified HTTP request, and create the corresponding HTTP
       * response (or forward to another web component that will create it).
       * Return an <code>ActionForward</code> instance describing where and how
       * control should be forwarded, or <code>null</code> if the response has
       * already been completed.
       *
       * @param mapping The ActionMapping used to select this instance
       * @param form The optional ActionForm bean for this request (if any)
       * @param request The HTTP request we are processing
       * @param response The HTTP response we are creating
       *
       * @exception Exception if business logic throws an exception
       */
      public ActionForward execute(ActionMapping mapping,
                   ActionForm form,
                   HttpServletRequest request,
                   HttpServletResponse response)
      throws Exception {
  
      // Extract attributes we will need
      User user = null;
  
      // Validate the request parameters specified by the user
      ActionErrors errors = new ActionErrors();
      String username = (String)
              PropertyUtils.getSimpleProperty(form, "username");
          String password = (String)
              PropertyUtils.getSimpleProperty(form, "password");
      UserDatabase database = (UserDatabase)
        servlet.getServletContext().getAttribute(Constants.DATABASE_KEY);
      if (database == null)
              errors.add(ActionErrors.GLOBAL_MESSAGE,
                         new ActionMessage("error.database.missing"));
      else {
          user = getUser(database, username);
         if ((user != null) && !user.getPassword().equals(password))
         user = null;
         if (user == null)
                 errors.add(ActionErrors.GLOBAL_MESSAGE,
                            new ActionMessage("error.password.mismatch"));
     }
 
     // Report any errors we have discovered back to the original form
     if (!errors.isEmpty()) {
         saveErrors(request, errors);
             return (mapping.getInputForward());
     }
 
     // Save our logged-in user in the session
     HttpSession session = request.getSession();
     session.setAttribute(Constants.USER_KEY, user);
         if (log.isDebugEnabled()) {
             log.debug("LogonAction: User '" + user.getUsername() +
                       "' logged on in session " + session.getId());
         }
 
         // Remove the obsolete form bean
     if (mapping.getAttribute() != null) {
             if ("request".equals(mapping.getScope()))
                 request.removeAttribute(mapping.getAttribute());
             else
                 session.removeAttribute(mapping.getAttribute());
         }
 
     // Forward control to the specified success URI
     return (mapping.findForward("success"));
 
     }
 
 
     // ------------------------------------------------------ Protected Methods
 
 
     /**
      * Look up the user, throwing an exception to simulate business logic
      * rule exceptions.
      *
      * @param database Database in which to look up the user
      * @param username Username specified on the logon form
      *
      * @exception AppException if a business logic rule is violated
      */
     public User getUser(UserDatabase database, String username)
         throws ModuleException {
 
         // Force an ArithmeticException which can be handled explicitly
         if ("arithmetic".equals(username)) {
             throw new ArithmeticException();
         }
 
         // Force an application-specific exception which can be handled
         if ("expired".equals(username)) {
             throw new ExpiredPasswordException(username);
         }
 
         // Look up and return the specified user
         return (database.findUser(username));
 
     }
 
 
 }