code.grnet.gr Git - pithos/blob - src/gr/ebs/gss/server/Registration.java

   1 /*
   2  * Copyright 2010 Electronic Business Systems Ltd.
   3  *
   4  * This file is part of GSS.
   5  *
   6  * GSS is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * GSS is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with GSS.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19 package gr.ebs.gss.server;
  20
  21 import static gr.ebs.gss.server.configuration.GSSConfigurationFactory.getConfiguration;
  22 import gr.ebs.gss.client.exceptions.DuplicateNameException;
  23 import gr.ebs.gss.client.exceptions.ObjectNotFoundException;
  24 import gr.ebs.gss.client.exceptions.RpcException;
  25 import gr.ebs.gss.server.domain.User;
  26 import gr.ebs.gss.server.domain.dto.UserDTO;
  27 import gr.ebs.gss.server.ejb.ExternalAPI;
  28 import gr.ebs.gss.server.ejb.TransactionHelper;
  29
  30 import java.io.IOException;
  31 import java.net.URLEncoder;
  32 import java.util.concurrent.Callable;
  33
  34 import javax.naming.Context;
  35 import javax.naming.InitialContext;
  36 import javax.naming.NamingException;
  37 import javax.rmi.PortableRemoteObject;
  38 import javax.servlet.http.HttpServlet;
  39 import javax.servlet.http.HttpServletRequest;
  40 import javax.servlet.http.HttpServletResponse;
  41
  42 import org.apache.commons.logging.Log;
  43 import org.apache.commons.logging.LogFactory;
  44
  45 /**
  46  * The servlet that handles user registration.
  47  *
  48  * @author past
  49  */
  50 public class Registration extends HttpServlet {
  51         /**
  52          * The request parameter name for the acceptance flag.
  53          */
  54         private static final String ACCEPT_PARAM = "accept";
  55
  56         /**
  57          * The request parameter name for the name.
  58          */
  59         private static final String NAME_PARAM = "name";
  60
  61         /**
  62          * The request parameter name for the username.
  63          */
  64         private static final String USERNAME_PARAM = "username";
  65
  66         /**
  67          * The request parameter name for the e-mail.
  68          */
  69         private static final String EMAIL_PARAM = "email";
  70
  71         /**
  72          * The request parameter name for the password.
  73          */
  74         private static final String PASSWORD_PARAM = "password";
  75
  76         /**
  77          * The request parameter name for the password confirmation.
  78          */
  79         private static final String PASSWORD2_PARAM = "password2";
  80
  81         /**
  82          * The serial version UID of the class.
  83          */
  84         private static final long serialVersionUID = 1L;
  85
  86         /**
  87          * The logger.
  88          */
  89         private static Log logger = LogFactory.getLog(Registration.class);
  90
  91         /**
  92          * A helper method that retrieves a reference to the ExternalAPI bean and
  93          * stores it for future use.
  94          *
  95          * @return an ExternalAPI instance
  96          * @throws RpcException in case an error occurs
  97          */
  98         private ExternalAPI getService() throws RpcException {
  99                 try {
 100                         final Context ctx = new InitialContext();
 101                         final Object ref = ctx.lookup(getConfiguration().getString("externalApiPath"));
 102                         return (ExternalAPI) PortableRemoteObject.narrow(ref, ExternalAPI.class);
 103                 } catch (final NamingException e) {
 104                         logger.error("Unable to retrieve the ExternalAPI EJB", e);
 105                         throw new RpcException("An error occurred while contacting the naming service");
 106                 }
 107         }
 108
 109         @Override
 110         public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
 111                 if (getConfiguration().getBoolean("onlyRegisterWithCode"))
 112                         response.sendRedirect("invites.jsp");
 113                 else
 114                         response.sendRedirect("register.jsp");
 115         }
 116
 117         @Override
 118         public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
 119                 final String name = request.getParameter(NAME_PARAM);
 120                 final String email = request.getParameter(EMAIL_PARAM);
 121                 final String username = request.getParameter(USERNAME_PARAM);
 122                 String password = request.getParameter(PASSWORD_PARAM);
 123                 String password2 = request.getParameter(PASSWORD2_PARAM);
 124                 String accept = request.getParameter(ACCEPT_PARAM);
 125                 response.setContentType("text/html");
 126
 127                 // Validate input parameters.
 128                 if (username == null || username.isEmpty()) {
 129                         String error = URLEncoder.encode("No username was specified", "UTF-8");
 130                         String errorUrl = "register.jsp?username=&error=" + error;
 131                         errorUrl += "&name=" + (name == null? "": name);
 132                         errorUrl += "&email=" + (email == null? "": email);
 133                         response.sendRedirect(errorUrl);
 134                         return;
 135                 } else if (name == null || name.isEmpty()) {
 136                         String error = URLEncoder.encode("No name was specified", "UTF-8");
 137                         String errorUrl = "register.jsp?name=&error=" + error;
 138                         errorUrl += "&username=" + username;
 139                         errorUrl += "&email=" + (email == null? "": email);
 140                         response.sendRedirect(errorUrl);
 141                         return;
 142                 } else if (email == null || email.isEmpty()) {
 143                         String error = URLEncoder.encode("No e-mail was specified", "UTF-8");
 144                         String errorUrl = "register.jsp?email=&error=" + error;
 145                         errorUrl += "&username=" + username;
 146                         errorUrl += "&name=" + name;
 147                         response.sendRedirect(errorUrl);
 148                         return;
 149                 } else if (password == null || password.isEmpty()) {
 150                         String error = URLEncoder.encode("No password was specified", "UTF-8");
 151                         String errorUrl = "register.jsp?error=" + error;
 152                         errorUrl += "&username=" + username;
 153                         errorUrl += "&name=" + name;
 154                         errorUrl += "&email=" + email;
 155                         response.sendRedirect(errorUrl);
 156                         return;
 157                 } else if (!password.equals(password2)) {
 158                         String error = URLEncoder.encode("Passwords do not match", "UTF-8");
 159                         String errorUrl = "register.jsp?error=" + error;
 160                         errorUrl += "&username=" + username;
 161                         errorUrl += "&name=" + name;
 162                         errorUrl += "&email=" + email;
 163                         response.sendRedirect(errorUrl);
 164                         return;
 165                 } else if (!"on".equalsIgnoreCase(accept)) {
 166                         String error = URLEncoder.encode("You must accept the terms and conditions", "UTF-8");
 167                         String errorUrl = "register.jsp?error=" + error;
 168                         errorUrl += "&username=" + username;
 169                         errorUrl += "&name=" + name;
 170                         errorUrl += "&email=" + email;
 171                         response.sendRedirect(errorUrl);
 172                         return;
 173                 }
 174
 175                 User user = null;
 176                 try {
 177                         user = getService().findUser(username);
 178                         if (user != null) {
 179                                 String error = URLEncoder.encode("The username already exists", "UTF-8");
 180                                 String errorUrl = "register.jsp?username=&error=" + error;
 181                                 errorUrl += "&name=" + name;
 182                                 errorUrl += "&email=" + email;
 183                                 response.sendRedirect(errorUrl);
 184                                 return;
 185                         }
 186                         try {
 187                                 getService().createLdapUser(username, name, email, password);
 188                         } catch (Exception exc) {
 189                                 String error = "An error occurred while communicating with the Shibboleth IdP";
 190                                 logger.error(error, exc);
 191                                 response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, error);
 192                                 return;
 193                         }
 194                         final UserDTO userDto = new TransactionHelper<UserDTO>().tryExecute(new Callable<UserDTO>() {
 195                                 @Override
 196                                 public UserDTO call() throws Exception {
 197                                         return getService().createUser(username, name, email, "", "").getDTO();
 198                                 }
 199
 200                         });
 201                         new TransactionHelper<Void>().tryExecute(new Callable<Void>() {
 202                                 @Override
 203                                 public Void call() throws Exception {
 204                                         getService().updateUserPolicyAcceptance(userDto.getId(), true);
 205                                         return null;
 206                                 }
 207
 208                         });
 209                         response.sendRedirect("registered.jsp");
 210                 } catch (RpcException e) {
 211                         String error = "An error occurred while communicating with the service";
 212                         logger.error(error, e);
 213                         response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, error);
 214                 } catch (DuplicateNameException e) {
 215                         // Can't happen, but this is more user-friendly than an assert.
 216                         String error = URLEncoder.encode("The username already exists", "UTF-8");
 217                         String errorUrl = "register.jsp?username=&name=&email=&error=" + error;
 218                         response.sendRedirect(errorUrl);
 219                 } catch (ObjectNotFoundException e) {
 220                         // Can't happen, but this is more user-friendly than an assert.
 221                         String error = URLEncoder.encode("No username or name was specified", "UTF-8");
 222                         String errorUrl = "register.jsp?username=&name=&email=&error=" + error;
 223                         response.sendRedirect(errorUrl);
 224                 } catch (Exception e) {
 225                         // TODO Auto-generated catch block
 226                         e.printStackTrace();
 227                 }
 228         }
 229 }