You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@turbine.apache.org by "Shaw, Nathan (HQ-LD070)[InDyne, Inc]" <na...@nasa.gov> on 2008/01/31 14:35:12 UTC
user is nulled out on login attempt
Hi all,
I am writing my own login action and need to be able to check to see if a user is already logged in when the action is called. If they are, I want to skip the login stuff to preserve their session. However, every single time that the login action is called, the User object is coming back NULL.
Here is a code snippet. Does anyone have any idea WHY the user is coming back NULL? I assume something is happening in Turbine somewhere that wipes the User on a login attempt or something?
public class OutageCalLoginUser extends LoginUser {
public void doPerform( RunData data, Context context) throws Exception {
String uname ;
String passwd ;
System.out.println("doPerform(data, context)");
if ( data.getUserFromSession() == null ){
System.out.println("user from session is null");
}else{
System.out.println("user from session is NOT null");
}
if(data.getUser() == null){
System.out.println("user is null");
}else{
System.out.println("user is NOT null");
if(data.getUser().hasLoggedIn()){
System.out.println("user is logged in");
}else{
System.out.println("user is NOT logged in");
}
}
if((data.getUser() == null) || (data.getUser() != null && data.getUser().hasLoggedIn() == false)){
try {
SymEncDec enc = SymEncDec.getInstance();
// Username/password = username/pswd coming through front door.
// User coming from elsewhere will have neither username nor pswd.
String username = data.getParameters().get("username");
String pswd = data.getParameters().get("password");
// If username exists, user came in the front door.
if (username != null && username.length()>0) {
uname = username;
passwd = pswd;
}else {
uname = "guest";
String encryptedPasswd = TurbineResources.getString("guest.credential");
passwd = encryptedPasswd;
//enc.decodeBase64Decrypt(encryptedPasswd);
}
// Log the user in
doLogin(data, uname, passwd);
try {
Utils.getUserID(data);
}
catch (NullPointerException npe) {
throw new TurbineSecurityException("Bad username or password, I say!");
}
}
catch ( TurbineSecurityException se ) {
badUserOrPassword(se, data);
}
catch (Exception e) {
throw new PortalVelocityException(e.getMessage()==null?": "+e.getMessage():e.getMessage(),
e.getCause()==null?e:e.getCause(), data);
}
}
}
}
RE: user is nulled out on login attempt
Posted by "Shaw, Nathan (HQ-LD070)[InDyne, Inc]" <na...@nasa.gov>.
Hi Peter,
We are actually using 2.1. I know we should upgrade, but we are planning a complete revamp of the app in 6 months.
I was actually looking at the SessionValidator class when your email arrived. However, I am not sure where to begin in trying to use it. According to the docs, "This action is special in that it should only be executed by the Turbine servlet." So, I guess I would have to extend it and then set the value of that class in my TRProps file?
Thanks for the help.
--Nathan
-----Original Message-----
From: Peter Courcoux [mailto:peter@courcoux.biz]
Sent: Thu 1/31/2008 8:56 AM
To: Turbine Users List
Subject: Re: user is nulled out on login attempt
Hi Nathan,
I assume that you are using Turbine 2.3.x.
I may be wrong and I don't have the code to hand at the moment, but I
suspect that you might need to look at the SessionValidator which is
called before you get to the login page.
The SessionValidator is pluggable if you need to modify it.
I hope that this helps.
Regards,
Peter
Shaw, Nathan (HQ-LD070)[InDyne, Inc] wrote:
> Hi all,
>
> I am writing my own login action and need to be able to check to see if a user is already logged in when the action is called. If they are, I want to skip the login stuff to preserve their session. However, every single time that the login action is called, the User object is coming back NULL.
>
> Here is a code snippet. Does anyone have any idea WHY the user is coming back NULL? I assume something is happening in Turbine somewhere that wipes the User on a login attempt or something?
>
>
> public class OutageCalLoginUser extends LoginUser {
>
> public void doPerform( RunData data, Context context) throws Exception {
> String uname ;
> String passwd ;
>
> System.out.println("doPerform(data, context)");
> if ( data.getUserFromSession() == null ){
> System.out.println("user from session is null");
> }else{
> System.out.println("user from session is NOT null");
> }
>
> if(data.getUser() == null){
> System.out.println("user is null");
> }else{
> System.out.println("user is NOT null");
> if(data.getUser().hasLoggedIn()){
> System.out.println("user is logged in");
> }else{
> System.out.println("user is NOT logged in");
> }
> }
>
>
> if((data.getUser() == null) || (data.getUser() != null && data.getUser().hasLoggedIn() == false)){
>
> try {
> SymEncDec enc = SymEncDec.getInstance();
>
> // Username/password = username/pswd coming through front door.
> // User coming from elsewhere will have neither username nor pswd.
> String username = data.getParameters().get("username");
> String pswd = data.getParameters().get("password");
>
> // If username exists, user came in the front door.
> if (username != null && username.length()>0) {
> uname = username;
> passwd = pswd;
> }else {
> uname = "guest";
> String encryptedPasswd = TurbineResources.getString("guest.credential");
> passwd = encryptedPasswd;
> //enc.decodeBase64Decrypt(encryptedPasswd);
> }
> // Log the user in
> doLogin(data, uname, passwd);
>
> try {
> Utils.getUserID(data);
> }
> catch (NullPointerException npe) {
> throw new TurbineSecurityException("Bad username or password, I say!");
> }
>
> }
> catch ( TurbineSecurityException se ) {
> badUserOrPassword(se, data);
> }
> catch (Exception e) {
> throw new PortalVelocityException(e.getMessage()==null?": "+e.getMessage():e.getMessage(),
> e.getCause()==null?e:e.getCause(), data);
> }
>
> }
> }
>
> }
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
Re: user is nulled out on login attempt
Posted by Peter Courcoux <pe...@courcoux.biz>.
Hi Nathan,
I assume that you are using Turbine 2.3.x.
I may be wrong and I don't have the code to hand at the moment, but I
suspect that you might need to look at the SessionValidator which is
called before you get to the login page.
The SessionValidator is pluggable if you need to modify it.
I hope that this helps.
Regards,
Peter
Shaw, Nathan (HQ-LD070)[InDyne, Inc] wrote:
> Hi all,
>
> I am writing my own login action and need to be able to check to see if a user is already logged in when the action is called. If they are, I want to skip the login stuff to preserve their session. However, every single time that the login action is called, the User object is coming back NULL.
>
> Here is a code snippet. Does anyone have any idea WHY the user is coming back NULL? I assume something is happening in Turbine somewhere that wipes the User on a login attempt or something?
>
>
> public class OutageCalLoginUser extends LoginUser {
>
> public void doPerform( RunData data, Context context) throws Exception {
> String uname ;
> String passwd ;
>
> System.out.println("doPerform(data, context)");
> if ( data.getUserFromSession() == null ){
> System.out.println("user from session is null");
> }else{
> System.out.println("user from session is NOT null");
> }
>
> if(data.getUser() == null){
> System.out.println("user is null");
> }else{
> System.out.println("user is NOT null");
> if(data.getUser().hasLoggedIn()){
> System.out.println("user is logged in");
> }else{
> System.out.println("user is NOT logged in");
> }
> }
>
>
> if((data.getUser() == null) || (data.getUser() != null && data.getUser().hasLoggedIn() == false)){
>
> try {
> SymEncDec enc = SymEncDec.getInstance();
>
> // Username/password = username/pswd coming through front door.
> // User coming from elsewhere will have neither username nor pswd.
> String username = data.getParameters().get("username");
> String pswd = data.getParameters().get("password");
>
> // If username exists, user came in the front door.
> if (username != null && username.length()>0) {
> uname = username;
> passwd = pswd;
> }else {
> uname = "guest";
> String encryptedPasswd = TurbineResources.getString("guest.credential");
> passwd = encryptedPasswd;
> //enc.decodeBase64Decrypt(encryptedPasswd);
> }
> // Log the user in
> doLogin(data, uname, passwd);
>
> try {
> Utils.getUserID(data);
> }
> catch (NullPointerException npe) {
> throw new TurbineSecurityException("Bad username or password, I say!");
> }
>
> }
> catch ( TurbineSecurityException se ) {
> badUserOrPassword(se, data);
> }
> catch (Exception e) {
> throw new PortalVelocityException(e.getMessage()==null?": "+e.getMessage():e.getMessage(),
> e.getCause()==null?e:e.getCause(), data);
> }
>
> }
> }
>
> }
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
Re: user is nulled out on login attempt
Posted by Bart Selders <ba...@ibanx.nl>.
Hi,
There is a SessionService available that is able to keep track of active
HTTP sessions.
See
http://turbine.apache.org/turbine/development/turbine-2.3/apidocs/org/apache/turbine/services/session/TurbineSessionService.html
You need to configure it in your web.xml as well.
In combination with a custom SessionValidator and/or custom LoginAction
you can easily check if an user is not logged in twice.
Cheers,
Bart
Jeffery Painter wrote:
> hmm... If this is the case, then I recall this was asked/addressed a few
> years back. I would look through the archives again (looking specifically
> for detecting more than one active login) - it seems someone wrote a tool
> to handle just that (or maybe it was in the 2.4 tree) -- maybe some of the
> other old timers can remember better than I.
>
>
> --
> Jeffery Painter
>
>
>
>> Hi,
>>
>> When you say "already logged in" - do you want to check if the user is
>> logged in from another computer ? If that is the case, your user object
>> WILL
>> NOT show up in the session for the current browser.
>>
>> To implement this functionality, you will have to keep track of logged in
>> users through some separate mechanism (like say a HashSet into which you
>> add
>> any new user that logs in - first check if the user is present in the
>> HashSet, and if so direct them to a page that says they're already logged
>> in, otherwise log them in and add them to this HashSet) .
>>
>> You would also need to keep track of when a user logs out and when a
>> session
>> times out, so that you can remove the user from this HashSet when either
>> of
>> these occur. Check out the HttpSessionBindingListener interface. The
>> easiest
>> way is for your User object to implement this interface and Add / Remove
>> itself from the HashSet when the valueBound() / valueUnbound() methods are
>> called respectively.
>>
>> BK
>>
>>
>> On Feb 1, 2008 12:40 AM, Shaw, Nathan (HQ-LD070)[InDyne, Inc] <
>> nathan.shaw-1@nasa.gov> wrote:
>>
>>
>>> Thanks Jeffrey,
>>>
>>> The problem is not in logging a user in... the action I have is doing
>>> that
>>> just fine. The problem is when you try to detect if a user calling the
>>> login
>>> action is ALREADY logged in or not (in this case, we have guest users
>>> coming
>>> in from another site).
>>>
>>> I want to make it so if the user is already logged in, it does not log
>>> them in again. However, when I test the User returned in the doperform()
>>> method in my login action, it is always NULL. It appears that something
>>> up
>>> the chain is wiping the User object and the session.
>>>
>>> --Nathan
>>>
>>>
>>> -----Original Message-----
>>> From: Jeffery Painter [mailto:painter@kiasoft.com]
>>> Sent: Thu 1/31/2008 1:08 PM
>>> To: Turbine Users List
>>> Subject: RE: user is nulled out on login attempt
>>>
>>>
>>> I had used Turbine to build a prototype of an electronic health record
>>> system.
>>>
>>> I can't remember if we were using Turbine 2.1 or 2.2 but I have my
>>> custom
>>> login action is here:
>>>
>>>
>>> http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/edu/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup
>>>
>>> Maybe that will give you some insight... it worked last time I ran the
>>> code but that was Dec 2006...
>>>
>>> Hope it helps
>>>
>>> --
>>> Jeffery Painter
>>> Knowledge Engineer
>>> Semantic Technologies Group
>>> Statistical and Quantitative Sciences
>>> GlaxoSmithKline Research and Development
>>>
>>>
>>>
>>>> I don't get that. The test is if the user is NOT null.
>>>>
>>>> Anyway, it does work. I took it from my SNA login code (our first
>>>> Turbine project.)
>>>>
>>>> -----Original Message-----
>>>> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>>>> [mailto:nathan.shaw-1@nasa.gov]
>>>> Sent: Thursday, January 31, 2008 12:17 PM
>>>> To: Turbine Users List
>>>> Subject: RE: user is nulled out on login attempt
>>>>
>>>> I don't think that will work because that will mean that the user is
>>>> null and is not logged in at all. It will actually probably be caught
>>>>
>>> by
>>>
>>>> the SessionValidator and just take them back to the login page.
>>>>
>>>> I am actually checking the User object and outputting whether it is
>>>>
>>> null
>>>
>>>> or not in the login action. I tried both getUser() and
>>>> getUserFromSession() and they are both NULL every single time a login
>>>>
>>> is
>>>
>>>> attempted. Something up the chain is clearing all of that out before
>>>>
>>> the
>>>
>>>> login occurs.
>>>>
>>>> --Nathan
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
>>>> [mailto:bruce.altner-1@nasa.gov]
>>>> Sent: Thu 1/31/2008 9:29 AM
>>>> To: Turbine Users List
>>>> Subject: RE: user is nulled out on login attempt
>>>>
>>>> How about just doing this, early in the Login action doPerform method
>>>> (first thing?):
>>>>
>>>>
>>>> if ( data.getUserFromSession() != null )
>>>> {
>>>> return;
>>>> }
>>>>
>>>>
>>>> Bruce
>>>>
>>>> -----Original Message-----
>>>> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>>>> [mailto:nathan.shaw-1@nasa.gov]
>>>> Sent: Thursday, January 31, 2008 8:35 AM
>>>> To: user@turbine.apache.org
>>>> Subject: user is nulled out on login attempt
>>>>
>>>>
>>>> Hi all,
>>>>
>>>> I am writing my own login action and need to be able to check to see
>>>>
>>> if
>>>
>>>> a user is already logged in when the action is called. If they are, I
>>>> want to skip the login stuff to preserve their session. However, every
>>>> single time that the login action is called, the User object is coming
>>>> back NULL.
>>>>
>>>> Here is a code snippet. Does anyone have any idea WHY the user is
>>>>
>>> coming
>>>
>>>> back NULL? I assume something is happening in Turbine somewhere that
>>>> wipes the User on a login attempt or something?
>>>>
>>>>
>>>> public class OutageCalLoginUser extends LoginUser {
>>>>
>>>> public void doPerform( RunData data, Context context) throws Exception
>>>>
>>> {
>>>
>>>> String uname ;
>>>> String passwd ;
>>>>
>>>> System.out.println("doPerform(data, context)");
>>>> if ( data.getUserFromSession() == null ){
>>>> System.out.println("user from session is null");
>>>> }else{
>>>> System.out.println("user from session is NOT null");
>>>> }
>>>>
>>>> if(data.getUser() == null){
>>>> System.out.println("user is null");
>>>> }else{
>>>> System.out.println("user is NOT null");
>>>> if(data.getUser().hasLoggedIn()){
>>>> System.out.println("user is logged in");
>>>> }else{
>>>> System.out.println("user is NOT logged in");
>>>> }
>>>> }
>>>>
>>>>
>>>> if((data.getUser() == null) || (data.getUser() != null &&
>>>> data.getUser().hasLoggedIn() == false)){
>>>>
>>>> try {
>>>> SymEncDec enc = SymEncDec.getInstance();
>>>>
>>>> // Username/password = username/pswd coming through front
>>>> door.
>>>> // User coming from elsewhere will have neither username
>>>> nor pswd.
>>>> String username = data.getParameters().get("username");
>>>> String pswd = data.getParameters().get("password");
>>>>
>>>> // If username exists, user came in the front door.
>>>> if (username != null && username.length()>0) {
>>>> uname = username;
>>>> passwd = pswd;
>>>> }else {
>>>> uname = "guest";
>>>> String encryptedPasswd =
>>>> TurbineResources.getString("guest.credential");
>>>> passwd = encryptedPasswd;
>>>> //enc.decodeBase64Decrypt(encryptedPasswd);
>>>> }
>>>> // Log the user in
>>>> doLogin(data, uname, passwd);
>>>>
>>>> try {
>>>> Utils.getUserID(data);
>>>> }
>>>> catch (NullPointerException npe) {
>>>> throw new TurbineSecurityException("Bad username or
>>>> password, I say!");
>>>> }
>>>>
>>>> }
>>>> catch ( TurbineSecurityException se ) {
>>>> badUserOrPassword(se, data);
>>>> }
>>>> catch (Exception e) {
>>>> throw new PortalVelocityException(e.getMessage()=ull?":
>>>> "+e.getMessage():e.getMessage(),
>>>> e.getCause()=ull?e:e.getCause(), data);
>>>> }
>>>>
>>>> }
>>>> }
>>>>
>>>> }
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>>>> For additional commands, e-mail: user-help@turbine.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>>>> For additional commands, e-mail: user-help@turbine.apache.org
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>>> For additional commands, e-mail: user-help@turbine.apache.org
>>>
>>>
>>>
>>>
>>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
>
>
*************************************************************************
The information contained in this communication is confidential and is intended solely for the use of the individual or entity to whom it is addressed.You should not copy, disclose or distribute this communication without the authority of iBanx bv. iBanx bv is neither liable for the proper and complete transmission of the information has been maintained nor that the communication is free of viruses, interceptions or interference.
If you are not the intended recipient of this communication please return the communication to the sender and delete and destroy all copies.
Re: user is nulled out on login attempt
Posted by Bruce Altner <br...@nasa.gov>.
Nte:
I was looking at a clas I'd written for SNA (SNALogin.java, clever name,
huh?) which authenticated against the ACE server (token-based). Here is a
comment from that file for the javadoc:
* <p><em>Note: Turbine clears the session before calling this
* method</em></p>
I also took up your challenge when I had time this afternoon and built the
outage calendar locally and you are right...my code snippet which was
supposed to exit the method if data.getUserFromSession() != null failed to
solve the problem, so I think you are right, this happens "higher up" in the
framework.
I can't shake the memory that I solved this already (SNA) but it's not
readily apparent fom the code how I did this. Maybe I never did and only
wished that I had!
Bruce
On 1/31/08 7:24 PM, "Shaw, Nathan (HQ-LD070)[InDyne, Inc]"
<na...@nasa.gov> wrote:
> Yeah, I saw that post about tracking multiple sessions. Unfortunately, that is
> not what I want. I simply want to check if the user is logged in on the same
> machine. I am not worried about tracking multiple sessions.
>
> For some reason, when a new login attempt is made, Turbine is clearing the
> User object and session. I basically want to be able to check to see if the
> user is already logged in when they access the login action. If they are, skip
> the login, as they are already logged in. If not, try to log them in.
>
>
>
>
> -----Original Message-----
> From: Jeffery Painter [mailto:painter@kiasoft.com]
> Sent: Thu 1/31/2008 6:03 PM
> To: Turbine Users List
> Subject: Re: user is nulled out on login attempt
>
>
> hmm... If this is the case, then I recall this was asked/addressed a few
> years back. I would look through the archives again (looking specifically
> for detecting more than one active login) - it seems someone wrote a tool
> to handle just that (or maybe it was in the 2.4 tree) -- maybe some of the
> other old timers can remember better than I.
>
>
> --
> Jeffery Painter
>
>
>> Hi,
>>
>> When you say "already logged in" - do you want to check if the user is
>> logged in from another computer ? If that is the case, your user object
>> WILL
>> NOT show up in the session for the current browser.
>>
>> To implement this functionality, you will have to keep track of logged in
>> users through some separate mechanism (like say a HashSet into which you
>> add
>> any new user that logs in - first check if the user is present in the
>> HashSet, and if so direct them to a page that says they're already logged
>> in, otherwise log them in and add them to this HashSet) .
>>
>> You would also need to keep track of when a user logs out and when a
>> session
>> times out, so that you can remove the user from this HashSet when either
>> of
>> these occur. Check out the HttpSessionBindingListener interface. The
>> easiest
>> way is for your User object to implement this interface and Add / Remove
>> itself from the HashSet when the valueBound() / valueUnbound() methods are
>> called respectively.
>>
>> BK
>>
>>
>> On Feb 1, 2008 12:40 AM, Shaw, Nathan (HQ-LD070)[InDyne, Inc] <
>> nathan.shaw-1@nasa.gov> wrote:
>>
>>> Thanks Jeffrey,
>>>
>>> The problem is not in logging a user in... the action I have is doing
>>> that
>>> just fine. The problem is when you try to detect if a user calling the
>>> login
>>> action is ALREADY logged in or not (in this case, we have guest users
>>> coming
>>> in from another site).
>>>
>>> I want to make it so if the user is already logged in, it does not log
>>> them in again. However, when I test the User returned in the doperform()
>>> method in my login action, it is always NULL. It appears that something
>>> up
>>> the chain is wiping the User object and the session.
>>>
>>> --Nathan
>>>
>>>
>>> -----Original Message-----
>>> From: Jeffery Painter [mailto:painter@kiasoft.com]
>>> Sent: Thu 1/31/2008 1:08 PM
>>> To: Turbine Users List
>>> Subject: RE: user is nulled out on login attempt
>>>
>>>
>>> I had used Turbine to build a prototype of an electronic health record
>>> system.
>>>
>>> I can't remember if we were using Turbine 2.1 or 2.2 but I have my
>>> custom
>>> login action is here:
>>>
>>>
>>> http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/ed
>>> u/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content
>>> -type=text/vnd.viewcvs-markup
>>>
>>> Maybe that will give you some insight... it worked last time I ran the
>>> code but that was Dec 2006...
>>>
>>> Hope it helps
>>>
>>> --
>>> Jeffery Painter
>>> Knowledge Engineer
>>> Semantic Technologies Group
>>> Statistical and Quantitative Sciences
>>> GlaxoSmithKline Research and Development
>>>
>>>
>>>> I don't get that. The test is if the user is NOT null.
>>>>
>>>> Anyway, it does work. I took it from my SNA login code (our first
>>>> Turbine project.)
>>>>
>>>> -----Original Message-----
>>>> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>>>> [mailto:nathan.shaw-1@nasa.gov]
>>>> Sent: Thursday, January 31, 2008 12:17 PM
>>>> To: Turbine Users List
>>>> Subject: RE: user is nulled out on login attempt
>>>>
>>>> I don't think that will work because that will mean that the user is
>>>> null and is not logged in at all. It will actually probably be caught
>>> by
>>>> the SessionValidator and just take them back to the login page.
>>>>
>>>> I am actually checking the User object and outputting whether it is
>>> null
>>>> or not in the login action. I tried both getUser() and
>>>> getUserFromSession() and they are both NULL every single time a login
>>> is
>>>> attempted. Something up the chain is clearing all of that out before
>>> the
>>>> login occurs.
>>>>
>>>> --Nathan
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
>>>> [mailto:bruce.altner-1@nasa.gov]
>>>> Sent: Thu 1/31/2008 9:29 AM
>>>> To: Turbine Users List
>>>> Subject: RE: user is nulled out on login attempt
>>>>
>>>> How about just doing this, early in the Login action doPerform method
>>>> (first thing?):
>>>>
>>>>
>>>> if ( data.getUserFromSession() != null )
>>>> {
>>>> return;
>>>> }
>>>>
>>>>
>>>> Bruce
>>>>
>>>> -----Original Message-----
>>>> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>>>> [mailto:nathan.shaw-1@nasa.gov]
>>>> Sent: Thursday, January 31, 2008 8:35 AM
>>>> To: user@turbine.apache.org
>>>> Subject: user is nulled out on login attempt
>>>>
>>>>
>>>> Hi all,
>>>>
>>>> I am writing my own login action and need to be able to check to see
>>> if
>>>> a user is already logged in when the action is called. If they are, I
>>>> want to skip the login stuff to preserve their session. However, every
>>>> single time that the login action is called, the User object is coming
>>>> back NULL.
>>>>
>>>> Here is a code snippet. Does anyone have any idea WHY the user is
>>> coming
>>>> back NULL? I assume something is happening in Turbine somewhere that
>>>> wipes the User on a login attempt or something?
>>>>
>>>>
>>>> public class OutageCalLoginUser extends LoginUser {
>>>>
>>>> public void doPerform( RunData data, Context context) throws Exception
>>> {
>>>> String uname ;
>>>> String passwd ;
>>>>
>>>> System.out.println("doPerform(data, context)");
>>>> if ( data.getUserFromSession() == null ){
>>>> System.out.println("user from session is null");
>>>> }else{
>>>> System.out.println("user from session is NOT null");
>>>> }
>>>>
>>>> if(data.getUser() == null){
>>>> System.out.println("user is null");
>>>> }else{
>>>> System.out.println("user is NOT null");
>>>> if(data.getUser().hasLoggedIn()){
>>>> System.out.println("user is logged in");
>>>> }else{
>>>> System.out.println("user is NOT logged in");
>>>> }
>>>> }
>>>>
>>>>
>>>> if((data.getUser() == null) || (data.getUser() != null &&
>>>> data.getUser().hasLoggedIn() == false)){
>>>>
>>>> try {
>>>> SymEncDec enc = SymEncDec.getInstance();
>>>>
>>>> // Username/password = username/pswd coming through front
>>>> door.
>>>> // User coming from elsewhere will have neither username
>>>> nor pswd.
>>>> String username = data.getParameters().get("username");
>>>> String pswd = data.getParameters().get("password");
>>>>
>>>> // If username exists, user came in the front door.
>>>> if (username != null && username.length()>0) {
>>>> uname = username;
>>>> passwd = pswd;
>>>> }else {
>>>> uname = "guest";
>>>> String encryptedPasswd =
>>>> TurbineResources.getString("guest.credential");
>>>> passwd = encryptedPasswd;
>>>> //enc.decodeBase64Decrypt(encryptedPasswd);
>>>> }
>>>> // Log the user in
>>>> doLogin(data, uname, passwd);
>>>>
>>>> try {
>>>> Utils.getUserID(data);
>>>> }
>>>> catch (NullPointerException npe) {
>>>> throw new TurbineSecurityException("Bad username or
>>>> password, I say!");
>>>> }
>>>>
>>>> }
>>>> catch ( TurbineSecurityException se ) {
>>>> badUserOrPassword(se, data);
>>>> }
>>>> catch (Exception e) {
>>>> throw new PortalVelocityException(e.getMessage()=ull?":
>>>> "+e.getMessage():e.getMessage(),
>>>> e.getCause()=ull?e:e.getCause(), data);
>>>> }
>>>>
>>>> }
>>>> }
>>>>
>>>> }
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>>>> For additional commands, e-mail: user-help@turbine.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>>>> For additional commands, e-mail: user-help@turbine.apache.org
>>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>>> For additional commands, e-mail: user-help@turbine.apache.org
>>>
>>>
>>>
>>>
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
RE: user is nulled out on login attempt
Posted by "Shaw, Nathan (HQ-LD070)[InDyne, Inc]" <na...@nasa.gov>.
Yeah, I saw that post about tracking multiple sessions. Unfortunately, that is not what I want. I simply want to check if the user is logged in on the same machine. I am not worried about tracking multiple sessions.
For some reason, when a new login attempt is made, Turbine is clearing the User object and session. I basically want to be able to check to see if the user is already logged in when they access the login action. If they are, skip the login, as they are already logged in. If not, try to log them in.
-----Original Message-----
From: Jeffery Painter [mailto:painter@kiasoft.com]
Sent: Thu 1/31/2008 6:03 PM
To: Turbine Users List
Subject: Re: user is nulled out on login attempt
hmm... If this is the case, then I recall this was asked/addressed a few
years back. I would look through the archives again (looking specifically
for detecting more than one active login) - it seems someone wrote a tool
to handle just that (or maybe it was in the 2.4 tree) -- maybe some of the
other old timers can remember better than I.
--
Jeffery Painter
> Hi,
>
> When you say "already logged in" - do you want to check if the user is
> logged in from another computer ? If that is the case, your user object
> WILL
> NOT show up in the session for the current browser.
>
> To implement this functionality, you will have to keep track of logged in
> users through some separate mechanism (like say a HashSet into which you
> add
> any new user that logs in - first check if the user is present in the
> HashSet, and if so direct them to a page that says they're already logged
> in, otherwise log them in and add them to this HashSet) .
>
> You would also need to keep track of when a user logs out and when a
> session
> times out, so that you can remove the user from this HashSet when either
> of
> these occur. Check out the HttpSessionBindingListener interface. The
> easiest
> way is for your User object to implement this interface and Add / Remove
> itself from the HashSet when the valueBound() / valueUnbound() methods are
> called respectively.
>
> BK
>
>
> On Feb 1, 2008 12:40 AM, Shaw, Nathan (HQ-LD070)[InDyne, Inc] <
> nathan.shaw-1@nasa.gov> wrote:
>
>> Thanks Jeffrey,
>>
>> The problem is not in logging a user in... the action I have is doing
>> that
>> just fine. The problem is when you try to detect if a user calling the
>> login
>> action is ALREADY logged in or not (in this case, we have guest users
>> coming
>> in from another site).
>>
>> I want to make it so if the user is already logged in, it does not log
>> them in again. However, when I test the User returned in the doperform()
>> method in my login action, it is always NULL. It appears that something
>> up
>> the chain is wiping the User object and the session.
>>
>> --Nathan
>>
>>
>> -----Original Message-----
>> From: Jeffery Painter [mailto:painter@kiasoft.com]
>> Sent: Thu 1/31/2008 1:08 PM
>> To: Turbine Users List
>> Subject: RE: user is nulled out on login attempt
>>
>>
>> I had used Turbine to build a prototype of an electronic health record
>> system.
>>
>> I can't remember if we were using Turbine 2.1 or 2.2 but I have my
>> custom
>> login action is here:
>>
>>
>> http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/edu/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup
>>
>> Maybe that will give you some insight... it worked last time I ran the
>> code but that was Dec 2006...
>>
>> Hope it helps
>>
>> --
>> Jeffery Painter
>> Knowledge Engineer
>> Semantic Technologies Group
>> Statistical and Quantitative Sciences
>> GlaxoSmithKline Research and Development
>>
>>
>> > I don't get that. The test is if the user is NOT null.
>> >
>> > Anyway, it does work. I took it from my SNA login code (our first
>> > Turbine project.)
>> >
>> > -----Original Message-----
>> > From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>> > [mailto:nathan.shaw-1@nasa.gov]
>> > Sent: Thursday, January 31, 2008 12:17 PM
>> > To: Turbine Users List
>> > Subject: RE: user is nulled out on login attempt
>> >
>> > I don't think that will work because that will mean that the user is
>> > null and is not logged in at all. It will actually probably be caught
>> by
>> > the SessionValidator and just take them back to the login page.
>> >
>> > I am actually checking the User object and outputting whether it is
>> null
>> > or not in the login action. I tried both getUser() and
>> > getUserFromSession() and they are both NULL every single time a login
>> is
>> > attempted. Something up the chain is clearing all of that out before
>> the
>> > login occurs.
>> >
>> > --Nathan
>> >
>> >
>> > -----Original Message-----
>> > From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
>> > [mailto:bruce.altner-1@nasa.gov]
>> > Sent: Thu 1/31/2008 9:29 AM
>> > To: Turbine Users List
>> > Subject: RE: user is nulled out on login attempt
>> >
>> > How about just doing this, early in the Login action doPerform method
>> > (first thing?):
>> >
>> >
>> > if ( data.getUserFromSession() != null )
>> > {
>> > return;
>> > }
>> >
>> >
>> > Bruce
>> >
>> > -----Original Message-----
>> > From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>> > [mailto:nathan.shaw-1@nasa.gov]
>> > Sent: Thursday, January 31, 2008 8:35 AM
>> > To: user@turbine.apache.org
>> > Subject: user is nulled out on login attempt
>> >
>> >
>> > Hi all,
>> >
>> > I am writing my own login action and need to be able to check to see
>> if
>> > a user is already logged in when the action is called. If they are, I
>> > want to skip the login stuff to preserve their session. However, every
>> > single time that the login action is called, the User object is coming
>> > back NULL.
>> >
>> > Here is a code snippet. Does anyone have any idea WHY the user is
>> coming
>> > back NULL? I assume something is happening in Turbine somewhere that
>> > wipes the User on a login attempt or something?
>> >
>> >
>> > public class OutageCalLoginUser extends LoginUser {
>> >
>> > public void doPerform( RunData data, Context context) throws Exception
>> {
>> > String uname ;
>> > String passwd ;
>> >
>> > System.out.println("doPerform(data, context)");
>> > if ( data.getUserFromSession() == null ){
>> > System.out.println("user from session is null");
>> > }else{
>> > System.out.println("user from session is NOT null");
>> > }
>> >
>> > if(data.getUser() == null){
>> > System.out.println("user is null");
>> > }else{
>> > System.out.println("user is NOT null");
>> > if(data.getUser().hasLoggedIn()){
>> > System.out.println("user is logged in");
>> > }else{
>> > System.out.println("user is NOT logged in");
>> > }
>> > }
>> >
>> >
>> > if((data.getUser() == null) || (data.getUser() != null &&
>> > data.getUser().hasLoggedIn() == false)){
>> >
>> > try {
>> > SymEncDec enc = SymEncDec.getInstance();
>> >
>> > // Username/password = username/pswd coming through front
>> > door.
>> > // User coming from elsewhere will have neither username
>> > nor pswd.
>> > String username = data.getParameters().get("username");
>> > String pswd = data.getParameters().get("password");
>> >
>> > // If username exists, user came in the front door.
>> > if (username != null && username.length()>0) {
>> > uname = username;
>> > passwd = pswd;
>> > }else {
>> > uname = "guest";
>> > String encryptedPasswd =
>> > TurbineResources.getString("guest.credential");
>> > passwd = encryptedPasswd;
>> > //enc.decodeBase64Decrypt(encryptedPasswd);
>> > }
>> > // Log the user in
>> > doLogin(data, uname, passwd);
>> >
>> > try {
>> > Utils.getUserID(data);
>> > }
>> > catch (NullPointerException npe) {
>> > throw new TurbineSecurityException("Bad username or
>> > password, I say!");
>> > }
>> >
>> > }
>> > catch ( TurbineSecurityException se ) {
>> > badUserOrPassword(se, data);
>> > }
>> > catch (Exception e) {
>> > throw new PortalVelocityException(e.getMessage()=ull?":
>> > "+e.getMessage():e.getMessage(),
>> > e.getCause()=ull?e:e.getCause(), data);
>> > }
>> >
>> > }
>> > }
>> >
>> > }
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>> > For additional commands, e-mail: user-help@turbine.apache.org
>> >
>> >
>> >
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>> > For additional commands, e-mail: user-help@turbine.apache.org
>> >
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>> For additional commands, e-mail: user-help@turbine.apache.org
>>
>>
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
Re: user is nulled out on login attempt
Posted by Jeffery Painter <pa...@kiasoft.com>.
hmm... If this is the case, then I recall this was asked/addressed a few
years back. I would look through the archives again (looking specifically
for detecting more than one active login) - it seems someone wrote a tool
to handle just that (or maybe it was in the 2.4 tree) -- maybe some of the
other old timers can remember better than I.
--
Jeffery Painter
> Hi,
>
> When you say "already logged in" - do you want to check if the user is
> logged in from another computer ? If that is the case, your user object
> WILL
> NOT show up in the session for the current browser.
>
> To implement this functionality, you will have to keep track of logged in
> users through some separate mechanism (like say a HashSet into which you
> add
> any new user that logs in - first check if the user is present in the
> HashSet, and if so direct them to a page that says they're already logged
> in, otherwise log them in and add them to this HashSet) .
>
> You would also need to keep track of when a user logs out and when a
> session
> times out, so that you can remove the user from this HashSet when either
> of
> these occur. Check out the HttpSessionBindingListener interface. The
> easiest
> way is for your User object to implement this interface and Add / Remove
> itself from the HashSet when the valueBound() / valueUnbound() methods are
> called respectively.
>
> BK
>
>
> On Feb 1, 2008 12:40 AM, Shaw, Nathan (HQ-LD070)[InDyne, Inc] <
> nathan.shaw-1@nasa.gov> wrote:
>
>> Thanks Jeffrey,
>>
>> The problem is not in logging a user in... the action I have is doing
>> that
>> just fine. The problem is when you try to detect if a user calling the
>> login
>> action is ALREADY logged in or not (in this case, we have guest users
>> coming
>> in from another site).
>>
>> I want to make it so if the user is already logged in, it does not log
>> them in again. However, when I test the User returned in the doperform()
>> method in my login action, it is always NULL. It appears that something
>> up
>> the chain is wiping the User object and the session.
>>
>> --Nathan
>>
>>
>> -----Original Message-----
>> From: Jeffery Painter [mailto:painter@kiasoft.com]
>> Sent: Thu 1/31/2008 1:08 PM
>> To: Turbine Users List
>> Subject: RE: user is nulled out on login attempt
>>
>>
>> I had used Turbine to build a prototype of an electronic health record
>> system.
>>
>> I can't remember if we were using Turbine 2.1 or 2.2 but I have my
>> custom
>> login action is here:
>>
>>
>> http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/edu/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup
>>
>> Maybe that will give you some insight... it worked last time I ran the
>> code but that was Dec 2006...
>>
>> Hope it helps
>>
>> --
>> Jeffery Painter
>> Knowledge Engineer
>> Semantic Technologies Group
>> Statistical and Quantitative Sciences
>> GlaxoSmithKline Research and Development
>>
>>
>> > I don't get that. The test is if the user is NOT null.
>> >
>> > Anyway, it does work. I took it from my SNA login code (our first
>> > Turbine project.)
>> >
>> > -----Original Message-----
>> > From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>> > [mailto:nathan.shaw-1@nasa.gov]
>> > Sent: Thursday, January 31, 2008 12:17 PM
>> > To: Turbine Users List
>> > Subject: RE: user is nulled out on login attempt
>> >
>> > I don't think that will work because that will mean that the user is
>> > null and is not logged in at all. It will actually probably be caught
>> by
>> > the SessionValidator and just take them back to the login page.
>> >
>> > I am actually checking the User object and outputting whether it is
>> null
>> > or not in the login action. I tried both getUser() and
>> > getUserFromSession() and they are both NULL every single time a login
>> is
>> > attempted. Something up the chain is clearing all of that out before
>> the
>> > login occurs.
>> >
>> > --Nathan
>> >
>> >
>> > -----Original Message-----
>> > From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
>> > [mailto:bruce.altner-1@nasa.gov]
>> > Sent: Thu 1/31/2008 9:29 AM
>> > To: Turbine Users List
>> > Subject: RE: user is nulled out on login attempt
>> >
>> > How about just doing this, early in the Login action doPerform method
>> > (first thing?):
>> >
>> >
>> > if ( data.getUserFromSession() != null )
>> > {
>> > return;
>> > }
>> >
>> >
>> > Bruce
>> >
>> > -----Original Message-----
>> > From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
>> > [mailto:nathan.shaw-1@nasa.gov]
>> > Sent: Thursday, January 31, 2008 8:35 AM
>> > To: user@turbine.apache.org
>> > Subject: user is nulled out on login attempt
>> >
>> >
>> > Hi all,
>> >
>> > I am writing my own login action and need to be able to check to see
>> if
>> > a user is already logged in when the action is called. If they are, I
>> > want to skip the login stuff to preserve their session. However, every
>> > single time that the login action is called, the User object is coming
>> > back NULL.
>> >
>> > Here is a code snippet. Does anyone have any idea WHY the user is
>> coming
>> > back NULL? I assume something is happening in Turbine somewhere that
>> > wipes the User on a login attempt or something?
>> >
>> >
>> > public class OutageCalLoginUser extends LoginUser {
>> >
>> > public void doPerform( RunData data, Context context) throws Exception
>> {
>> > String uname ;
>> > String passwd ;
>> >
>> > System.out.println("doPerform(data, context)");
>> > if ( data.getUserFromSession() == null ){
>> > System.out.println("user from session is null");
>> > }else{
>> > System.out.println("user from session is NOT null");
>> > }
>> >
>> > if(data.getUser() == null){
>> > System.out.println("user is null");
>> > }else{
>> > System.out.println("user is NOT null");
>> > if(data.getUser().hasLoggedIn()){
>> > System.out.println("user is logged in");
>> > }else{
>> > System.out.println("user is NOT logged in");
>> > }
>> > }
>> >
>> >
>> > if((data.getUser() == null) || (data.getUser() != null &&
>> > data.getUser().hasLoggedIn() == false)){
>> >
>> > try {
>> > SymEncDec enc = SymEncDec.getInstance();
>> >
>> > // Username/password = username/pswd coming through front
>> > door.
>> > // User coming from elsewhere will have neither username
>> > nor pswd.
>> > String username = data.getParameters().get("username");
>> > String pswd = data.getParameters().get("password");
>> >
>> > // If username exists, user came in the front door.
>> > if (username != null && username.length()>0) {
>> > uname = username;
>> > passwd = pswd;
>> > }else {
>> > uname = "guest";
>> > String encryptedPasswd =
>> > TurbineResources.getString("guest.credential");
>> > passwd = encryptedPasswd;
>> > //enc.decodeBase64Decrypt(encryptedPasswd);
>> > }
>> > // Log the user in
>> > doLogin(data, uname, passwd);
>> >
>> > try {
>> > Utils.getUserID(data);
>> > }
>> > catch (NullPointerException npe) {
>> > throw new TurbineSecurityException("Bad username or
>> > password, I say!");
>> > }
>> >
>> > }
>> > catch ( TurbineSecurityException se ) {
>> > badUserOrPassword(se, data);
>> > }
>> > catch (Exception e) {
>> > throw new PortalVelocityException(e.getMessage()=ull?":
>> > "+e.getMessage():e.getMessage(),
>> > e.getCause()=ull?e:e.getCause(), data);
>> > }
>> >
>> > }
>> > }
>> >
>> > }
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>> > For additional commands, e-mail: user-help@turbine.apache.org
>> >
>> >
>> >
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>> > For additional commands, e-mail: user-help@turbine.apache.org
>> >
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
>> For additional commands, e-mail: user-help@turbine.apache.org
>>
>>
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
Re: user is nulled out on login attempt
Posted by Babu K <ba...@sankya.com>.
Hi,
When you say "already logged in" - do you want to check if the user is
logged in from another computer ? If that is the case, your user object WILL
NOT show up in the session for the current browser.
To implement this functionality, you will have to keep track of logged in
users through some separate mechanism (like say a HashSet into which you add
any new user that logs in - first check if the user is present in the
HashSet, and if so direct them to a page that says they're already logged
in, otherwise log them in and add them to this HashSet) .
You would also need to keep track of when a user logs out and when a session
times out, so that you can remove the user from this HashSet when either of
these occur. Check out the HttpSessionBindingListener interface. The easiest
way is for your User object to implement this interface and Add / Remove
itself from the HashSet when the valueBound() / valueUnbound() methods are
called respectively.
BK
On Feb 1, 2008 12:40 AM, Shaw, Nathan (HQ-LD070)[InDyne, Inc] <
nathan.shaw-1@nasa.gov> wrote:
> Thanks Jeffrey,
>
> The problem is not in logging a user in... the action I have is doing that
> just fine. The problem is when you try to detect if a user calling the login
> action is ALREADY logged in or not (in this case, we have guest users coming
> in from another site).
>
> I want to make it so if the user is already logged in, it does not log
> them in again. However, when I test the User returned in the doperform()
> method in my login action, it is always NULL. It appears that something up
> the chain is wiping the User object and the session.
>
> --Nathan
>
>
> -----Original Message-----
> From: Jeffery Painter [mailto:painter@kiasoft.com]
> Sent: Thu 1/31/2008 1:08 PM
> To: Turbine Users List
> Subject: RE: user is nulled out on login attempt
>
>
> I had used Turbine to build a prototype of an electronic health record
> system.
>
> I can't remember if we were using Turbine 2.1 or 2.2 but I have my custom
> login action is here:
>
>
> http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/edu/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup
>
> Maybe that will give you some insight... it worked last time I ran the
> code but that was Dec 2006...
>
> Hope it helps
>
> --
> Jeffery Painter
> Knowledge Engineer
> Semantic Technologies Group
> Statistical and Quantitative Sciences
> GlaxoSmithKline Research and Development
>
>
> > I don't get that. The test is if the user is NOT null.
> >
> > Anyway, it does work. I took it from my SNA login code (our first
> > Turbine project.)
> >
> > -----Original Message-----
> > From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
> > [mailto:nathan.shaw-1@nasa.gov]
> > Sent: Thursday, January 31, 2008 12:17 PM
> > To: Turbine Users List
> > Subject: RE: user is nulled out on login attempt
> >
> > I don't think that will work because that will mean that the user is
> > null and is not logged in at all. It will actually probably be caught by
> > the SessionValidator and just take them back to the login page.
> >
> > I am actually checking the User object and outputting whether it is null
> > or not in the login action. I tried both getUser() and
> > getUserFromSession() and they are both NULL every single time a login is
> > attempted. Something up the chain is clearing all of that out before the
> > login occurs.
> >
> > --Nathan
> >
> >
> > -----Original Message-----
> > From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
> > [mailto:bruce.altner-1@nasa.gov]
> > Sent: Thu 1/31/2008 9:29 AM
> > To: Turbine Users List
> > Subject: RE: user is nulled out on login attempt
> >
> > How about just doing this, early in the Login action doPerform method
> > (first thing?):
> >
> >
> > if ( data.getUserFromSession() != null )
> > {
> > return;
> > }
> >
> >
> > Bruce
> >
> > -----Original Message-----
> > From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
> > [mailto:nathan.shaw-1@nasa.gov]
> > Sent: Thursday, January 31, 2008 8:35 AM
> > To: user@turbine.apache.org
> > Subject: user is nulled out on login attempt
> >
> >
> > Hi all,
> >
> > I am writing my own login action and need to be able to check to see if
> > a user is already logged in when the action is called. If they are, I
> > want to skip the login stuff to preserve their session. However, every
> > single time that the login action is called, the User object is coming
> > back NULL.
> >
> > Here is a code snippet. Does anyone have any idea WHY the user is coming
> > back NULL? I assume something is happening in Turbine somewhere that
> > wipes the User on a login attempt or something?
> >
> >
> > public class OutageCalLoginUser extends LoginUser {
> >
> > public void doPerform( RunData data, Context context) throws Exception {
> > String uname ;
> > String passwd ;
> >
> > System.out.println("doPerform(data, context)");
> > if ( data.getUserFromSession() == null ){
> > System.out.println("user from session is null");
> > }else{
> > System.out.println("user from session is NOT null");
> > }
> >
> > if(data.getUser() == null){
> > System.out.println("user is null");
> > }else{
> > System.out.println("user is NOT null");
> > if(data.getUser().hasLoggedIn()){
> > System.out.println("user is logged in");
> > }else{
> > System.out.println("user is NOT logged in");
> > }
> > }
> >
> >
> > if((data.getUser() == null) || (data.getUser() != null &&
> > data.getUser().hasLoggedIn() == false)){
> >
> > try {
> > SymEncDec enc = SymEncDec.getInstance();
> >
> > // Username/password = username/pswd coming through front
> > door.
> > // User coming from elsewhere will have neither username
> > nor pswd.
> > String username = data.getParameters().get("username");
> > String pswd = data.getParameters().get("password");
> >
> > // If username exists, user came in the front door.
> > if (username != null && username.length()>0) {
> > uname = username;
> > passwd = pswd;
> > }else {
> > uname = "guest";
> > String encryptedPasswd =
> > TurbineResources.getString("guest.credential");
> > passwd = encryptedPasswd;
> > //enc.decodeBase64Decrypt(encryptedPasswd);
> > }
> > // Log the user in
> > doLogin(data, uname, passwd);
> >
> > try {
> > Utils.getUserID(data);
> > }
> > catch (NullPointerException npe) {
> > throw new TurbineSecurityException("Bad username or
> > password, I say!");
> > }
> >
> > }
> > catch ( TurbineSecurityException se ) {
> > badUserOrPassword(se, data);
> > }
> > catch (Exception e) {
> > throw new PortalVelocityException(e.getMessage()=ull?":
> > "+e.getMessage():e.getMessage(),
> > e.getCause()=ull?e:e.getCause(), data);
> > }
> >
> > }
> > }
> >
> > }
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> > For additional commands, e-mail: user-help@turbine.apache.org
> >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> > For additional commands, e-mail: user-help@turbine.apache.org
> >
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
>
>
>
>
Re: user is nulled out on login attempt
Posted by Thomas Vandahl <tv...@apache.org>.
Shaw, Nathan (HQ-LD070)[InDyne, Inc] wrote:
> I assume you mean this?
>
> action.sessionvalidator=sessionvalidator.TemplateSessionValidator
I'd suggest TemplateSecureSessionValidator if your application requires
a valid user.
>
> But, it seems to me that the role of the SessionValidator is to ensure that a user IS NOT logged in and send them somewhere if they are not. I am trying to see if the user IS logged in and ,if they are, NOT re-log them in. Maybe I am mis-interpreting the docs?
Well, I guess I don't quite get your problem. If a user is logged in, he
normally has a valid session. The SessionValidator takes care of storing
the user object into the session attributes.
So if your session contains a valid user object, data.getUser() will
provide it. If it doesn't, your session is not the same as before. (You
can check this if you compare the two session ids.) This can happen if
for example your browser does not provide the session cookie and your
container is not configured to rewrite the URLs.
Bye, Thomas.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
RE: user is nulled out on login attempt
Posted by "Shaw, Nathan (HQ-LD070)[InDyne, Inc]" <na...@nasa.gov>.
I assume you mean this?
action.sessionvalidator=sessionvalidator.TemplateSessionValidator
But, it seems to me that the role of the SessionValidator is to ensure that a user IS NOT logged in and send them somewhere if they are not. I am trying to see if the user IS logged in and ,if they are, NOT re-log them in. Maybe I am mis-interpreting the docs?
--Nathan
-----Original Message-----
From: Thomas Vandahl [mailto:tv@apache.org]
Sent: Thu 1/31/2008 3:01 PM
To: Turbine Users List
Subject: Re: user is nulled out on login attempt
Shaw, Nathan (HQ-LD070)[InDyne, Inc] wrote:
> I want to make it so if the user is already logged in, it does not log them in again. However, when I test the User returned in the doperform() method in my login action, it is always NULL. It appears that something up the chain is wiping the User object and the session.
This is exactly the task of the SessionValidator. Which SessionValidator
do you use?
Bye, Thomas.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
Re: user is nulled out on login attempt
Posted by Thomas Vandahl <tv...@apache.org>.
Shaw, Nathan (HQ-LD070)[InDyne, Inc] wrote:
> I want to make it so if the user is already logged in, it does not log them in again. However, when I test the User returned in the doperform() method in my login action, it is always NULL. It appears that something up the chain is wiping the User object and the session.
This is exactly the task of the SessionValidator. Which SessionValidator
do you use?
Bye, Thomas.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
RE: user is nulled out on login attempt
Posted by "Shaw, Nathan (HQ-LD070)[InDyne, Inc]" <na...@nasa.gov>.
Thanks Jeffrey,
The problem is not in logging a user in... the action I have is doing that just fine. The problem is when you try to detect if a user calling the login action is ALREADY logged in or not (in this case, we have guest users coming in from another site).
I want to make it so if the user is already logged in, it does not log them in again. However, when I test the User returned in the doperform() method in my login action, it is always NULL. It appears that something up the chain is wiping the User object and the session.
--Nathan
-----Original Message-----
From: Jeffery Painter [mailto:painter@kiasoft.com]
Sent: Thu 1/31/2008 1:08 PM
To: Turbine Users List
Subject: RE: user is nulled out on login attempt
I had used Turbine to build a prototype of an electronic health record
system.
I can't remember if we were using Turbine 2.1 or 2.2 but I have my custom
login action is here:
http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/edu/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup
Maybe that will give you some insight... it worked last time I ran the
code but that was Dec 2006...
Hope it helps
--
Jeffery Painter
Knowledge Engineer
Semantic Technologies Group
Statistical and Quantitative Sciences
GlaxoSmithKline Research and Development
> I don't get that. The test is if the user is NOT null.
>
> Anyway, it does work. I took it from my SNA login code (our first
> Turbine project.)
>
> -----Original Message-----
> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
> [mailto:nathan.shaw-1@nasa.gov]
> Sent: Thursday, January 31, 2008 12:17 PM
> To: Turbine Users List
> Subject: RE: user is nulled out on login attempt
>
> I don't think that will work because that will mean that the user is
> null and is not logged in at all. It will actually probably be caught by
> the SessionValidator and just take them back to the login page.
>
> I am actually checking the User object and outputting whether it is null
> or not in the login action. I tried both getUser() and
> getUserFromSession() and they are both NULL every single time a login is
> attempted. Something up the chain is clearing all of that out before the
> login occurs.
>
> --Nathan
>
>
> -----Original Message-----
> From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
> [mailto:bruce.altner-1@nasa.gov]
> Sent: Thu 1/31/2008 9:29 AM
> To: Turbine Users List
> Subject: RE: user is nulled out on login attempt
>
> How about just doing this, early in the Login action doPerform method
> (first thing?):
>
>
> if ( data.getUserFromSession() != null )
> {
> return;
> }
>
>
> Bruce
>
> -----Original Message-----
> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
> [mailto:nathan.shaw-1@nasa.gov]
> Sent: Thursday, January 31, 2008 8:35 AM
> To: user@turbine.apache.org
> Subject: user is nulled out on login attempt
>
>
> Hi all,
>
> I am writing my own login action and need to be able to check to see if
> a user is already logged in when the action is called. If they are, I
> want to skip the login stuff to preserve their session. However, every
> single time that the login action is called, the User object is coming
> back NULL.
>
> Here is a code snippet. Does anyone have any idea WHY the user is coming
> back NULL? I assume something is happening in Turbine somewhere that
> wipes the User on a login attempt or something?
>
>
> public class OutageCalLoginUser extends LoginUser {
>
> public void doPerform( RunData data, Context context) throws Exception {
> String uname ;
> String passwd ;
>
> System.out.println("doPerform(data, context)");
> if ( data.getUserFromSession() == null ){
> System.out.println("user from session is null");
> }else{
> System.out.println("user from session is NOT null");
> }
>
> if(data.getUser() == null){
> System.out.println("user is null");
> }else{
> System.out.println("user is NOT null");
> if(data.getUser().hasLoggedIn()){
> System.out.println("user is logged in");
> }else{
> System.out.println("user is NOT logged in");
> }
> }
>
>
> if((data.getUser() == null) || (data.getUser() != null &&
> data.getUser().hasLoggedIn() == false)){
>
> try {
> SymEncDec enc = SymEncDec.getInstance();
>
> // Username/password = username/pswd coming through front
> door.
> // User coming from elsewhere will have neither username
> nor pswd.
> String username = data.getParameters().get("username");
> String pswd = data.getParameters().get("password");
>
> // If username exists, user came in the front door.
> if (username != null && username.length()>0) {
> uname = username;
> passwd = pswd;
> }else {
> uname = "guest";
> String encryptedPasswd =
> TurbineResources.getString("guest.credential");
> passwd = encryptedPasswd;
> //enc.decodeBase64Decrypt(encryptedPasswd);
> }
> // Log the user in
> doLogin(data, uname, passwd);
>
> try {
> Utils.getUserID(data);
> }
> catch (NullPointerException npe) {
> throw new TurbineSecurityException("Bad username or
> password, I say!");
> }
>
> }
> catch ( TurbineSecurityException se ) {
> badUserOrPassword(se, data);
> }
> catch (Exception e) {
> throw new PortalVelocityException(e.getMessage()=ull?":
> "+e.getMessage():e.getMessage(),
> e.getCause()=ull?e:e.getCause(), data);
> }
>
> }
> }
>
> }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
RE: user is nulled out on login attempt
Posted by Jeffery Painter <pa...@kiasoft.com>.
I had used Turbine to build a prototype of an electronic health record
system.
I can't remember if we were using Turbine 2.1 or 2.2 but I have my custom
login action is here:
http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/edu/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup
Maybe that will give you some insight... it worked last time I ran the
code but that was Dec 2006...
Hope it helps
--
Jeffery Painter
Knowledge Engineer
Semantic Technologies Group
Statistical and Quantitative Sciences
GlaxoSmithKline Research and Development
> I don't get that. The test is if the user is NOT null.
>
> Anyway, it does work. I took it from my SNA login code (our first
> Turbine project.)
>
> -----Original Message-----
> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
> [mailto:nathan.shaw-1@nasa.gov]
> Sent: Thursday, January 31, 2008 12:17 PM
> To: Turbine Users List
> Subject: RE: user is nulled out on login attempt
>
> I don't think that will work because that will mean that the user is
> null and is not logged in at all. It will actually probably be caught by
> the SessionValidator and just take them back to the login page.
>
> I am actually checking the User object and outputting whether it is null
> or not in the login action. I tried both getUser() and
> getUserFromSession() and they are both NULL every single time a login is
> attempted. Something up the chain is clearing all of that out before the
> login occurs.
>
> --Nathan
>
>
> -----Original Message-----
> From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
> [mailto:bruce.altner-1@nasa.gov]
> Sent: Thu 1/31/2008 9:29 AM
> To: Turbine Users List
> Subject: RE: user is nulled out on login attempt
>
> How about just doing this, early in the Login action doPerform method
> (first thing?):
>
>
> if ( data.getUserFromSession() != null )
> {
> return;
> }
>
>
> Bruce
>
> -----Original Message-----
> From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
> [mailto:nathan.shaw-1@nasa.gov]
> Sent: Thursday, January 31, 2008 8:35 AM
> To: user@turbine.apache.org
> Subject: user is nulled out on login attempt
>
>
> Hi all,
>
> I am writing my own login action and need to be able to check to see if
> a user is already logged in when the action is called. If they are, I
> want to skip the login stuff to preserve their session. However, every
> single time that the login action is called, the User object is coming
> back NULL.
>
> Here is a code snippet. Does anyone have any idea WHY the user is coming
> back NULL? I assume something is happening in Turbine somewhere that
> wipes the User on a login attempt or something?
>
>
> public class OutageCalLoginUser extends LoginUser {
>
> public void doPerform( RunData data, Context context) throws Exception {
> String uname ;
> String passwd ;
>
> System.out.println("doPerform(data, context)");
> if ( data.getUserFromSession() == null ){
> System.out.println("user from session is null");
> }else{
> System.out.println("user from session is NOT null");
> }
>
> if(data.getUser() == null){
> System.out.println("user is null");
> }else{
> System.out.println("user is NOT null");
> if(data.getUser().hasLoggedIn()){
> System.out.println("user is logged in");
> }else{
> System.out.println("user is NOT logged in");
> }
> }
>
>
> if((data.getUser() == null) || (data.getUser() != null &&
> data.getUser().hasLoggedIn() == false)){
>
> try {
> SymEncDec enc = SymEncDec.getInstance();
>
> // Username/password = username/pswd coming through front
> door.
> // User coming from elsewhere will have neither username
> nor pswd.
> String username = data.getParameters().get("username");
> String pswd = data.getParameters().get("password");
>
> // If username exists, user came in the front door.
> if (username != null && username.length()>0) {
> uname = username;
> passwd = pswd;
> }else {
> uname = "guest";
> String encryptedPasswd =
> TurbineResources.getString("guest.credential");
> passwd = encryptedPasswd;
> //enc.decodeBase64Decrypt(encryptedPasswd);
> }
> // Log the user in
> doLogin(data, uname, passwd);
>
> try {
> Utils.getUserID(data);
> }
> catch (NullPointerException npe) {
> throw new TurbineSecurityException("Bad username or
> password, I say!");
> }
>
> }
> catch ( TurbineSecurityException se ) {
> badUserOrPassword(se, data);
> }
> catch (Exception e) {
> throw new PortalVelocityException(e.getMessage()=ull?":
> "+e.getMessage():e.getMessage(),
> e.getCause()=ull?e:e.getCause(), data);
> }
>
> }
> }
>
> }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
> For additional commands, e-mail: user-help@turbine.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
RE: user is nulled out on login attempt
Posted by "Altner, Bruce (HQ-LD070)[InDyne, Inc]" <br...@nasa.gov>.
I don't get that. The test is if the user is NOT null.
Anyway, it does work. I took it from my SNA login code (our first
Turbine project.)
-----Original Message-----
From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
[mailto:nathan.shaw-1@nasa.gov]
Sent: Thursday, January 31, 2008 12:17 PM
To: Turbine Users List
Subject: RE: user is nulled out on login attempt
I don't think that will work because that will mean that the user is
null and is not logged in at all. It will actually probably be caught by
the SessionValidator and just take them back to the login page.
I am actually checking the User object and outputting whether it is null
or not in the login action. I tried both getUser() and
getUserFromSession() and they are both NULL every single time a login is
attempted. Something up the chain is clearing all of that out before the
login occurs.
--Nathan
-----Original Message-----
From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
[mailto:bruce.altner-1@nasa.gov]
Sent: Thu 1/31/2008 9:29 AM
To: Turbine Users List
Subject: RE: user is nulled out on login attempt
How about just doing this, early in the Login action doPerform method
(first thing?):
if ( data.getUserFromSession() != null )
{
return;
}
Bruce
-----Original Message-----
From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
[mailto:nathan.shaw-1@nasa.gov]
Sent: Thursday, January 31, 2008 8:35 AM
To: user@turbine.apache.org
Subject: user is nulled out on login attempt
Hi all,
I am writing my own login action and need to be able to check to see if
a user is already logged in when the action is called. If they are, I
want to skip the login stuff to preserve their session. However, every
single time that the login action is called, the User object is coming
back NULL.
Here is a code snippet. Does anyone have any idea WHY the user is coming
back NULL? I assume something is happening in Turbine somewhere that
wipes the User on a login attempt or something?
public class OutageCalLoginUser extends LoginUser {
public void doPerform( RunData data, Context context) throws Exception {
String uname ;
String passwd ;
System.out.println("doPerform(data, context)");
if ( data.getUserFromSession() == null ){
System.out.println("user from session is null");
}else{
System.out.println("user from session is NOT null");
}
if(data.getUser() == null){
System.out.println("user is null");
}else{
System.out.println("user is NOT null");
if(data.getUser().hasLoggedIn()){
System.out.println("user is logged in");
}else{
System.out.println("user is NOT logged in");
}
}
if((data.getUser() == null) || (data.getUser() != null &&
data.getUser().hasLoggedIn() == false)){
try {
SymEncDec enc = SymEncDec.getInstance();
// Username/password = username/pswd coming through front
door.
// User coming from elsewhere will have neither username
nor pswd.
String username = data.getParameters().get("username");
String pswd = data.getParameters().get("password");
// If username exists, user came in the front door.
if (username != null && username.length()>0) {
uname = username;
passwd = pswd;
}else {
uname = "guest";
String encryptedPasswd =
TurbineResources.getString("guest.credential");
passwd = encryptedPasswd;
//enc.decodeBase64Decrypt(encryptedPasswd);
}
// Log the user in
doLogin(data, uname, passwd);
try {
Utils.getUserID(data);
}
catch (NullPointerException npe) {
throw new TurbineSecurityException("Bad username or
password, I say!");
}
}
catch ( TurbineSecurityException se ) {
badUserOrPassword(se, data);
}
catch (Exception e) {
throw new PortalVelocityException(e.getMessage()==null?":
"+e.getMessage():e.getMessage(),
e.getCause()==null?e:e.getCause(), data);
}
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
RE: user is nulled out on login attempt
Posted by "Shaw, Nathan (HQ-LD070)[InDyne, Inc]" <na...@nasa.gov>.
I don't think that will work because that will mean that the user is null and is not logged in at all. It will actually probably be caught by the SessionValidator and just take them back to the login page.
I am actually checking the User object and outputting whether it is null or not in the login action. I tried both getUser() and getUserFromSession() and they are both NULL every single time a login is attempted. Something up the chain is clearing all of that out before the login occurs.
--Nathan
-----Original Message-----
From: Altner, Bruce (HQ-LD070)[InDyne, Inc] [mailto:bruce.altner-1@nasa.gov]
Sent: Thu 1/31/2008 9:29 AM
To: Turbine Users List
Subject: RE: user is nulled out on login attempt
How about just doing this, early in the Login action doPerform method
(first thing?):
if ( data.getUserFromSession() != null )
{
return;
}
Bruce
-----Original Message-----
From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
[mailto:nathan.shaw-1@nasa.gov]
Sent: Thursday, January 31, 2008 8:35 AM
To: user@turbine.apache.org
Subject: user is nulled out on login attempt
Hi all,
I am writing my own login action and need to be able to check to see if
a user is already logged in when the action is called. If they are, I
want to skip the login stuff to preserve their session. However, every
single time that the login action is called, the User object is coming
back NULL.
Here is a code snippet. Does anyone have any idea WHY the user is coming
back NULL? I assume something is happening in Turbine somewhere that
wipes the User on a login attempt or something?
public class OutageCalLoginUser extends LoginUser {
public void doPerform( RunData data, Context context) throws Exception {
String uname ;
String passwd ;
System.out.println("doPerform(data, context)");
if ( data.getUserFromSession() == null ){
System.out.println("user from session is null");
}else{
System.out.println("user from session is NOT null");
}
if(data.getUser() == null){
System.out.println("user is null");
}else{
System.out.println("user is NOT null");
if(data.getUser().hasLoggedIn()){
System.out.println("user is logged in");
}else{
System.out.println("user is NOT logged in");
}
}
if((data.getUser() == null) || (data.getUser() != null &&
data.getUser().hasLoggedIn() == false)){
try {
SymEncDec enc = SymEncDec.getInstance();
// Username/password = username/pswd coming through front
door.
// User coming from elsewhere will have neither username
nor pswd.
String username = data.getParameters().get("username");
String pswd = data.getParameters().get("password");
// If username exists, user came in the front door.
if (username != null && username.length()>0) {
uname = username;
passwd = pswd;
}else {
uname = "guest";
String encryptedPasswd =
TurbineResources.getString("guest.credential");
passwd = encryptedPasswd;
//enc.decodeBase64Decrypt(encryptedPasswd);
}
// Log the user in
doLogin(data, uname, passwd);
try {
Utils.getUserID(data);
}
catch (NullPointerException npe) {
throw new TurbineSecurityException("Bad username or
password, I say!");
}
}
catch ( TurbineSecurityException se ) {
badUserOrPassword(se, data);
}
catch (Exception e) {
throw new PortalVelocityException(e.getMessage()==null?":
"+e.getMessage():e.getMessage(),
e.getCause()==null?e:e.getCause(), data);
}
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org
RE: user is nulled out on login attempt
Posted by "Altner, Bruce (HQ-LD070)[InDyne, Inc]" <br...@nasa.gov>.
How about just doing this, early in the Login action doPerform method
(first thing?):
if ( data.getUserFromSession() != null )
{
return;
}
Bruce
-----Original Message-----
From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
[mailto:nathan.shaw-1@nasa.gov]
Sent: Thursday, January 31, 2008 8:35 AM
To: user@turbine.apache.org
Subject: user is nulled out on login attempt
Hi all,
I am writing my own login action and need to be able to check to see if
a user is already logged in when the action is called. If they are, I
want to skip the login stuff to preserve their session. However, every
single time that the login action is called, the User object is coming
back NULL.
Here is a code snippet. Does anyone have any idea WHY the user is coming
back NULL? I assume something is happening in Turbine somewhere that
wipes the User on a login attempt or something?
public class OutageCalLoginUser extends LoginUser {
public void doPerform( RunData data, Context context) throws Exception {
String uname ;
String passwd ;
System.out.println("doPerform(data, context)");
if ( data.getUserFromSession() == null ){
System.out.println("user from session is null");
}else{
System.out.println("user from session is NOT null");
}
if(data.getUser() == null){
System.out.println("user is null");
}else{
System.out.println("user is NOT null");
if(data.getUser().hasLoggedIn()){
System.out.println("user is logged in");
}else{
System.out.println("user is NOT logged in");
}
}
if((data.getUser() == null) || (data.getUser() != null &&
data.getUser().hasLoggedIn() == false)){
try {
SymEncDec enc = SymEncDec.getInstance();
// Username/password = username/pswd coming through front
door.
// User coming from elsewhere will have neither username
nor pswd.
String username = data.getParameters().get("username");
String pswd = data.getParameters().get("password");
// If username exists, user came in the front door.
if (username != null && username.length()>0) {
uname = username;
passwd = pswd;
}else {
uname = "guest";
String encryptedPasswd =
TurbineResources.getString("guest.credential");
passwd = encryptedPasswd;
//enc.decodeBase64Decrypt(encryptedPasswd);
}
// Log the user in
doLogin(data, uname, passwd);
try {
Utils.getUserID(data);
}
catch (NullPointerException npe) {
throw new TurbineSecurityException("Bad username or
password, I say!");
}
}
catch ( TurbineSecurityException se ) {
badUserOrPassword(se, data);
}
catch (Exception e) {
throw new PortalVelocityException(e.getMessage()==null?":
"+e.getMessage():e.getMessage(),
e.getCause()==null?e:e.getCause(), data);
}
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@turbine.apache.org
For additional commands, e-mail: user-help@turbine.apache.org