1 package org.codehaus.plexus.redback.struts2.action;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
23 import javax.servlet.http.HttpServletRequest;
25 import org.apache.struts2.ServletActionContext;
26 import org.codehaus.plexus.redback.policy.PasswordRuleViolationException;
27 import org.codehaus.plexus.redback.policy.PasswordRuleViolations;
28 import org.codehaus.plexus.redback.system.SecuritySession;
29 import org.codehaus.plexus.redback.system.SecuritySystemConstants;
30 import org.codehaus.redback.integration.interceptor.SecureAction;
31 import org.codehaus.redback.integration.interceptor.SecureActionBundle;
32 import org.codehaus.redback.integration.interceptor.SecureActionException;
35 * AbstractSecurityAction
37 * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
40 public abstract class AbstractSecurityAction
41 extends RedbackActionSupport
42 implements SecureAction
44 protected static final String REQUIRES_AUTHENTICATION = "requires-authentication";
46 private SecureActionBundle securityBundle;
48 public SecureActionBundle getSecureActionBundle()
49 throws SecureActionException
51 if ( securityBundle == null )
53 securityBundle = initSecureActionBundle();
56 return securityBundle;
59 public abstract SecureActionBundle initSecureActionBundle()
60 throws SecureActionException;
62 protected void setAuthTokens( SecuritySession securitySession )
64 session.put( SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
65 this.setSession( session );
68 protected SecuritySession getSecuritySession()
70 return (SecuritySession) session.get( SecuritySystemConstants.SECURITY_SESSION_KEY );
73 // ------------------------------------------------------------------
74 // Internal Support Methods
75 // ------------------------------------------------------------------
76 protected void processPasswordRuleViolations( PasswordRuleViolationException e )
78 processPasswordRuleViolations( e, "user.password" );
81 protected void processPasswordRuleViolations( PasswordRuleViolationException e, String field )
83 PasswordRuleViolations violations = e.getViolations();
85 if ( violations != null )
87 for ( String violation : violations.getLocalizedViolations() )
89 addFieldError( field, violation );
94 protected String getBaseUrl()
96 HttpServletRequest req = ServletActionContext.getRequest();
97 return req.getScheme() + "://" + req.getServerName()
98 + ( req.getServerPort() == 80 ? "" : ":" + req.getServerPort() ) + req.getContextPath();
101 protected String getCurrentUser()
103 SecuritySession securitySession = getSecuritySession();
104 if ( securitySession != null && securitySession.getUser() != null )
106 return securitySession.getUser().getPrincipal().toString();