Class LoginHandler

  • All Implemented Interfaces:
    Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig, ConnectionProvider

    public class LoginHandler
    extends HttpBaseServlet
    LoginHandler is called from Login Servlet after the user has entered user and password. It checks user/ password validity as well as license settings and decides whether the user can log in the application or not.

    Depending if the instance is 2.50 or 3.0 the result of this Servlet differs. 2.50 instances show the messages in a new window served by this Servlet and do the actual redirection in case of success. 3.0 instance Login Servlet call LoginHandler as an ajax request and they expect to obtain a json object with information about success or message and in this case the message to show.

    See Also:
    Serialized Form
    • Constructor Detail

      • LoginHandler

        public LoginHandler()
    • Method Detail

      • doPost

        public void doPost​(javax.servlet.http.HttpServletRequest req,
                           javax.servlet.http.HttpServletResponse res)
                    throws IOException,
                           javax.servlet.ServletException
        Overrides:
        doPost in class javax.servlet.http.HttpServlet
        Throws:
        IOException
        javax.servlet.ServletException
      • doOptions

        public void doOptions​(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response)
                       throws javax.servlet.ServletException,
                              IOException
        Overrides:
        doOptions in class javax.servlet.http.HttpServlet
        Throws:
        javax.servlet.ServletException
        IOException
      • doGet

        public void doGet​(javax.servlet.http.HttpServletRequest request,
                          javax.servlet.http.HttpServletResponse response)
                   throws IOException,
                          javax.servlet.ServletException
        Description copied from class: HttpBaseServlet
        Redirects all HTTP GET requests to be handled by the doPost method of the extending class.
        Overrides:
        doGet in class HttpBaseServlet
        Parameters:
        request - HttpServletRequest object where details of the HTTP request are.
        response - HttpServletResponse object where the response will be written and returned to the user.
        Throws:
        IOException
        javax.servlet.ServletException
      • setCORSHeaders

        protected void setCORSHeaders​(javax.servlet.http.HttpServletRequest request,
                                      javax.servlet.http.HttpServletResponse response)
                               throws javax.servlet.ServletException,
                                      IOException
        Throws:
        javax.servlet.ServletException
        IOException
      • checkLicenseAndGo

        protected final void checkLicenseAndGo​(javax.servlet.http.HttpServletResponse res,
                                               VariablesSecureApp vars,
                                               String strUserAuth,
                                               String username,
                                               String sessionId)
                                        throws IOException,
                                               javax.servlet.ServletException
        Throws:
        IOException
        javax.servlet.ServletException
      • isBackOfficeLogin

        protected boolean isBackOfficeLogin()
        Is current login for a back-office session
      • getSessionType

        protected String getSessionType()
        Returns how the successful session will be marked in ad_session. It can be app specific.
      • isLoginAccessRestrictedInStoreServer

        protected boolean isLoginAccessRestrictedInStoreServer​(VariablesSecureApp vars)
        Returns true if the access to the current login handler should be restricted in the store servers
      • isErpAccessRestrictedInStoreServer

        protected boolean isErpAccessRestrictedInStoreServer()
        Checks if the RestrictErpAccessInStoreServer preference has been set to "Y". In that case, the access to the ERP will be restricted in store servers and only the System Admin role will be available