/* Copyright 2005 Yale University. All rights reserved. * * THIS SOFTWARE IS PROVIDED "AS IS," AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ARE EXPRESSLY * DISCLAIMED. IN NO EVENT SHALL YALE UNIVERSITY OR ITS EMPLOYEES BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED, THE COSTS OF * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA OR * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH * DAMAGE. * * Redistribution and use of this software in source or binary forms, * with or without modification, are permitted, provided that the * following conditions are met: * * 1. Any redistribution must include the above copyright notice and * disclaimer and this list of conditions in any related documentation * and, if feasible, in the redistributed software. * * 2. Any redistribution must include the acknowledgment, "This product * includes software developed by Yale University," in any related * documentation and, if feasible, in the redistributed software. * * 3. The names "Yale" and "Yale University" must not be used to endorse * or promote products derived from this software. * */ package edu.yale.its.portal.security.provider; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.jasig.portal.security.IPerson; import org.jasig.portal.security.PortalSecurityException; /** * @author susan.bramhall@yale.edu * @version $Revision: 1.4 $ * @date Jun 13, 2005 * * ESUP patch for Rennes 1 : remove remote_addr and DB access * VR : 09/01/2009 * */ public class YalePersonManager extends org.jasig.portal.security.provider.SimplePersonManager { private static final Log log = LogFactory.getLog(YalePersonManager.class); /** * Retrieve an IPerson object for the incoming request * @param request the servlet request object * @return the IPerson object for the incoming request */ public IPerson getPerson (HttpServletRequest request) throws PortalSecurityException { HttpSession session = request.getSession(false); YalePersonImpl person = null; // Return the person object if it exists in the user's session if (session != null) { person = (YalePersonImpl)session.getAttribute(PERSON_SESSION_KEY); } if (person != null) { return super.getPerson(request); } // if the session is new then we check location to determine which guest user to be. // use YalePersonFactory.createGuestUser(userName) to create specific guest user // see if the profile was cached /* if the request has uP_guest * parameter then use the requested guestUserName. * Otherwise use default ("guest") */ String requestedGuestUsername = request.getParameter("uP_guest"); log.debug( "YalePersonManager.getPerson creating guest with username : " + requestedGuestUsername); try { if (requestedGuestUsername!=null) person = YalePersonFactory.createGuestPerson(requestedGuestUsername); else { person = (YalePersonImpl) YalePersonFactory.createGuestPerson(); } } catch (Exception e) { throw new PortalSecurityException("Exception creating guest person", e); } // Add this person object to the user's session if (person != null && session != null) { session.setAttribute(PERSON_SESSION_KEY, person); } // Don't return null to trusting caller. Throw exception instead. if (person==null) { throw new PortalSecurityException("YalePersonManager failed to create guest person"); } return person; } }