1    package com.instantbank.collections.main.web;
2    
3    import java.io.ByteArrayInputStream;
4    import java.io.IOException;
5    import java.util.Enumeration;
6    import javax.servlet.RequestDispatcher;
7    import javax.servlet.ServletConfig;
8    import javax.servlet.ServletContext;
9    import javax.servlet.ServletException;
10   import javax.servlet.http.HttpServlet;
11   import javax.servlet.http.HttpServletRequest;
12   import javax.servlet.http.HttpServletResponse;
13   import javax.servlet.http.HttpSession;
14   import javax.ejb.FinderException;
15   import oracle.xml.parser.v2.DOMParser;
16   import oracle.xml.parser.v2.XMLDocument;
17   import oracle.xml.parser.v2.XMLParseException;
18   import oracle.xml.parser.v2.XSLException;
19   import org.xml.sax.SAXException;
20   import com.instantbank.collections.security.ejb.SecurityServices;
21   import com.instantbank.collections.security.ejb.SecurityServicesHome;
22   import com.instantbank.collections.util.DateUtils;
23   import com.instantbank.collections.util.InstantbankException;
24   import com.instantbank.collections.util.ServiceLocator;
25   
26   public class HomePageController extends HttpServlet {
27     private String dataSource;
28     private String debug;
29     private String jndiEjbPath;
30     private String providerUrl;
31     private SecurityServices SecServices;
32     private HttpSession session;
33     private String typeSel;
34   
35   
36     public void init(ServletConfig config) throws ServletException {
37       super.init(config);
38       try {
39         ServletContext sc = getServletConfig().getServletContext();
40         dataSource = sc.getInitParameter("datasource");
41         providerUrl = sc.getInitParameter("providerUrl");
42         jndiEjbPath = sc.getInitParameter("jndiEjbPath");
43         ServiceLocator.instance().setDataSource(dataSource);
44         ServiceLocator.instance().setJndiEjbPath(jndiEjbPath);
45         ServiceLocator.instance().setProviderUrl(providerUrl);
46   
47         SecurityServicesHome SecHome = (SecurityServicesHome)
48           ServiceLocator.instance().createEJB("SecurityServicesHome", SecurityServicesHome.class, false);
49         SecServices = SecHome.create();
50   
51       }
52       catch(Exception e) {
53         throw new ServletException(e);
54       }
55     }
56   
57   
58     public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
59       doPost(request, response);
60     }
61   
62   
63     public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
64       String action;
65   
66       try {
67         session = request.getSession(false);
68         action = request.getParameter("action");
69         try {
70           if(action.equals("Home")) {
71             Home(request, response);
72           }
73           else if(action.equals("Logout")) {
74             Logout(request, response);
75           }
76           else {
77             throw new InstantbankException("000001", "Action " + action + " not supported");
78           }
79         }
80         catch(Exception e) {
81           throw new InstantbankException(e, "000002", "Failed to execute action " + action);
82         }
83       }
84       catch(InstantbankException e) {
85         session.setAttribute("Exception", e);
86         response.sendRedirect("../main_web/ControllerError.jsp?showTechnical=0");
87       }
88     }
89   
90   
91     public String getServletInfo() {
92       return "com.instantbank.collections.basicInfo.web.UserGroupsMaintenanceController Information";
93     }
94   
95   
96     private void Home(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, FinderException, Exception {
97       String attr;
98       XMLDocument doc;
99       String firstTime;
100      Boolean isAttr = new Boolean(false);
101      String nodeValue;
102      HttpSession session;
103      String userAlias;
104      Long userStatus;
105      String version;
106      String xml;
107      Long companySessionTime;
108      java.util.Date beginTime;
109      ServletContext sc = null;
110  
111      session = request.getSession(true);
112  
113      Enumeration AttributeNames = session.getAttributeNames();
114      while(AttributeNames.hasMoreElements()) {
115        attr = (String)AttributeNames.nextElement();
116        if(attr.equals("firstTime")) {
117          isAttr = new Boolean(true);
118        }
119      }
120  
121      if((!session.isNew()) && (isAttr.equals(new Boolean(false)))) {
122        sc = getServletConfig().getServletContext();
123        version = sc.getInitParameter("version");
124        session.setAttribute("firstTime", "true");
125        session.setAttribute("version", version);
126        userAlias = session.getAttribute("_wl_authuser_").toString();
127        xml = SecServices.getSessionInfo(userAlias);
128        doc = parseInfo(xml);
129        nodeValue = doc.valueOf("/Session/userid");
130        session.setAttribute("userId", new Long(nodeValue));
131        nodeValue = doc.valueOf("/Session/status");
132        session.setAttribute("userStatus", new Long(nodeValue));
133        nodeValue = doc.valueOf("/Session/companyid");
134        if(nodeValue.equals("")) {
135          nodeValue = "0";
136        }
137        session.setAttribute("companyId", new Long(nodeValue));
138        companySessionTime = SecServices.getCompanySessionTime(new Long(nodeValue));
139        session.setAttribute("sessionInitialTime", DateUtils.rightNow());
140        session.setAttribute("companySessionTime", companySessionTime);
141        session.setAttribute("companyName", doc.valueOf("/Session/companyname"));
142        session.setAttribute("userName", doc.valueOf("/Session/username"));
143        nodeValue = doc.valueOf("/Session/groupid");
144        if(nodeValue.equals("")) {
145          nodeValue = "0";
146        }
147        session.setAttribute("groupId", new Long(nodeValue));
148        session.setAttribute("orderLetter", doc.valueOf("/Session/orderletter"));
149        session.setAttribute("actionCode", doc.valueOf("/Session/actioncode"));
150        session.setAttribute("resultCode", doc.valueOf("/Session/resultcode"));
151        session.setAttribute("sessionXmlStr", "<session><companyId>" + ((Long)session.getAttribute("companyId")).toString() + "</companyId><userId>" + ((Long)session.getAttribute("userId")).toString() + "</userId></session>");
152        session.setAttribute("actualQueue", new Long("1"));
153        session.setAttribute("actualFirstQueue", new Long("1"));
154  
155        SecServices.setSessionSuccessfull((Long)session.getAttribute("userId"));
156      }
157      else {
158        userAlias = session.getAttribute("_wl_authuser_").toString();
159        xml = SecServices.getSessionInfo(userAlias);
160        doc = parseInfo(xml);
161        nodeValue = doc.valueOf("/Session/status");
162        session.setAttribute("userStatus", new Long(nodeValue));
163      }
164  
165      session.setAttribute("hasException", "0");
166      session.setAttribute("optionCollections", "0");
167      session.setAttribute("optionCompany", "0");
168      sc = getServletConfig().getServletContext();
169      userStatus = (Long)session.getAttribute("userStatus");
170  
171      if(userStatus.equals(new Long(3))) {
172        RequestDispatcher rd = sc.getRequestDispatcher("/security_web/SecurityDispatcher.jsp?useCase=ChangePassword");
173        rd.forward(request, response);
174      }
175      else {
176        RequestDispatcher rd = sc.getRequestDispatcher("/main_web/index.jsp");
177        rd.forward(request, response);
178      }
179    }
180  
181  
182    private void Logout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, FinderException, Exception {
183      String xml;
184      HttpSession session;
185      String UserAlias;
186      XMLDocument doc;
187  
188      session = request.getSession();
189  
190      session.invalidate();
191      //emptyHttpSession(session);
192  
193      ServletContext sc = getServletConfig().getServletContext();
194      RequestDispatcher rd = sc.getRequestDispatcher("/main_web/LoginPageController?action=initializeLogout");
195      //RequestDispatcher rd = sc.getRequestDispatcher("/main_web/HomePageController?action=Home");
196      rd.forward(request, response);
197    }
198  
199  
200    public XMLDocument parseInfo(String data) throws XMLParseException, XSLException, SAXException, IOException {
201      DOMParser docParser = new DOMParser();
202      ByteArrayInputStream stream;
203      XMLDocument xmlDoc;
204  
205      xmlDoc = null;
206      stream = new ByteArrayInputStream(data.getBytes());
207      docParser.setValidationMode(false);
208      docParser.parse(stream);
209      xmlDoc = docParser.getDocument();
210      return xmlDoc;
211    }
212  
213  
214    /**
215     * Routine to empty out all session objects
216     *
217     * @param session Description of the Parameter
218     */
219    public static final void emptyHttpSession(HttpSession session) {
220      // Stopped invalidating session; instead, remove each object
221      Enumeration enum = session.getAttributeNames();
222      while(enum.hasMoreElements()) {
223        String name = (String)enum.nextElement();
224  
225        // Debug
226        if(name.compareToIgnoreCase("userId") == 0 || name.startsWith("userName") || name.startsWith("firstTime")) {
227          if(name.startsWith("userId")) {
228            Long lAttrib = (Long)session.getAttribute(name);
229            //debug.println("===> Session = " + name + " : " + lAttrib.toString());
230          }
231          else {
232            String sAttrib = (String)session.getAttribute(name);
233            //debug.println("===> Session = " + name + " : " + sAttrib);
234          }
235        }
236  
237        // Don't remove WebLogic attributes
238        //if (!name.startsWith("_") && (name.indexOf("session",0) == -1) && !name.startsWith("company") && !name.startsWith("userStatus"))
239        if(!name.startsWith("companySessionTime") && !name.startsWith("sessionInitialTime") && !name.startsWith("companyId")) {
240          session.removeAttribute(name);
241          //System.out.println("===> Removing session attrib: " + name);
242        }
243      }
244    }
245  }
246  
247