1 package org.apache.turbine.modules.actions;
2
3 /* ====================================================================
4 * The Apache Software License, Version 1.1
5 *
6 * Copyright (c) 2001 The Apache Software Foundation. All rights
7 * reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. The end-user documentation included with the redistribution,
22 * if any, must include the following acknowledgment:
23 * "This product includes software developed by the
24 * Apache Software Foundation (http://www.apache.org/)."
25 * Alternately, this acknowledgment may appear in the software itself,
26 * if and wherever such third-party acknowledgments normally appear.
27 *
28 * 4. The names "Apache" and "Apache Software Foundation" and
29 * "Apache Turbine" must not be used to endorse or promote products
30 * derived from this software without prior written permission. For
31 * written permission, please contact apache@apache.org.
32 *
33 * 5. Products derived from this software may not be called "Apache",
34 * "Apache Turbine", nor may "Apache" appear in their name, without
35 * prior written permission of the Apache Software Foundation.
36 *
37 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
38 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
39 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
40 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
43 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
44 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
46 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
47 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
48 * SUCH DAMAGE.
49 * ====================================================================
50 *
51 * This software consists of voluntary contributions made by many
52 * individuals on behalf of the Apache Software Foundation. For more
53 * information on the Apache Software Foundation, please see
54 * <http://www.apache.org/>.
55 */
56
57 // Turbine Classes
58 import org.apache.turbine.TurbineConstants;
59 import org.apache.turbine.modules.Action;
60 import org.apache.turbine.om.security.User;
61 import org.apache.turbine.services.resources.TurbineResources;
62 import org.apache.turbine.services.security.TurbineSecurity;
63 import org.apache.turbine.util.RunData;
64 import org.apache.turbine.util.security.AccessControlList;
65
66 /***
67 * This action removes a user from the session. It makes sure to save
68 * the User object in the session.
69 *
70 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
71 * @version $Id: LogoutUser.java,v 1.2 2002/07/11 16:53:30 mpoeschl Exp $
72 */
73 public class LogoutUser extends Action
74 {
75 /***
76 * Clears the RunData user object back to an anonymous status not
77 * logged in, and with a null ACL. If the tr.props ACTION_LOGIN
78 * is anthing except "LogoutUser", flow is transfered to the
79 * SCREEN_HOMEPAGE
80 *
81 * If this action name is the value of action.logout then we are
82 * being run before the session validator, so we don't need to
83 * set the screen (we assume that the session validator will handle
84 * that). This is basically still here simply to preserve old behaviour
85 * - it is recommended that action.logout is set to "LogoutUser" and
86 * that the session validator does handle setting the screen/template
87 * for a logged out (read not-logged-in) user.
88 *
89 * @param data Turbine information.
90 * @exception Exception, a generic exception.
91 */
92 public void doPerform(RunData data)
93 throws Exception
94 {
95 User user = data.getUser();
96
97 if (user != null)
98 {
99 // Make sure that the user has really logged in...
100 if (!user.hasLoggedIn())
101 return;
102
103 user.setHasLoggedIn(new Boolean(false));
104 TurbineSecurity.saveUser( user );
105 }
106
107 data.setMessage(TurbineResources.getString(
108 TurbineConstants.LOGOUT_MESSAGE));
109
110 // This will cause the acl to be removed from the session in
111 // the Turbine servlet code.
112 data.setACL(null);
113
114 // Retrieve an anonymous user.
115 data.setUser(TurbineSecurity.getAnonymousUser());
116 data.save();
117
118 // In the event that the current screen or related navigations
119 // require acl info, we cannot wait for Turbine to handle
120 // regenerating acl.
121 data.getSession().removeValue(AccessControlList.SESSION_KEY);
122
123 // If this action name is the value of action.logout then we are
124 // being run before the session validator, so we don't need to
125 // set the screen (we assume that the session validator will handle
126 // that). This is basically still here simply to preserve old behaviour
127 // - it is recommended that action.logout is set to "LogoutUser" and
128 // that the session validator does handle setting the screen/template
129 // for a logged out (read not-logged-in) user.
130 if (!TurbineResources.getString(TurbineConstants.ACTION_LOGOUT, "")
131 .equals("LogoutUser"))
132 {
133 data.setScreen(TurbineResources.getString(
134 TurbineConstants.SCREEN_HOMEPAGE));
135 }
136 }
137 }
This page was automatically generated by Maven