+ // user has been authenticated, now take them to the welcome or redirection page
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("redirect:welcome.htm");
+ } else {
+ return new ModelAndView("redirect:"
+ + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length()));
+ }
+ }
+ }
+
+ @Override
+ public ModelAndView doExternalLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
+
+ invalidateExistingSession(request);
+
+ LoginBean commandBean = new LoginBean();
+ String loginId = request.getParameter("loginId");
+ String password = request.getParameter("password");
+ String redirectUrl = request.getParameter("redirectUrl");
+ commandBean.setLoginId(loginId);
+ commandBean.setLoginPwd(password);
+ commandBean.setUserid(loginId);
+ commandBean = loginService.findUser(commandBean,
+ (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), new HashMap());
+ List<RoleFunction> roleFunctionList = roleService.getRoleFunctions(loginId);
+
+ try {
+ if (commandBean.getUser() == null
+ || !CipherUtil.decryptPKC(commandBean.getUser().getLoginPwd(), System.getenv("ENCRYPTION_KEY"))
+ .equals(password)) {
+ String loginErrorMessage = (commandBean.getLoginErrorMessage() != null)
+ ? commandBean.getLoginErrorMessage()
+ : "login.error.external.invalid";
+ Map<String, String> model = new HashMap<>();
+ model.put("error", loginErrorMessage);
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("login_external", "model", model);
+ } else {
+ return new ModelAndView(
+ "redirect:login_external.htm?redirectUrl=" + request.getParameter("redirectUrl"));
+ }
+ } else {
+ // store the currently logged in user's information in the session
+ UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
+ commandBean.getBusinessDirectMenu(),
+ SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
+ initateSessionMgtHandler(request);
+ // user has been authenticated, now take them to the welcome or redirection page
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("redirect:welcome.htm");
+ } else {
+ return new ModelAndView("redirect:"
+ + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length()));
+ }
+ }
+ } catch (CipherUtilException e) {
+ LOGGER.error(EELFLoggerDelegate.errorLogger, "Error in Cipher." + UserUtils.getStackTrace(e));
+ // store the currently logged in user's information in the session
+ UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
+ commandBean.getBusinessDirectMenu(),
+ SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
+ initateSessionMgtHandler(request);
+ // user has been authenticated, now take them to the welcome or redirection page
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("redirect:welcome.htm");
+ } else {
+ return new ModelAndView("redirect:"
+ + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length()));
+ }