Author: DavidK Date: 2010-02-13 09:47:08 +0100 (Sat, 13 Feb 2010) New Revision: 1717 Modified: trunk/server/webServer2/JavaSource/cz/elvys/webServer/beans/UserBean.java Log: login slightly tuned .. Modified: trunk/server/webServer2/JavaSource/cz/elvys/webServer/beans/UserBean.java =================================================================== --- trunk/server/webServer2/JavaSource/cz/elvys/webServer/beans/UserBean.java 2010-02-12 17:15:13 UTC (rev 1716) +++ trunk/server/webServer2/JavaSource/cz/elvys/webServer/beans/UserBean.java 2010-02-13 08:47:08 UTC (rev 1717) @@ -31,6 +31,8 @@ // messages private static final String LOGGED_IN = "User logged in: "; + private static final String TOO_MANY_USERS_FOUND = "Too many users with same credentials found in DB: "; + private static final String NOT_FOUND = "User not found in DB: "; public static enum Competency {SUPERADMIN, ADMIN, USER}; @@ -199,8 +201,13 @@ throw new Error("User couldn't be obtained from DB",e); } + // prepare info about remote host + ServletRequest req = (ServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest(); + String ip = req.getRemoteAddr(); + String host = req.getRemoteHost(); String whatToReturn = null; + // check the result of search for user if (users.size() == 1) { whatToReturn = "success"; user = users.get(0); @@ -233,10 +240,6 @@ } // print log message about logged user - ServletRequest req = (ServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest(); - String ip = req.getRemoteAddr(); - String host = req.getRemoteHost(); - String message = CommonUtils.prepareErrorMessage(LOGGED_IN, "user", user.getUsername(), "company", user.getCompany().getName(), "ip", ip, "host", host); log.info(message); }else{ @@ -247,12 +250,22 @@ MessageUtils.processValidationMessage(holder); } + } else if (users.size()>1) { + // too many users with same credentials found in DB + whatToReturn = "failure"; + ValidationMessageHolder holder = MessageUtils.prepareValidationMessageHolder( + "LoginForm:UsernameField", "login.bad"); + MessageUtils.processValidationMessage(holder); + String message = CommonUtils.prepareErrorMessage(TOO_MANY_USERS_FOUND, "user", formUsername, "count", users.size(), "ip", ip, "host", host); + log.error(message); } else { // proper user hasn't been found in DB whatToReturn = "failure"; ValidationMessageHolder holder = MessageUtils.prepareValidationMessageHolder( "LoginForm:UsernameField", "login.bad"); MessageUtils.processValidationMessage(holder); + String message = CommonUtils.prepareErrorMessage(NOT_FOUND, "user", formUsername, "ip", ip, "host", host); + log.debug(message); } return whatToReturn;