diff --git a/src/main/java/org/tb/mobile/LoginMobileAction.java b/src/main/java/org/tb/mobile/LoginMobileAction.java index a92d81d8a..c679c7c99 100644 --- a/src/main/java/org/tb/mobile/LoginMobileAction.java +++ b/src/main/java/org/tb/mobile/LoginMobileAction.java @@ -26,28 +26,10 @@ public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServlet boolean isValid = false; String username = request.getParameter("username"); String password = request.getParameter("password"); - Employee loginEmployee = employeeDAO.getLoginEmployee(username); + Employee employee = employeeDAO.getLoginEmployee(username); - boolean passwordMatches = loginEmployee != null && SecureHashUtils.passwordMatches( - password, - loginEmployee.getPassword() - ); - if (!passwordMatches) { - boolean legacyPasswordMatches = loginEmployee != null && SecureHashUtils.legacyPasswordMatches( - password, loginEmployee.getPassword() - ); - if (legacyPasswordMatches) { - // employee still has old password form - // store password again with new hashing algorithm - Employee em = employeeDAO.getEmployeeById(loginEmployee.getId()); - em.changePassword(password); - loginEmployee.changePassword(password); - employeeDAO.save(em, loginEmployee); - passwordMatches = true; - } - } - if (loginEmployee != null && passwordMatches) { - long employeeId = loginEmployee.getId(); + if (employee != null && SecureHashUtils.passwordMatches(password, employee.getPassword())) { + long employeeId = employee.getId(); isValid = true; Date date = new Date(); Long employeecontractId = employeecontractDAO.getEmployeeContractByEmployeeIdAndDate(employeeId, date).getId(); diff --git a/src/main/java/org/tb/util/SecureHashUtils.java b/src/main/java/org/tb/util/SecureHashUtils.java index e0a15af82..f4cf5b3b5 100644 --- a/src/main/java/org/tb/util/SecureHashUtils.java +++ b/src/main/java/org/tb/util/SecureHashUtils.java @@ -5,15 +5,14 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; -import org.tb.exception.LogicException; @Slf4j public class SecureHashUtils { - + private static final int COMPLEXITY = 10; - + private SecureHashUtils() {} - + public static String encodePassword(String password) { PasswordEncoder encoder = new BCryptPasswordEncoder(COMPLEXITY); return encoder.encode(password); @@ -24,10 +23,6 @@ public static boolean passwordMatches(String enteredPassword, String hashedPassw return encoder.matches(enteredPassword, hashedPassword); } - public static boolean legacyPasswordMatches(String enteredPassword, String md5HashedPassword) { - return makeMD5(enteredPassword).equals(md5HashedPassword); - } - /** * Makes a md5-hash for a given string. * @@ -43,8 +38,8 @@ public static String makeMD5(String text) { md = MessageDigest.getInstance("MD5"); // getting a 'MD5-Instance' encryptMsg = md.digest(text.getBytes()); // solving the MD5-Hash } catch (NoSuchAlgorithmException e) { - log.error("MD5 not supported!", e); - throw new LogicException("MD5 not supported", e); + System.out.println("No Such Algorithm Exception!"); + return ""; } String swap = ""; // swap-string for the result diff --git a/src/main/java/org/tb/web/action/LoginEmployeeAction.java b/src/main/java/org/tb/web/action/LoginEmployeeAction.java index 1d75365e6..2838ff334 100644 --- a/src/main/java/org/tb/web/action/LoginEmployeeAction.java +++ b/src/main/java/org/tb/web/action/LoginEmployeeAction.java @@ -1,44 +1,28 @@ package org.tb.web.action; -import java.text.SimpleDateFormat; -import java.util.Date; -import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import lombok.extern.slf4j.Slf4j; -import org.apache.struts.action.Action; -import org.apache.struts.action.ActionForm; -import org.apache.struts.action.ActionForward; -import org.apache.struts.action.ActionMapping; -import org.apache.struts.action.ActionMessage; -import org.apache.struts.action.ActionMessages; +import org.apache.struts.action.*; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.tb.GlobalConstants; -import org.tb.bdom.Employee; -import org.tb.bdom.Employeecontract; -import org.tb.bdom.Employeeorder; -import org.tb.bdom.Suborder; -import org.tb.bdom.Warning; +import org.tb.bdom.*; import org.tb.helper.AfterLogin; -import org.tb.persistence.CustomerorderDAO; -import org.tb.persistence.EmployeeDAO; -import org.tb.persistence.EmployeecontractDAO; -import org.tb.persistence.EmployeeorderDAO; -import org.tb.persistence.OvertimeDAO; -import org.tb.persistence.PublicholidayDAO; -import org.tb.persistence.StatusReportDAO; -import org.tb.persistence.SuborderDAO; -import org.tb.persistence.TimereportDAO; +import org.tb.persistence.*; import org.tb.util.SecureHashUtils; import org.tb.web.form.LoginEmployeeForm; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.List; + /** * Action class for the login of an employee * * @author oda, th */ -@Slf4j public class LoginEmployeeAction extends Action { - private static final String SYSTEM_SIGN = "system"; + private final static Logger LOG = LoggerFactory.getLogger(LoginEmployeeAction.class); private EmployeeDAO employeeDAO; private PublicholidayDAO publicholidayDAO; @@ -88,265 +72,252 @@ public void setPublicholidayDAO(PublicholidayDAO publicholidayDAO) { @Override public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { - log.trace("entering {}.{}() ...", getClass().getSimpleName(), Thread.currentThread().getStackTrace()[1].getMethodName()); + LOG.trace("entering {}.{}() ...", getClass().getSimpleName(), Thread.currentThread().getStackTrace()[1].getMethodName()); try { LoginEmployeeForm loginEmployeeForm = (LoginEmployeeForm) form; Employee loginEmployee = employeeDAO.getLoginEmployee(loginEmployeeForm.getLoginname()); - boolean passwordMatches = loginEmployee != null && SecureHashUtils.passwordMatches( - loginEmployeeForm.getPassword(), - loginEmployee.getPassword() - ); - if (!passwordMatches) { - boolean legacyPasswordMatches = loginEmployee != null && SecureHashUtils.legacyPasswordMatches( - loginEmployeeForm.getPassword(), loginEmployee.getPassword() - ); - if (legacyPasswordMatches) { - // employee still has old password form - // store password again with new hashing algorithm - Employee em = employeeDAO.getEmployeeById(loginEmployee.getId()); - em.changePassword(loginEmployeeForm.getPassword()); - loginEmployee.changePassword(loginEmployeeForm.getPassword()); - employeeDAO.save(em, loginEmployee); - } else { - return loginFailed(request, "form.login.error.unknownuser", mapping); + if (loginEmployee == null + || !SecureHashUtils.passwordMatches(loginEmployeeForm.getPassword(), loginEmployee.getPassword())) { + + ActionMessages errors = getErrors(request); + if (errors == null) { + errors = new ActionMessages(); } + errors.add(null, new ActionMessage("form.login.error.unknownuser")); + + saveErrors(request, errors); + return mapping.getInputForward(); + //return mapping.findForward("error"); } - // check if user is internal or extern - setEmployeeIsInternalAttribute(request); + // check if user is intern or extern + String clientIP = request.getRemoteHost(); + boolean intern = false; + if (clientIP.startsWith("10.") || + clientIP.startsWith("192.168.") || + clientIP.startsWith("172.16.") || + clientIP.startsWith("127.0.0.")) { + intern = true; + } + request.getSession().setAttribute("clientIntern", intern); Date date = new Date(); Employeecontract employeecontract = employeecontractDAO.getEmployeeContractByEmployeeIdAndDate(loginEmployee.getId(), date); if (employeecontract == null && !loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_ADM)) { - return loginFailed(request, "form.login.error.invalidcontract", mapping); + ActionMessages errors = getErrors(request); + if (errors == null) { + errors = new ActionMessages(); + } + errors.add(null, new ActionMessage("form.login.error.invalidcontract")); + + saveErrors(request, errors); + return mapping.getInputForward(); } request.getSession().setAttribute("loginEmployee", loginEmployee); String loginEmployeeFullName = loginEmployee.getFirstname() + " " + loginEmployee.getLastname(); request.getSession().setAttribute("loginEmployeeFullName", loginEmployeeFullName); request.getSession().setAttribute("report", "W"); + request.getSession().setAttribute("currentEmployeeId", loginEmployee.getId()); - request.getSession().setAttribute("employeeAuthorized", employeeHasAuthorization(loginEmployee)); + + if (loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_BL) || + loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_PV) || + loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_ADM)) { + request.getSession().setAttribute("employeeAuthorized", true); + } else { + request.getSession().setAttribute("employeeAuthorized", false); + } + + // not necessary at the moment + // if(employeeDAO.isAdmin(loginEmployee)) { + // request.getSession().setAttribute("admin", Boolean.TRUE); + // } // check if public holidays are available publicholidayDAO.checkPublicHolidaysForCurrentYear(); // check if employee has an employee contract and is has employee orders for all standard suborders + // Date date = new Date(); SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMdd"); - String dateString = simpleDateFormat.format(date); - date = simpleDateFormat.parse(dateString); + String dateString2 = simpleDateFormat.format(date); + date = simpleDateFormat.parse(dateString2); + // Employeecontract employeecontract = employeecontractDAO.getEmployeeContractByEmployeeIdAndDate(loginEmployee.getId(), date); if (employeecontract != null) { request.getSession().setAttribute("employeeHasValidContract", true); - handleEmployeeWithValidContract(request, loginEmployee, date, employeecontract, dateString); - } else { - request.getSession().setAttribute("employeeHasValidContract", false); - } - - // property passwordchange is set to true if password has been reset (username and password are equal) - // in this case show the password change site - if (Boolean.TRUE.equals(loginEmployee.getPasswordchange())) { - return mapping.findForward("password"); - } - - // create collection of employeecontracts - List employeecontracts = employeecontractDAO.getVisibleEmployeeContractsForEmployee(loginEmployee); - request.getSession().setAttribute("employeecontracts", employeecontracts); - - return mapping.findForward("success"); - } finally { - log.trace("leaving {}.{}() ...", getClass().getSimpleName(), Thread.currentThread().getStackTrace()[1].getMethodName()); - } - } - - private void handleEmployeeWithValidContract(HttpServletRequest request, Employee loginEmployee, Date date, - Employeecontract employeecontract, String dateString) { - // auto generate employee orders - if (!loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_ADM) && - Boolean.FALSE.equals(employeecontract.getFreelancer())) { - generateEmployeeOrders(date, employeecontract, dateString); - } - - if (employeecontract.getReportAcceptanceDate() == null) { - java.sql.Date validFromDate = employeecontract.getValidFrom(); - employeecontract.setReportAcceptanceDate(validFromDate); - // create tmp employee - Employee tmp = new Employee(); - tmp.setSign(SYSTEM_SIGN); - employeecontractDAO.save(employeecontract, tmp); - } - if (employeecontract.getReportReleaseDate() == null) { - java.sql.Date validFromDate = employeecontract.getValidFrom(); - employeecontract.setReportReleaseDate(validFromDate); - // create tmp employee - Employee tmp = new Employee(); - tmp.setSign(SYSTEM_SIGN); - employeecontractDAO.save(employeecontract, tmp); - } - // set used employee contract of login employee - request.getSession().setAttribute("loginEmployeeContract", employeecontract); - request.getSession().setAttribute("loginEmployeeContractId", employeecontract.getId()); - request.getSession().setAttribute("currentEmployeeContract", employeecontract); - - // get info about vacation, overtime and report status - request.getSession().setAttribute("releaseWarning", employeecontract.getReleaseWarning()); - request.getSession().setAttribute("acceptanceWarning", employeecontract.getAcceptanceWarning()); - - String releaseDate = employeecontract.getReportReleaseDateString(); - String acceptanceDate = employeecontract.getReportAcceptanceDateString(); - - request.getSession().setAttribute("releasedUntil", releaseDate); - request.getSession().setAttribute("acceptedUntil", acceptanceDate); - - AfterLogin.handleOvertime(employeecontract, employeeorderDAO, publicholidayDAO, timereportDAO, overtimeDAO, request.getSession()); - - // get warnings - Employeecontract loginEmployeeContract = (Employeecontract) request.getSession().getAttribute("loginEmployeeContract"); - List warnings = AfterLogin.createWarnings(employeecontract, loginEmployeeContract, employeeorderDAO, timereportDAO, statusReportDAO, customerorderDAO, getResources( - request), getLocale(request)); - if (!warnings.isEmpty()) { - request.getSession().setAttribute("warnings", warnings); - request.getSession().setAttribute("warningsPresent", true); - } else { - request.getSession().setAttribute("warningsPresent", false); - } - } - - private void setEmployeeIsInternalAttribute(HttpServletRequest request) { - String clientIP = request.getRemoteHost(); - boolean isInternal = clientIP.startsWith("10.") || - clientIP.startsWith("192.168.") || - clientIP.startsWith("172.16.") || - clientIP.startsWith("127.0.0."); - request.getSession().setAttribute("clientIntern", isInternal); - } - - private void generateEmployeeOrders(Date date, Employeecontract employeecontract, String dateString2) { - List standardSuborders = suborderDAO.getStandardSuborders(); - if (standardSuborders != null && !standardSuborders.isEmpty()) { - // test if employeeorder exists - for (Suborder suborder : standardSuborders) { - List employeeorders = employeeorderDAO - .getEmployeeOrderByEmployeeContractIdAndSuborderIdAndDate3( - employeecontract.getId(), suborder - .getId(), date); - if (employeeorders == null || employeeorders.isEmpty()) { - - // do not create an employeeorder for past years "URLAUB" ! - if (suborder.getCustomerorder().getSign().equals(GlobalConstants.CUSTOMERORDER_SIGN_VACATION) - && !dateString2.startsWith(suborder.getSign())) { - continue; - } - - // find latest untilDate of all employeeorders for this suborder - List invalidEmployeeorders = employeeorderDAO.getEmployeeOrdersByEmployeeContractIdAndSuborderId( - employeecontract.getId(), suborder.getId()); - Date dateUntil = null; - Date dateFrom = null; - for (Employeeorder eo : invalidEmployeeorders) { - - // employeeorder starts in the future - if (eo.getFromDate() != null && eo.getFromDate().after(date) - && (dateUntil == null || dateUntil.after(eo.getFromDate()))) { - - dateUntil = eo.getFromDate(); - continue; - } - - // employeeorder ends in the past - if (eo.getUntilDate() != null && eo.getUntilDate().before(date) - && (dateFrom == null || dateFrom.before(eo.getUntilDate()))) { - - dateFrom = eo.getUntilDate(); + // auto generate employee orders + if (!loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_ADM) && + !employeecontract.getFreelancer()) { + List standardSuborders = suborderDAO.getStandardSuborders(); + if (standardSuborders != null && standardSuborders.size() > 0) { + // test if employeeorder exists + for (Suborder suborder : standardSuborders) { + List employeeorders = employeeorderDAO + .getEmployeeOrderByEmployeeContractIdAndSuborderIdAndDate3( + employeecontract.getId(), suborder + .getId(), date); + if (employeeorders == null || employeeorders.isEmpty()) { + + // do not create an employeeorder for past years "URLAUB" ! + if (suborder.getCustomerorder().getSign().equals(GlobalConstants.CUSTOMERORDER_SIGN_VACATION) + && !dateString2.startsWith(suborder.getSign())) { + continue; + } + + // find latest untilDate of all employeeorders for this suborder + List invalidEmployeeorders = employeeorderDAO.getEmployeeOrdersByEmployeeContractIdAndSuborderId(employeecontract.getId(), suborder.getId()); + Date dateUntil = null; + Date dateFrom = null; + for (Employeeorder eo : invalidEmployeeorders) { + + // employeeorder starts in the future + if (eo.getFromDate() != null && eo.getFromDate().after(date)) { + if (dateUntil == null || dateUntil.after(eo.getFromDate())) { + dateUntil = eo.getFromDate(); + continue; + } + } + + // employeeorder ends in the past + if (eo.getUntilDate() != null && eo.getUntilDate().before(date)) { + if (dateFrom == null || dateFrom.before(eo.getUntilDate())) { + dateFrom = eo.getUntilDate(); + } + } + } + + // calculate time period + Date ecFromDate = employeecontract.getValidFrom(); + Date ecUntilDate = employeecontract.getValidUntil(); + Date soFromDate = suborder.getFromDate(); + Date soUntilDate = suborder.getUntilDate(); + Date fromDate = ecFromDate.before(soFromDate) ? soFromDate : ecFromDate; + + // fromDate should not be before the ending of the most recent contract + if (dateFrom != null && dateFrom.after(fromDate)) { + fromDate = dateFrom; + } + Date untilDate = null; + + if (ecUntilDate == null && soUntilDate == null) { + //untildate remains null + } else if (ecUntilDate == null) { + untilDate = soUntilDate; + } else if (soUntilDate == null) { + untilDate = ecUntilDate; + } else if (ecUntilDate.before(soUntilDate)) { + untilDate = ecUntilDate; + } else { + untilDate = soUntilDate; + } + + Employeeorder employeeorder = new Employeeorder(); + + java.sql.Date sqlFromDate = new java.sql.Date(fromDate.getTime()); + employeeorder.setFromDate(sqlFromDate); + + // untilDate should not overreach a future employee contract + if (untilDate == null) { + untilDate = dateUntil; + } else { + if (dateUntil != null && dateUntil.before(untilDate)) { + untilDate = dateUntil; + } + } + + if (untilDate != null) { + java.sql.Date sqlUntilDate = new java.sql.Date(untilDate.getTime()); + employeeorder.setUntilDate(sqlUntilDate); + } + if (suborder.getCustomerorder().getSign().equals(GlobalConstants.CUSTOMERORDER_SIGN_VACATION) + && !suborder.getSign().equalsIgnoreCase(GlobalConstants.SUBORDER_SIGN_OVERTIME_COMPENSATION)) { + employeeorder.setDebithours(employeecontract + .getDailyWorkingTime() + * employeecontract + .getVacationEntitlement()); + employeeorder.setDebithoursunit(GlobalConstants.DEBITHOURS_UNIT_TOTALTIME); + } else { + // not decided yet + } + employeeorder.setEmployeecontract(employeecontract); + employeeorder.setSign(" "); + employeeorder.setSuborder(suborder); + + // create tmp employee + Employee tmp = new Employee(); + tmp.setSign("system"); + + if (untilDate == null || !fromDate.after(untilDate)) { + employeeorderDAO.save(employeeorder, tmp); + } + + } } } + } + if (employeecontract.getReportAcceptanceDate() == null) { + java.sql.Date validFromDate = employeecontract.getValidFrom(); + employeecontract.setReportAcceptanceDate(validFromDate); + // create tmp employee + Employee tmp = new Employee(); + tmp.setSign("system"); + employeecontractDAO.save(employeecontract, tmp); + } + if (employeecontract.getReportReleaseDate() == null) { + java.sql.Date validFromDate = employeecontract.getValidFrom(); + employeecontract.setReportReleaseDate(validFromDate); + // create tmp employee + Employee tmp = new Employee(); + tmp.setSign("system"); + employeecontractDAO.save(employeecontract, tmp); + } + // set used employee contract of login employee + request.getSession().setAttribute("loginEmployeeContract", employeecontract); + request.getSession().setAttribute("loginEmployeeContractId", employeecontract.getId()); + request.getSession().setAttribute("currentEmployeeContract", employeecontract); - // calculate time period - Date ecFromDate = employeecontract.getValidFrom(); - Date ecUntilDate = employeecontract.getValidUntil(); - Date soFromDate = suborder.getFromDate(); - Date soUntilDate = suborder.getUntilDate(); - Date fromDate = ecFromDate.before(soFromDate) ? soFromDate : ecFromDate; + // get info about vacation, overtime and report status + request.getSession().setAttribute("releaseWarning", employeecontract.getReleaseWarning()); + request.getSession().setAttribute("acceptanceWarning", employeecontract.getAcceptanceWarning()); - // fromDate should not be before the ending of the most recent contract - if (dateFrom != null && dateFrom.after(fromDate)) { - fromDate = dateFrom; - } - Date untilDate = null; - - if (ecUntilDate == null && soUntilDate == null) { - //untildate remains null - } else if (ecUntilDate == null) { - untilDate = soUntilDate; - } else if (soUntilDate == null) { - untilDate = ecUntilDate; - } else if (ecUntilDate.before(soUntilDate)) { - untilDate = ecUntilDate; - } else { - untilDate = soUntilDate; - } + String releaseDate = employeecontract.getReportReleaseDateString(); + String acceptanceDate = employeecontract.getReportAcceptanceDateString(); - Employeeorder employeeorder = new Employeeorder(); + request.getSession().setAttribute("releasedUntil", releaseDate); + request.getSession().setAttribute("acceptedUntil", acceptanceDate); - java.sql.Date sqlFromDate = new java.sql.Date(fromDate.getTime()); - employeeorder.setFromDate(sqlFromDate); + AfterLogin.handleOvertime(employeecontract, employeeorderDAO, publicholidayDAO, timereportDAO, overtimeDAO, request.getSession()); - // untilDate should not overreach a future employee contract - if (untilDate == null) { - untilDate = dateUntil; - } else { - if (dateUntil != null && dateUntil.before(untilDate)) { - untilDate = dateUntil; - } - } + // get warnings + Employeecontract loginEmployeeContract = (Employeecontract) request.getSession().getAttribute("loginEmployeeContract"); + List warnings = AfterLogin.createWarnings(employeecontract, loginEmployeeContract, employeeorderDAO, timereportDAO, statusReportDAO, customerorderDAO, getResources(request), getLocale(request)); - if (untilDate != null) { - java.sql.Date sqlUntilDate = new java.sql.Date(untilDate.getTime()); - employeeorder.setUntilDate(sqlUntilDate); - } - if (suborder.getCustomerorder().getSign().equals(GlobalConstants.CUSTOMERORDER_SIGN_VACATION) - && !suborder.getSign().equalsIgnoreCase(GlobalConstants.SUBORDER_SIGN_OVERTIME_COMPENSATION)) { - employeeorder.setDebithours(employeecontract - .getDailyWorkingTime() - * employeecontract - .getVacationEntitlement()); - employeeorder.setDebithoursunit(GlobalConstants.DEBITHOURS_UNIT_TOTALTIME); - } else { - // not decided yet - } - employeeorder.setEmployeecontract(employeecontract); - employeeorder.setSign(" "); - employeeorder.setSuborder(suborder); - - // create tmp employee - Employee tmp = new Employee(); - tmp.setSign(SYSTEM_SIGN); + if (!warnings.isEmpty()) { + request.getSession().setAttribute("warnings", warnings); + request.getSession().setAttribute("warningsPresent", true); + } else { + request.getSession().setAttribute("warningsPresent", false); + } - if (untilDate == null || !fromDate.after(untilDate)) { - employeeorderDAO.save(employeeorder, tmp); - } + } else { + request.getSession().setAttribute("employeeHasValidContract", false); + } - } + // show change password site, if password equals username + if (loginEmployee.getPasswordchange()) { + return mapping.findForward("password"); } - } - } - private boolean employeeHasAuthorization(Employee loginEmployee) { - return loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_BL) || - loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_PV) || - loginEmployee.getStatus().equalsIgnoreCase(GlobalConstants.EMPLOYEE_STATUS_ADM); - } + // create collection of employeecontracts + List employeecontracts = employeecontractDAO.getVisibleEmployeeContractsForEmployee(loginEmployee); + request.getSession().setAttribute("employeecontracts", employeecontracts); - private ActionForward loginFailed(HttpServletRequest request, String key, ActionMapping mapping) { - ActionMessages errors = getErrors(request); - if (errors == null) { - errors = new ActionMessages(); + return mapping.findForward("success"); + } finally { + LOG.trace("leaving {}.{}() ...", getClass().getSimpleName(), Thread.currentThread().getStackTrace()[1].getMethodName()); } - errors.add(null, new ActionMessage(key)); - - saveErrors(request, errors); - return mapping.getInputForward(); } }