View Javadoc
1   /*
2    * Copyright (c) 2002-2015, Mairie de Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.web.user;
35  
36  import fr.paris.lutece.portal.business.user.AdminUser;
37  import fr.paris.lutece.portal.business.user.AdminUserHome;
38  import fr.paris.lutece.portal.business.user.authentication.LuteceDefaultAdminUser;
39  import fr.paris.lutece.portal.business.user.log.UserLog;
40  import fr.paris.lutece.portal.business.user.log.UserLogHome;
41  import fr.paris.lutece.portal.business.user.parameter.DefaultUserParameterHome;
42  import fr.paris.lutece.portal.service.admin.AdminAuthenticationService;
43  import fr.paris.lutece.portal.service.admin.AdminUserService;
44  import fr.paris.lutece.portal.service.i18n.I18nService;
45  import fr.paris.lutece.portal.service.init.AppInfo;
46  import fr.paris.lutece.portal.service.mail.MailService;
47  import fr.paris.lutece.portal.service.message.AdminMessage;
48  import fr.paris.lutece.portal.service.message.AdminMessageService;
49  import fr.paris.lutece.portal.service.portal.PortalService;
50  import fr.paris.lutece.portal.service.spring.SpringContextService;
51  import fr.paris.lutece.portal.service.template.AppTemplateService;
52  import fr.paris.lutece.portal.service.util.AppHTTPSService;
53  import fr.paris.lutece.portal.service.util.AppLogService;
54  import fr.paris.lutece.portal.service.util.AppPathService;
55  import fr.paris.lutece.portal.service.util.AppPropertiesService;
56  import fr.paris.lutece.portal.web.constants.Messages;
57  import fr.paris.lutece.portal.web.constants.Parameters;
58  import fr.paris.lutece.portal.web.l10n.LocaleService;
59  import fr.paris.lutece.util.ReferenceList;
60  import fr.paris.lutece.util.html.HtmlTemplate;
61  import fr.paris.lutece.util.http.SecurityUtil;
62  import fr.paris.lutece.util.password.IPasswordFactory;
63  import fr.paris.lutece.util.string.StringUtil;
64  import fr.paris.lutece.util.url.UrlItem;
65  
66  import org.apache.commons.lang.StringUtils;
67  
68  import java.io.Serializable;
69  
70  import java.util.Collection;
71  import java.util.Enumeration;
72  import java.util.HashMap;
73  import java.util.Locale;
74  import java.util.Map;
75  
76  import javax.security.auth.login.FailedLoginException;
77  import javax.security.auth.login.LoginException;
78  
79  import javax.servlet.http.HttpServletRequest;
80  import javax.servlet.http.HttpSession;
81  
82  
83  /**
84   * This class provides the user interface to manage login features ( login,
85   * logout, ... )
86   */
87  public class AdminLoginJspBean implements Serializable
88  {
89      /**
90       * Serial version UID
91       */
92      private static final long serialVersionUID = 1437296329596757569L;
93  
94      // //////////////////////////////////////////////////////////////////////////
95      // Constants
96      private static final String CONSTANT_EMAIL_DELIMITER = ";";
97      private static final String CONSTANT_EMPTY_STRING = "";
98      private static final String CONSTANT_SLASH = "/";
99      private static final String CONSTANT_HTTP = "http";
100     private static final String REGEX_ID = "^[\\d]+$";
101 
102     // Jsp
103     private static final String JSP_URL_MODIFY_DEFAULT_USER_PASSOWRD = "jsp/admin/user/ModifyDefaultUserPassword.jsp";
104     private static final String JSP_URL_FORM_CONTACT = "AdminFormContact.jsp";
105     private static final String JSP_URL_DO_ADMIN_LOGIN = "jsp/admin/DoAdminLogin.jsp";
106     private static final String JSP_URL_ADMIN_LOGIN = "jsp/admin/AdminLogin.jsp";
107 
108     // Templates
109     private static final String TEMPLATE_ADMIN_LOGIN = "admin/admin_login.html";
110     private static final String TEMPLATE_ADMIN_FORGOT_PASSWORD = "admin/admin_forgot_password.html";
111     private static final String TEMPLATE_ADMIN_FORGOT_LOGIN = "admin/admin_forgot_login.html";
112     private static final String TEMPLATE_ADMIN_FORM_CONTACT = "admin/admin_form_contact.html";
113     private static final String TEMPLATE_ADMIN_EMAIL_FORGOT_PASSWORD = "admin/admin_email_forgot_password.html";
114     private static final String TEMPLATE_ADMIN_EMAIL_FORGOT_LOGIN = "admin/admin_email_forgot_login.html";
115 
116     // Markers
117     private static final String MARK_PARAMS_LIST = "params_list";
118     private static final String MARK_FORGOT_PASSWORD_URL = "forgot_password_url";
119     private static final String MARK_FORGOT_LOGIN_URL = "forgot_login_url";
120     private static final String MARK_PARAM_VERSION = "version";
121     private static final String MARK_SITE_NAME = "site_name";
122     private static final String MARK_NEW_PASSWORD = "new_password";
123     private static final String MARK_LOGIN_URL = "login_url";
124     private static final String MARK_DO_ADMIN_LOGIN_URL = "do_admin_login_url";
125     private static final String MARK_SITE_LINK = "site_link";
126     private static final String MARK_LOGIN = "login";
127     private static final String SESSION_ATTRIBUTE_USER = "lutece_admin_user"; // Used by all JSP
128 
129     // parameters
130     private static final String PARAMETER_MESSAGE = "message_contact";
131     private static final String PARAMETER_FORCE_CHANGE_PASSWORD_REINIT = "force_change_password_reinit";
132 
133     // I18n message keys
134     private static final String MESSAGE_SENDING_SUCCESS = "portal.admin.message.admin_forgot_password.sendingSuccess";
135     private static final String MESSAGE_ADMIN_SENDING_SUCCESS = "portal.admin.message.admin_form_contact.sendingSuccess";
136     private static final String MESSAGE_EMAIL_SUBJECT = "portal.admin.admin_forgot_password.email.subject";
137     private static final String MESSAGE_FORGOT_LOGIN_EMAIL_SUBJECT = "portal.admin.admin_forgot_login.email.subject";
138     private static final String MESSAGE_FORGOT_LOGIN_SENDING_SUCCESS = "portal.admin.message.admin_forgot_login.sendingSuccess";
139     private static final String MESSAGE_EMAIL_ADMIN_SUBJECT = "portal.admin.admin_form_contact.email.subject";
140     private static final String MESSAGE_WRONG_EMAIL_FORMAT = "portal.admin.message.admin_forgot_login.wrongEmailFormat";
141 
142     // Properties
143     private static final String PROPERTY_LEVEL = "askPasswordReinitialization.admin.level";
144 
145     /**
146      * Returns the view of login form
147      *
148      * @param request The request
149      * @return The HTML form
150      */
151     public String getLogin( HttpServletRequest request )
152     {
153         HashMap<String, Object> model = new HashMap<String, Object>(  );
154 
155         // Invalidate a previous session
156         HttpSession session = request.getSession(  );
157 
158         if ( session != null )
159         {
160             session.removeAttribute( SESSION_ATTRIBUTE_USER );
161             // Put real base url in session
162             request.getSession(  ).setAttribute( AppPathService.SESSION_BASE_URL, AppPathService.getBaseUrl( request ) );
163         }
164 
165         Locale locale = AdminUserService.getLocale( request );
166 
167         Enumeration<String> enumParams = request.getParameterNames(  );
168         ReferenceList listParams = new ReferenceList(  );
169         String strParamName;
170 
171         while ( enumParams.hasMoreElements(  ) )
172         {
173             strParamName = enumParams.nextElement(  );
174 
175             String strParamValue = request.getParameter( strParamName );
176             listParams.addItem( strParamName, strParamValue );
177         }
178 
179         StringBuilder sbUrl = new StringBuilder(  );
180 
181         if ( AppHTTPSService.isHTTPSSupportEnabled(  ) )
182         {
183             sbUrl.append( AppHTTPSService.getHTTPSUrl( request ) );
184         }
185         else
186         {
187             sbUrl.append( AppPathService.getBaseUrl( request ) );
188         }
189 
190         if ( !sbUrl.toString(  ).endsWith( CONSTANT_SLASH ) )
191         {
192             sbUrl.append( CONSTANT_SLASH );
193         }
194 
195         sbUrl.append( JSP_URL_DO_ADMIN_LOGIN );
196 
197         model.put( MARK_PARAM_VERSION, AppInfo.getVersion(  ) );
198         model.put( MARK_SITE_NAME, PortalService.getSiteName(  ) );
199         model.put( MARK_PARAMS_LIST, listParams );
200         model.put( MARK_FORGOT_PASSWORD_URL, AdminAuthenticationService.getInstance(  ).getLostPasswordPageUrl(  ) );
201         model.put( MARK_FORGOT_LOGIN_URL, AdminAuthenticationService.getInstance(  ).getLostLoginPageUrl(  ) );
202         model.put( MARK_DO_ADMIN_LOGIN_URL, sbUrl.toString(  ) );
203 
204         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_LOGIN, locale, model );
205 
206         return template.getHtml(  );
207     }
208 
209     /**
210      * Returns the view of forgot password form
211      *
212      * @param request The request
213      * @return The HTML form
214      */
215     public String getForgotPassword( HttpServletRequest request )
216     {
217         Map<String, Object> model = new HashMap<String, Object>(  );
218 
219         // Invalidate a previous session
220         HttpSession session = request.getSession(  );
221 
222         if ( session != null )
223         {
224             session.removeAttribute( SESSION_ATTRIBUTE_USER );
225         }
226 
227         Locale locale = AdminUserService.getLocale( request );
228 
229         Enumeration<String> enumParams = request.getParameterNames(  );
230         ReferenceList listParams = new ReferenceList(  );
231         String strParamName;
232 
233         while ( enumParams.hasMoreElements(  ) )
234         {
235             strParamName = enumParams.nextElement(  );
236 
237             String strParamValue = request.getParameter( strParamName );
238             listParams.addItem( strParamName, strParamValue );
239         }
240 
241         model.put( MARK_PARAM_VERSION, AppInfo.getVersion(  ) );
242         model.put( MARK_PARAMS_LIST, listParams );
243 
244         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_FORGOT_PASSWORD, locale, model );
245 
246         return template.getHtml(  );
247     }
248 
249     /**
250      * Returns the view of forgot password form
251      *
252      * @param request The request
253      * @return The HTML form
254      */
255     public String getForgotLogin( HttpServletRequest request )
256     {
257         Map<String, Object> model = new HashMap<String, Object>(  );
258 
259         // Invalidate a previous session
260         HttpSession session = request.getSession(  );
261 
262         if ( session != null )
263         {
264             session.removeAttribute( SESSION_ATTRIBUTE_USER );
265         }
266 
267         Locale locale = AdminUserService.getLocale( request );
268 
269         Enumeration<String> enumParams = request.getParameterNames(  );
270         ReferenceList listParams = new ReferenceList(  );
271         String strParamName;
272 
273         while ( enumParams.hasMoreElements(  ) )
274         {
275             strParamName = enumParams.nextElement(  );
276 
277             String strParamValue = request.getParameter( strParamName );
278             listParams.addItem( strParamName, strParamValue );
279         }
280 
281         model.put( MARK_PARAM_VERSION, AppInfo.getVersion(  ) );
282         model.put( MARK_PARAMS_LIST, listParams );
283 
284         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_FORGOT_LOGIN, locale, model );
285 
286         return template.getHtml(  );
287     }
288 
289     /**
290      * Get the admin contact form
291      * @param request The Http request
292      * @return The HTML form
293      */
294     public String getFormContact( HttpServletRequest request )
295     {
296         HashMap<String, Object> model = new HashMap<String, Object>(  );
297 
298         // Invalidate a previous session
299         HttpSession session = request.getSession(  );
300 
301         if ( session != null )
302         {
303             session.removeAttribute( SESSION_ATTRIBUTE_USER );
304         }
305 
306         Locale locale = AdminUserService.getLocale( request );
307 
308         model.put( MARK_PARAM_VERSION, AppInfo.getVersion(  ) );
309 
310         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_FORM_CONTACT, locale, model );
311 
312         return template.getHtml(  );
313     }
314 
315     /**
316      * Process the login of user
317      *
318      * @param request The HTTP Request
319      * @return The Jsp URL of the process result
320      * @throws Exception The exception
321      */
322     public String doLogin( HttpServletRequest request )
323         throws Exception
324     {
325         if ( request.getScheme(  ).equals( CONSTANT_HTTP ) && AppHTTPSService.isHTTPSSupportEnabled(  ) )
326         {
327             return JSP_URL_ADMIN_LOGIN;
328         }
329 
330         // recovery of the login attributes
331         String strAccessCode = request.getParameter( Parameters.ACCESS_CODE );
332         String strPassword = request.getParameter( Parameters.PASSWORD );
333 
334 
335         if (strAccessCode == null || strPassword == null)
336         {
337             // TIME RESISTANT ATTACK
338             // Computation time is equal to the time needed by a legitimate user
339             strAccessCode = "";
340             strPassword = "";
341         }
342 
343         String strLoginUrl = AdminAuthenticationService.getInstance(  ).getLoginPageUrl(  );
344 
345         try
346         {
347             AdminAuthenticationService.getInstance(  ).loginUser( request, strAccessCode, strPassword );
348         }
349         catch ( FailedLoginException ex )
350         {
351             // Creating a record of connections log
352             UserLog userLog = new UserLog(  );
353             userLog.setAccessCode( strAccessCode );
354             userLog.setIpAddress( SecurityUtil.getRealIp( request ) );
355             userLog.setDateLogin( new java.sql.Timestamp( new java.util.Date(  ).getTime(  ) ) );
356             userLog.setLoginStatus( UserLog.LOGIN_DENIED ); // will be inserted only if access denied
357             UserLogHome.addUserLog( userLog );
358 
359             return AdminMessageService.getMessageUrl( request, Messages.MESSAGE_AUTH_FAILURE, strLoginUrl,
360                 AdminMessage.TYPE_STOP );
361         }
362         catch ( LoginException ex )
363         {
364             AppLogService.error( "Error during connection for user access code :" + strAccessCode, ex );
365 
366             return AdminMessageService.getMessageUrl( request, Messages.MESSAGE_AUTH_FAILURE, strLoginUrl,
367                 AdminMessage.TYPE_STOP );
368         }
369 
370         UrlItem url;
371 
372         AdminUser user = AdminUserHome.findUserByLogin( strAccessCode );
373 
374         if ( user.isPasswordReset(  ) )
375         {
376             String strRedirectUrl = AdminMessageService.getMessageUrl( request,
377                     Messages.MESSAGE_USER_MUST_CHANGE_PASSWORD, JSP_URL_MODIFY_DEFAULT_USER_PASSOWRD,
378                     AdminMessage.TYPE_ERROR );
379             url = new UrlItem( strRedirectUrl );
380         }
381         else
382         {
383             String strNextUrl = AdminAuthenticationService.getInstance(  ).getLoginNextUrl( request );
384 
385             if ( StringUtils.isNotBlank( strNextUrl ) )
386             {
387                 url = new UrlItem( strNextUrl );
388             }
389             else
390             {
391                 url = AppPathService.resolveRedirectUrl( request, AppPathService.getAdminMenuUrl(  ) );
392             }
393         }
394 
395         return url.getUrl(  );
396     }
397 
398     /**
399      * Process the sending to user password
400      *
401      * @param request The HTTP Request
402      * @return The Jsp URL of the process result
403      * @throws Exception The exception
404      */
405     public String doForgotPassword( HttpServletRequest request )
406         throws Exception
407     {
408         // get mail from user
409         String strAccessCode = request.getParameter( Parameters.ACCESS_CODE );
410         Locale locale = AdminUserService.getLocale( request );
411 
412         if ( StringUtils.isEmpty( strAccessCode ) )
413         {
414             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
415         }
416 
417         if ( locale == null )
418         {
419             locale = LocaleService.getDefault(  );
420         }
421 
422         // if user or mail not found, send admin message
423         AdminUser user = AdminUserHome.findUserByLogin( strAccessCode );
424 
425         if ( ( user == null ) || StringUtils.isEmpty( user.getEmail(  ) ) )
426         {
427             return JSP_URL_FORM_CONTACT;
428         }
429 
430         // make password
431         String strPassword = AdminUserService.makePassword(  );
432 
433         // update password
434         if ( StringUtils.isNotEmpty( strPassword ) )
435         {
436             LuteceDefaultAdminUser userStored = AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( user.getUserId(  ) );
437             userStored.setPasswordMaxValidDate( AdminUserService.getPasswordMaxValidDate(  ) );
438             IPasswordFactory passwordFactory = SpringContextService.getBean( IPasswordFactory.BEAN_NAME );
439             userStored.setPassword( passwordFactory.getPasswordFromCleartext( strPassword ) );
440 
441             if ( Boolean.valueOf( DefaultUserParameterHome.findByKey( PARAMETER_FORCE_CHANGE_PASSWORD_REINIT ) ) )
442             {
443                 userStored.setPasswordReset( Boolean.TRUE );
444             }
445 
446             AdminUserHome.update( userStored );
447 
448         }
449 
450         // send password by e-mail
451         String strSenderEmail = MailService.getNoReplyEmail(  );
452         String strEmailSubject = I18nService.getLocalizedString( MESSAGE_EMAIL_SUBJECT, locale );
453         HashMap<String, Object> model = new HashMap<String, Object>(  );
454         model.put( MARK_NEW_PASSWORD, strPassword );
455         model.put( MARK_LOGIN_URL,
456             AppPathService.getBaseUrl( request ) + AdminAuthenticationService.getInstance(  ).getLoginPageUrl(  ) );
457         model.put( MARK_SITE_LINK, MailService.getSiteLink( AppPathService.getBaseUrl( request ), false ) );
458 
459         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_EMAIL_FORGOT_PASSWORD, locale, model );
460 
461         MailService.sendMailHtml( user.getEmail(  ), strSenderEmail, strSenderEmail, strEmailSubject,
462             template.getHtml(  ) );
463 
464         return AdminMessageService.getMessageUrl( request, MESSAGE_SENDING_SUCCESS, JSP_URL_ADMIN_LOGIN,
465             AdminMessage.TYPE_INFO );
466     }
467 
468     /**
469      * Process the sending of the login
470      * @param request The HTTP Request
471      * @return The Jsp URL of the process result
472      * @throws Exception The exception
473      */
474     public String doForgotLogin( HttpServletRequest request )
475         throws Exception
476     {
477         String strEmail = request.getParameter( Parameters.EMAIL );
478         Locale locale = AdminUserService.getLocale( request );
479 
480         if ( ( strEmail == null ) || strEmail.equals( CONSTANT_EMPTY_STRING ) )
481         {
482             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
483         }
484 
485         if ( !AdminUserService.checkEmail( strEmail ) )
486         {
487             return AdminMessageService.getMessageUrl( request, MESSAGE_WRONG_EMAIL_FORMAT, AdminMessage.TYPE_STOP );
488         }
489 
490         if ( locale == null )
491         {
492             locale = LocaleService.getDefault(  );
493         }
494 
495         // if access code not found, send admin message
496         String strAccessCode = AdminUserHome.findUserByEmail( strEmail );
497 
498         if ( StringUtils.isEmpty( strAccessCode ) )
499         {
500             return JSP_URL_FORM_CONTACT;
501         }
502 
503         // send access code by e-mail
504         String strSenderEmail = MailService.getNoReplyEmail(  );
505         String strEmailSubject = I18nService.getLocalizedString( MESSAGE_FORGOT_LOGIN_EMAIL_SUBJECT, locale );
506         HashMap<String, Object> model = new HashMap<String, Object>(  );
507         model.put( MARK_LOGIN, strAccessCode );
508         model.put( MARK_LOGIN_URL,
509             AppPathService.getBaseUrl( request ) + AdminAuthenticationService.getInstance(  ).getLoginPageUrl(  ) );
510         model.put( MARK_SITE_LINK, MailService.getSiteLink( AppPathService.getBaseUrl( request ), false ) );
511 
512         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_EMAIL_FORGOT_LOGIN, locale, model );
513 
514         MailService.sendMailHtml( strEmail, strSenderEmail, strSenderEmail, strEmailSubject, template.getHtml(  ) );
515 
516         return AdminMessageService.getMessageUrl( request, MESSAGE_FORGOT_LOGIN_SENDING_SUCCESS, AdminMessage.TYPE_INFO );
517     }
518 
519     /**
520      * Send the message to the adminsitrator(s)
521      * @param request The {@link HttpServletRequest}
522      * @return an adminMessage
523      */
524     public String doFormContact( HttpServletRequest request )
525     {
526         // Get message, check if empty
527         String strMessage = request.getParameter( PARAMETER_MESSAGE );
528 
529         if ( ( strMessage == null ) || strMessage.equals( CONSTANT_EMPTY_STRING ) )
530         {
531             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
532         }
533 
534         Locale locale = AdminUserService.getLocale( request );
535 
536         if ( locale == null )
537         {
538             locale = LocaleService.getDefault(  );
539         }
540 
541         // send mail to admin wich have level
542         int nIdLevel = 0;
543         String strLevelId = AppPropertiesService.getProperty( PROPERTY_LEVEL, "0" );
544 
545         if ( ( strLevelId != null ) && strLevelId.matches( REGEX_ID ) )
546         {
547             nIdLevel = Integer.parseInt( strLevelId );
548         }
549 
550         Collection<AdminUser> adminUserList = AdminUserHome.findByLevel( nIdLevel );
551         StringBuilder sbMailsTo = new StringBuilder( CONSTANT_EMPTY_STRING );
552 
553         for ( AdminUser adminUser : adminUserList )
554         {
555             if ( StringUtil.checkEmail( adminUser.getEmail(  ) ) )
556             {
557                 sbMailsTo.append( adminUser.getEmail(  ) ).append( CONSTANT_EMAIL_DELIMITER );
558             }
559         }
560 
561         String strMailsTo = sbMailsTo.toString(  );
562 
563         if ( !strMailsTo.equals( CONSTANT_EMPTY_STRING ) )
564         {
565             String strSenderEmail = MailService.getNoReplyEmail(  );
566             String strEmailSubject = I18nService.getLocalizedString( MESSAGE_EMAIL_ADMIN_SUBJECT, locale );
567 
568             MailService.sendMailHtml( strMailsTo, strSenderEmail, strSenderEmail, strEmailSubject, strMessage );
569         }
570 
571         return AdminMessageService.getMessageUrl( request, MESSAGE_ADMIN_SENDING_SUCCESS,
572             AdminAuthenticationService.getInstance(  ).getLoginPageUrl(  ), AdminMessage.TYPE_INFO );
573     }
574 
575     /**
576      * Process the logout of user
577      *
578      * @param request Http request
579      * @return The Jsp URL of the process result
580      */
581     public String doLogout( HttpServletRequest request )
582     {
583         // Invalidation of the session
584         HttpSession session = request.getSession(  );
585 
586         if ( session != null )
587         {
588             session.invalidate(  );
589         }
590 
591         String strLoginUrl = AdminAuthenticationService.getInstance(  ).getLoginPageUrl(  );
592 
593         return AdminMessageService.getMessageUrl( request, Messages.MESSAGE_LOGOUT, strLoginUrl, AdminMessage.TYPE_INFO );
594     }
595 }