TheDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/17Franco/CulturarteWeb/llms.txt
Use this file to discover all available pages before exploring further.
Login servlet is the authentication gateway for CulturarteWeb. On a successful login it
creates an HTTP session, stores the user’s nickname and role, and redirects them to the main
BuscadorPropuestas page. Credentials are validated by calling the remote ControllerWS SOAP
service, keeping all business logic outside the web tier.
GET /Login
Redirects the browser directly to the login/registration page. No parameters are required.| Behaviour | Detail |
|---|---|
| Redirect target | /InicioSesion_Registro.jsp |
| HTTP status | 302 Found |
POST /Login
Processes the credentials submitted by the login form.Request parameters
The user’s unique nickname. Must match a registered account in the
ControllerWS backend.The user’s plain-text password. It is transmitted to the SOAP service for validation and is
never stored by the servlet itself.
SOAP calls
The servlet resolves the SOAP endpoint URL at runtime fromconfig.properties and makes two
sequential calls:
portU.login(nick, pass)— returnsboolean.truemeans the credentials are valid.portU.isProponente(nick)— returnsboolean. Determines whether the authenticated user holds theProponenteorColaboradorrole.
Session attributes set on success
WhenportU.login() returns true (and the mobile restriction below is not triggered), the
following attributes are written to the HttpSession:
| Attribute | Type | Value |
|---|---|---|
logueado | String | The authenticated user’s nickname |
tipoUser | String | "Proponente" or "Colaborador" |
Success response
302 Found → redirects to {contextPath}/ (mapped to the BuscadorPropuestas welcome servlet
via web.xml).
Failure response
WhenportU.login() returns false, or any exception is thrown during the SOAP call, the servlet
sets a request attribute and forwards back to the login page:
| Attribute | Value |
|---|---|
errorMessage | "Nick o Contrasena Incorrectos." (bad credentials) or "No se pudo Iniciar Sesion." (SOAP error) |
/InicioSesion_Registro.jsp, which renders the message inside a Bootstrap
alert-danger block.
Mobile device restriction
The servlet inspects theUser-Agent request header. A device is considered mobile when the
header contains any of the following strings:
| Token | Devices matched |
|---|---|
Mobi | Generic mobile browsers |
Android | Android phones and tablets |
iPhone | Apple iPhone |
iPad | Apple iPad |
Touch | Touch-screen browsers |
Proponente and the device is mobile, access is
denied. The session is not created and the following error is forwarded to the JSP:
“Acceso denegado: Los Proponentes no pueden iniciar sesión desde dispositivos móviles.”
Colaborador accounts are not subject to this restriction and may log in from any device.
curl example
The form submits viaapplication/x-www-form-urlencoded. The following command simulates that
POST. Replace JSESSIONID in subsequent requests with the cookie returned by the server.
CulturarteWeb uses the standard Jakarta EE
HttpSession (cookie-based). The server returns a
Set-Cookie: JSESSIONID=... header on successful login. Every subsequent request to a
protected endpoint must include this cookie. The -c cookies.txt / -b cookies.txt flags in
curl handle this automatically. Sessions expire after 30 minutes of inactivity (configured
in web.xml).Session timeout
The session lifetime is declared inWEB-INF/web.xml: