diff --git a/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java b/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java index 08179e0df..2aacea593 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java +++ b/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java @@ -44,24 +44,20 @@ import org.apache.log4j.Logger; * @version $Revision: #8 $ $Date: 2004/08/16 $ * @version $Id: SecurityConfig.java 1471 2007-03-12 11:27:55Z chrisgilbert23 $ */ - public class SecurityConfig extends AbstractConfig { private static final Logger s_log = Logger.getLogger(SecurityConfig.class); - private static SecurityConfig s_config = null; - private static String s_systemAdministratorEmailAddress = null; - /** Size of secret key in bytes. **/ public static int SECRET_KEY_BYTES = 16; - /** The class name of the SecurityHelper implementation. Must implement - SecurityHelper interface */ - private final Parameter m_securityHelperClass = new SpecificClassParameter - ("waf.security_helper_class", Parameter.REQUIRED, - com.arsdigita.kernel.security.DefaultSecurityHelper.class, - com.arsdigita.kernel.security.SecurityHelper.class); + SecurityHelper interface */ + private final Parameter m_securityHelperClass = + new SpecificClassParameter( + "waf.security_helper_class", Parameter.REQUIRED, + com.arsdigita.kernel.security.DefaultSecurityHelper.class, + com.arsdigita.kernel.security.SecurityHelper.class); // /** This parameter is obsolete. */ // private final Parameter m_sessionTrackingMethod = new StringParameter // ("waf.session_tracking_method", Parameter.REQUIRED, "cookie"); @@ -69,16 +65,15 @@ public class SecurityConfig extends AbstractConfig { * Authentication is checked for all requests, but requests with one of * these extensions will never cause a new cookie to be set. * Include a leading dot for each extension. */ - private final Parameter m_excludedExtensions = new StringArrayParameter - ("waf.excluded_extensions", Parameter.REQUIRED, - new String[] { ".jpg", ".gif", ".png", ".pdf" } ); - + private final Parameter m_excludedExtensions = new StringArrayParameter( + "waf.excluded_extensions", Parameter.REQUIRED, + new String[]{ + ".jpg", ".gif", ".png", ".pdf"}); // ///////////////////////////////////////////////////////////////////////////// // This section completely moved to com.arsdigita.ui.UIConfig. // Configuration is not an Initializer task. // Retained here during transition, should be removed when completed (2011-02) // ///////////////////////////////////////////////////////////////////////////// - // /** Key for the root page of the site. */ // private final Parameter m_rootPage = new StringParameter // ("waf.pagemap.root", Parameter.REQUIRED, "register/"); @@ -112,17 +107,14 @@ public class SecurityConfig extends AbstractConfig { // ("waf.pagemap.permission", Parameter.REQUIRED, "permissions/"); // private final Parameter m_permSinglePage = new StringParameter // ("waf.pagemap.perm_single", Parameter.REQUIRED, "permissions/one"); - // //////////////////////////////////////////////////////////////////////////// - - - private final Parameter m_cookieDurationMinutes = new IntegerParameter - ("waf.pagemap.cookies_duration_minutes", Parameter.OPTIONAL, null); - private final Parameter m_cookieDomain = new StringParameter - ("waf.cookie_domain", Parameter.OPTIONAL, null); - - private final Parameter m_loginConfig = new StringArrayParameter - ("waf.login_config", Parameter.REQUIRED, new String[] { + private final Parameter m_cookieDurationMinutes = new IntegerParameter( + "waf.pagemap.cookies_duration_minutes", Parameter.OPTIONAL, null); + private final Parameter m_cookieDomain = new StringParameter( + "waf.cookie_domain", Parameter.OPTIONAL, null); + private final Parameter m_loginConfig = new StringArrayParameter( + "waf.login_config", Parameter.REQUIRED, + new String[]{ "Request:com.arsdigita.kernel.security.AdminLoginModule:sufficient", "Request:com.arsdigita.kernel.security.RecoveryLoginModule:sufficient", "Request:com.arsdigita.kernel.security.CookieLoginModule:requisite", @@ -131,15 +123,16 @@ public class SecurityConfig extends AbstractConfig { "Register:com.arsdigita.kernel.security.CookieLoginModule:optional", "RegisterSSO:com.arsdigita.kernel.security.SimpleSSOLoginModule:requisite", "RegisterSSO:com.arsdigita.kernel.security.CookieLoginModule:optional" - } - ); - - private final Parameter m_adminEmail = new StringParameter - ("waf.admin.contact_email", Parameter.OPTIONAL, null); - private final Parameter m_autoRegistrationOn = new BooleanParameter - ("waf.auto_registration_on", Parameter.REQUIRED, Boolean.TRUE); - private final Parameter m_userBanOn = new BooleanParameter - ("waf.user_ban_on", Parameter.REQUIRED, Boolean.FALSE); + }); + private final Parameter m_adminEmail = new StringParameter( + "waf.admin.contact_email", Parameter.OPTIONAL, null); + private final Parameter m_autoRegistrationOn = new BooleanParameter( + "waf.auto_registration_on", Parameter.REQUIRED, Boolean.TRUE); + private final Parameter m_userBanOn = new BooleanParameter("waf.user_ban_on", + Parameter.REQUIRED, + Boolean.FALSE); + private final Parameter m_enableQuestion = new BooleanParameter( + "waf.user_question.enable", Parameter.REQUIRED, Boolean.FALSE); /** * Constructs an empty SecurityConfig object @@ -169,6 +162,7 @@ public class SecurityConfig extends AbstractConfig { register(m_adminEmail); register(m_autoRegistrationOn); register(m_userBanOn); + register(m_enableQuestion); loadInfo(); } @@ -207,13 +201,12 @@ public class SecurityConfig extends AbstractConfig { // public final String getSessionTrackingMethod() { // return (String) get(m_sessionTrackingMethod); // } - /** * * @return */ public final List getExcludedExtensions() { - return Arrays.asList( (String[]) get(m_excludedExtensions)); + return Arrays.asList((String[]) get(m_excludedExtensions)); } // MOVED, see above @@ -254,37 +247,45 @@ public class SecurityConfig extends AbstractConfig { // return (String) get(m_permSinglePage); // } // /////////////////////////////////////////////////////////////////////////// - public String getCookieDomain() { return (String) get(m_cookieDomain); } + String[] getLoginConfig() { return (String[]) get(m_loginConfig); } + Integer getCookieDurationMinutes() { return (Integer) get(m_cookieDurationMinutes); } + boolean isUserBanOn() { return ((Boolean) get(m_userBanOn)).booleanValue(); } - + public String getAdminContactEmail() { String email = (String) get(m_adminEmail); - if (email == null || email.trim().length() == 0) { + if (email == null || email.trim().length() == 0) { email = getSystemAdministratorEmailAddress(); } return email; } + + public Boolean getEnableQuestion() { + return (Boolean) get(m_enableQuestion); + } private static synchronized String getSystemAdministratorEmailAddress() { if (s_systemAdministratorEmailAddress == null) { ObjectPermissionCollection perms = - PermissionService.getGrantedUniversalPermissions(); + PermissionService. + getGrantedUniversalPermissions(); perms.addEqualsFilter("granteeIsUser", Boolean.TRUE); perms.clearOrder(); perms.addOrder("granteeID"); if (perms.next()) { - s_systemAdministratorEmailAddress = perms.getGranteeEmail().toString(); + s_systemAdministratorEmailAddress = perms.getGranteeEmail(). + toString(); perms.close(); } else { // Haven't found anything. We don't want to repeat this query @@ -298,5 +299,4 @@ public class SecurityConfig extends AbstractConfig { public final boolean isAutoRegistrationOn() { return ((Boolean) get(m_autoRegistrationOn)).booleanValue(); } - } diff --git a/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig_parameter.properties b/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig_parameter.properties index 070439a36..2976be7d4 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig_parameter.properties +++ b/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig_parameter.properties @@ -2,23 +2,32 @@ waf.login_config.title=Login Configuration waf.login_config.purpose=Enter JAAS login configuration, using the syntax described in Javadoc for com.arsdigita.kernel.security.LoginConfig waf.login_config.example=Request:com.arsdigita.kernel.security.AdminLoginModule:sufficient,Register:com.arsdigita.kernel.security.LocalLoginModule:requisite waf.login_config.format=[string,string,...] + waf.cookie_domain.title=Cookie Domain waf.cookie_domain.purpose=Enter the domain to which the Aplaws authentication cookie is presented waf.cookie_domain.example=.example.com waf.cookie_domain.format=[string] + waf.admin.contact_email.title=System administrator email address waf.admin.contact_email.purpose=Email address that will be displayed on footer of login/admin pages, if empty then site-wide admin email will be substituted waf.admin.contact_email.example=ccmadmin@example.com waf.admin.contact_email.format=[string] + waf.auto_registration_on.title=Auto Registration waf.auto_registration_on.purpose=New users get automatically redirected to the create new user form waf.auto_registration_on.example=true waf.auto_registration_on.format=true|false + waf.user_ban_on.title=User Ban waf.user_ban_on.purpose=Check on each access if user has been banned from the site. waf.user_ban_on.example=false waf.user_ban_on.format=true|false +waf.user_question_enable.title=Enable question +waf.user_question_enable.purpose=Enable question if a user has forgotten its password +waf.user_question_enable.example=false +waf.user_question_enable.format=true|false + # Moved to com.arsdigita.ui.UIConfig (2011-02). # Retained here for easy reference during transition phase # waf.pagemap.root.title=Root Page diff --git a/ccm-core/src/com/arsdigita/ui/UIConfig_parameter.properties b/ccm-core/src/com/arsdigita/ui/UIConfig_parameter.properties index bb763816a..ac6b71ca1 100644 --- a/ccm-core/src/com/arsdigita/ui/UIConfig_parameter.properties +++ b/ccm-core/src/com/arsdigita/ui/UIConfig_parameter.properties @@ -34,6 +34,7 @@ core.ui.pagemap.workspace_url.example=pvt/ core.ui.pagemap.workspace_url.format=[string] + #waf.pagemap.newuser.title=New User Page #waf.pagemap.newuser.purpose=Enter the relative URL for the New User Page #waf.pagemap.newuser.example=register/new-user diff --git a/ccm-core/src/com/arsdigita/ui/admin/UserAddForm.java b/ccm-core/src/com/arsdigita/ui/admin/UserAddForm.java index 09a61f0a1..dd2d46b59 100755 --- a/ccm-core/src/com/arsdigita/ui/admin/UserAddForm.java +++ b/ccm-core/src/com/arsdigita/ui/admin/UserAddForm.java @@ -30,41 +30,41 @@ import com.arsdigita.kernel.EmailAddress; import com.arsdigita.kernel.PersonName; import com.arsdigita.kernel.User; import com.arsdigita.kernel.UserAuthentication; +import com.arsdigita.kernel.security.SecurityConfig; /** * Form used to add a new user to the system. * * @version $Id: UserAddForm.java 287 2005-02-22 00:29:02Z sskracic $ */ - class UserAddForm extends UserForm - implements FormProcessListener, - FormInitListener, - AdminConstants -{ + implements FormProcessListener, + FormInitListener, + AdminConstants { + + private SecurityConfig securityConfig = SecurityConfig.getConfig(); private AdminSplitPanel m_adminPanel; /** * Default constructor. */ - - public UserAddForm (AdminSplitPanel adminPanel) { + public UserAddForm(AdminSplitPanel adminPanel) { super(USER_FORM_ADD); m_adminPanel = adminPanel; addInitListener(this); addProcessListener(this); - // Add validation listeners for required parameters - - m_question.addValidationListener - (new NotEmptyValidationListener()); + if (securityConfig.getEnableQuestion()) { + // Add validation listeners for required parameters + // but only if SecurityConfig.getEnableQuestion is true (jensp 2011-10-05) + m_question.addValidationListener(new NotEmptyValidationListener()); + } } /** * Initialize the form */ - public void init(FormSectionEvent e) { PageState state = e.getPageState(); @@ -77,16 +77,14 @@ class UserAddForm extends UserForm /** * Process the form. */ - - public void process (FormSectionEvent e) - throws FormProcessException - { + public void process(FormSectionEvent e) + throws FormProcessException { PageState state = e.getPageState(); User user = new User(); String email = - ((InternetAddress) m_primaryEmail.getValue(state)).getAddress(); + ((InternetAddress) m_primaryEmail.getValue(state)).getAddress(); user.setPrimaryEmail(new EmailAddress(email)); user.setScreenName((String) m_screenName.getValue(state)); @@ -106,10 +104,9 @@ class UserAddForm extends UserForm // Add optional additional email address InternetAddress additional = - (InternetAddress) m_additionalEmail.getValue(state); + (InternetAddress) m_additionalEmail.getValue(state); if (additional != null) { - user.addEmailAddress - (new EmailAddress(additional.getAddress())); + user.addEmailAddress(new EmailAddress(additional.getAddress())); } // Make new user persistent @@ -119,11 +116,13 @@ class UserAddForm extends UserForm // Save user authentication credentials. UserAuthentication auth = - UserAuthentication.createForUser(user); + UserAuthentication.createForUser(user); auth.setPassword((String) m_password.getValue(state)); - auth.setPasswordQuestion((String) m_question.getValue(state)); - auth.setPasswordAnswer((String) m_answer.getValue(state)); + if (securityConfig.getEnableQuestion()) { + auth.setPasswordQuestion((String) m_question.getValue(state)); + auth.setPasswordAnswer((String) m_answer.getValue(state)); + } auth.save(); // Switch to browse tab. diff --git a/ccm-core/src/com/arsdigita/ui/admin/UserForm.java b/ccm-core/src/com/arsdigita/ui/admin/UserForm.java index e54cbdd57..30e9dc15f 100755 --- a/ccm-core/src/com/arsdigita/ui/admin/UserForm.java +++ b/ccm-core/src/com/arsdigita/ui/admin/UserForm.java @@ -18,7 +18,6 @@ */ package com.arsdigita.ui.admin; - import com.arsdigita.bebop.Form; import com.arsdigita.bebop.FormData; import com.arsdigita.bebop.FormProcessException; @@ -36,6 +35,7 @@ import com.arsdigita.bebop.parameters.StringLengthValidationListener; import com.arsdigita.bebop.parameters.StringParameter; import com.arsdigita.bebop.parameters.URLParameter; import com.arsdigita.kernel.Kernel; +import com.arsdigita.kernel.security.SecurityConfig; import com.arsdigita.persistence.DataQuery; import com.arsdigita.persistence.Filter; import com.arsdigita.persistence.SessionManager; @@ -52,23 +52,22 @@ import javax.servlet.http.HttpServletRequest; * @author David Dao * @version $Id: UserForm.java 1508 2007-03-22 00:04:22Z apevec $ */ - class UserForm extends Form implements FormValidationListener, AdminConstants { protected TextField m_firstName; protected TextField m_lastName; protected TextField m_primaryEmail; protected TextField m_additionalEmail; - protected Password m_password; - protected Password m_confirmPassword; + protected Password m_password; + protected Password m_confirmPassword; protected TextField m_question; protected TextField m_answer; protected TextField m_url; protected TextField m_screenName; protected EmailList m_emailList; - private PasswordValidationListener m_pwListener; private NotEmptyValidationListener m_notNullListener; + private SecurityConfig securityConfig = SecurityConfig.getConfig(); public UserForm(String formName) { super(formName); @@ -87,61 +86,61 @@ class UserForm extends Form implements FormValidationListener, AdminConstants { int max = 60; m_firstName = new TextField( - new StringParameter(USER_FORM_INPUT_FIRST_NAME)); + new StringParameter(USER_FORM_INPUT_FIRST_NAME)); m_firstName.setMaxLength(max); m_firstName.setSize(20); - m_firstName.addValidationListener - (new NotEmptyValidationListener()); - m_firstName.addValidationListener - (new StringLengthValidationListener(max)); + m_firstName.addValidationListener(new NotEmptyValidationListener()); + m_firstName.addValidationListener( + new StringLengthValidationListener(max)); add(USER_FORM_LABEL_FIRST_NAME); add(m_firstName); m_lastName = new TextField( - new StringParameter(USER_FORM_INPUT_LAST_NAME)); + new StringParameter(USER_FORM_INPUT_LAST_NAME)); m_lastName.setMaxLength(max); m_lastName.setSize(25); - m_lastName.addValidationListener - (new NotEmptyValidationListener()); - m_lastName.addValidationListener - (new StringLengthValidationListener(max)); + m_lastName.addValidationListener(new NotEmptyValidationListener()); + m_lastName.addValidationListener(new StringLengthValidationListener(max)); add(USER_FORM_LABEL_LAST_NAME); add(m_lastName); // Password - m_password = new Password - (new StringParameter(USER_FORM_INPUT_PASSWORD)); + m_password = new Password(new StringParameter(USER_FORM_INPUT_PASSWORD)); add(USER_FORM_LABEL_PASSWORD); add(m_password); // Password confirmation - m_confirmPassword = new Password - (new StringParameter(USER_FORM_INPUT_PASSWORD_CONFIRMATION)); + m_confirmPassword = new Password(new StringParameter( + USER_FORM_INPUT_PASSWORD_CONFIRMATION)); add(USER_FORM_LABEL_PASSWORD_CONFIRMATION); add(m_confirmPassword); // Password question - m_question = new TextField(new StringParameter(USER_FORM_INPUT_QUESTION)); + m_question = + new TextField(new StringParameter(USER_FORM_INPUT_QUESTION)); m_question.setSize(50); - add(USER_FORM_LABEL_QUESTION); - add(m_question); + if (securityConfig.getEnableQuestion()) { + add(USER_FORM_LABEL_QUESTION); + add(m_question); + } // Password answer m_answer = new TextField(new StringParameter(USER_FORM_INPUT_ANSWER)); m_answer.setSize(50); - add(USER_FORM_LABEL_ANSWER); - add(m_answer); + if (securityConfig.getEnableQuestion()) { + add(USER_FORM_LABEL_ANSWER); + add(m_answer); + } // Primary email address - m_primaryEmail = new TextField - (new EmailParameter(USER_FORM_INPUT_PRIMARY_EMAIL)); - m_primaryEmail.addValidationListener - (new NotEmptyValidationListener()); + m_primaryEmail = new TextField(new EmailParameter( + USER_FORM_INPUT_PRIMARY_EMAIL)); + m_primaryEmail.addValidationListener(new NotEmptyValidationListener()); m_primaryEmail.setSize(50); add(USER_FORM_LABEL_PRIMARY_EMAIL); add(m_primaryEmail); @@ -151,15 +150,15 @@ class UserForm extends Form implements FormValidationListener, AdminConstants { add(USER_FORM_LABEL_ADDITIONAL_EMAIL_LIST); add(m_emailList); - m_additionalEmail = new TextField - (new EmailParameter(USER_FORM_INPUT_ADDITIONAL_EMAIL)); + m_additionalEmail = new TextField(new EmailParameter( + USER_FORM_INPUT_ADDITIONAL_EMAIL)); m_additionalEmail.setSize(50); add(USER_FORM_LABEL_ADDITIONAL_EMAIL); add(m_additionalEmail); // Screen name - m_screenName = new TextField - (new StringParameter(USER_FORM_INPUT_SCREEN_NAME)); + m_screenName = new TextField(new StringParameter( + USER_FORM_INPUT_SCREEN_NAME)); if (Kernel.getConfig().screenNameIsPrimaryIdentifier()) { m_screenName.addValidationListener(new NotEmptyValidationListener()); } @@ -185,10 +184,8 @@ class UserForm extends Form implements FormValidationListener, AdminConstants { * password-confirm field. Also verifies that primary email * address and screen name are unique amoung all users. */ - - public void validate (FormSectionEvent event) - throws FormProcessException - { + public void validate(FormSectionEvent event) + throws FormProcessException { PageState ps = event.getPageState(); FormData data = event.getFormData(); HttpServletRequest req = ps.getRequest(); @@ -199,50 +196,57 @@ class UserForm extends Form implements FormValidationListener, AdminConstants { /** * Verify that password and confirmation match. */ - if (userID == null) { m_pwListener.validate( - new ParameterEvent(event.getSource(), - data.getParameter(USER_FORM_INPUT_PASSWORD))); + new ParameterEvent(event.getSource(), + data.getParameter( + USER_FORM_INPUT_PASSWORD))); m_notNullListener.validate( - new ParameterEvent(event.getSource(), - data.getParameter(USER_FORM_INPUT_PASSWORD_CONFIRMATION))); + new ParameterEvent(event.getSource(), + data.getParameter( + USER_FORM_INPUT_PASSWORD_CONFIRMATION))); String password = (String) m_password.getValue(ps); - String confirm = (String) m_confirmPassword.getValue(ps); + String confirm = (String) m_confirmPassword.getValue(ps); - if (!StringUtils.emptyString(password) && !StringUtils.emptyString(confirm)) { + if (!StringUtils.emptyString(password) && !StringUtils.emptyString( + confirm)) { if (!password.equals(confirm)) { data.addError(USER_FORM_INPUT_PASSWORD_CONFIRMATION, - (String) USER_FORM_ERROR_PASSWORD_NOT_MATCH.localize(req)); + (String) USER_FORM_ERROR_PASSWORD_NOT_MATCH. + localize(req)); } } } - // If the password answer is anything but null, make sure it - // contains some non-whitespace characters - - String answer = (String) m_answer.getValue(ps); - if (userID == null) { - // Check for add form. - if (answer == null || answer.trim().length()==0) { - data.addError(USER_FORM_INPUT_ANSWER, - (String) USER_FORM_ERROR_ANSWER_NULL.localize(req)); - } - } else { - // Check for edit form - if (answer != null && answer.length() > 0 && answer.trim().length() == 0) { - data.addError(USER_FORM_INPUT_ANSWER, - (String) USER_FORM_ERROR_ANSWER_NULL.localize(req)); + if (securityConfig.getEnableQuestion()) { + // If the password answer is anything but null, make sure it + // contains some non-whitespace characters + String answer = (String) m_answer.getValue(ps); + if (userID == null) { + // Check for add form. + if (answer == null || answer.trim().length() == 0) { + data.addError(USER_FORM_INPUT_ANSWER, + (String) USER_FORM_ERROR_ANSWER_NULL.localize( + req)); + } + } else { + // Check for edit form + if (answer != null && answer.length() > 0 && answer.trim(). + length() + == 0) { + data.addError(USER_FORM_INPUT_ANSWER, + (String) USER_FORM_ERROR_ANSWER_NULL.localize( + req)); + } } } /** * Verify that primary email and screen name are unique */ - - DataQuery query = SessionManager.getSession().retrieveQuery - ("com.arsdigita.kernel.RetrieveUsers"); + DataQuery query = SessionManager.getSession().retrieveQuery( + "com.arsdigita.kernel.RetrieveUsers"); query.setParameter("excludeGroupId", new BigDecimal(0)); String email = null; @@ -252,8 +256,8 @@ class UserForm extends Form implements FormValidationListener, AdminConstants { String screenName = (String) m_screenName.getValue(ps); - Filter filter = query.addFilter - ("primaryEmail = :email or screenName = :sn"); + Filter filter = query.addFilter( + "primaryEmail = :email or screenName = :sn"); filter.set("email", email); filter.set("sn", screenName); @@ -267,18 +271,17 @@ class UserForm extends Form implements FormValidationListener, AdminConstants { * screen name, email address, or both. Check the results and * produce appropriate error messages. */ - while (query.next()) { - if (screenName != null && - screenName.equals(query.get("screenName"))) { + if (screenName != null && screenName.equals(query.get("screenName"))) { data.addError(USER_FORM_INPUT_SCREEN_NAME, - (String) USER_FORM_ERROR_SCREEN_NAME_NOT_UNIQUE.localize(req)); + (String) USER_FORM_ERROR_SCREEN_NAME_NOT_UNIQUE. + localize(req)); } - if (email != null && - email.equals(query.get("primaryEmail"))) { + if (email != null && email.equals(query.get("primaryEmail"))) { data.addError(USER_FORM_INPUT_PRIMARY_EMAIL, - (String) USER_FORM_ERROR_PRIMARY_EMAIL_NOT_UNIQUE.localize(req)); + (String) USER_FORM_ERROR_PRIMARY_EMAIL_NOT_UNIQUE. + localize(req)); } } @@ -288,30 +291,31 @@ class UserForm extends Form implements FormValidationListener, AdminConstants { /** * Hide all security-related components */ - - protected void hideSecurityInfo (PageState state) { - setSecurityInfo(state,false); + protected void hideSecurityInfo(PageState state) { + setSecurityInfo(state, false); } /** * Show all security-related components */ - - protected void showSecurityInfo (PageState state) { - setSecurityInfo(state,true); + protected void showSecurityInfo(PageState state) { + setSecurityInfo(state, true); } - private void setSecurityInfo (PageState state, boolean isVisible) { + private void setSecurityInfo(PageState state, boolean isVisible) { USER_FORM_LABEL_PASSWORD.setVisible(state, isVisible); USER_FORM_LABEL_PASSWORD_CONFIRMATION.setVisible(state, isVisible); - USER_FORM_LABEL_QUESTION.setVisible(state, isVisible); - USER_FORM_LABEL_ANSWER.setVisible(state, isVisible); + if (securityConfig.getEnableQuestion()) { + USER_FORM_LABEL_QUESTION.setVisible(state, isVisible); + USER_FORM_LABEL_ANSWER.setVisible(state, isVisible); + } m_password.setVisible(state, isVisible); m_confirmPassword.setVisible(state, isVisible); - m_question.setVisible(state, isVisible); - m_answer.setVisible(state, isVisible); + if (securityConfig.getEnableQuestion()) { + m_question.setVisible(state, isVisible); + m_answer.setVisible(state, isVisible); + } } - } diff --git a/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java b/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java index 80503e309..70cdc026d 100755 --- a/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java +++ b/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java @@ -48,6 +48,7 @@ import com.arsdigita.kernel.security.AccountNotFoundException; import com.arsdigita.kernel.security.Credential; import com.arsdigita.kernel.security.CredentialException; // import com.arsdigita.kernel.security.LegacyInitializer; +import com.arsdigita.kernel.security.SecurityConfig; import com.arsdigita.kernel.security.UserContext; import com.arsdigita.ui.UI; import com.arsdigita.web.ParameterMap; @@ -71,23 +72,21 @@ import org.apache.log4j.Logger; * * @version $Id: UserRegistrationForm.java 1230 2006-06-22 11:50:59Z apevec $ */ - public class UserRegistrationForm extends Form implements LoginConstants, FormInitListener, - FormValidationListener, FormProcessListener { + FormValidationListener, FormProcessListener { private static final Logger s_log = - Logger.getLogger(UserRegistrationForm.class); - + Logger.getLogger(UserRegistrationForm.class); // package friendly static form name makes writing HttpUnitTest easier final static String FORM_NAME = "user-login"; - private CheckboxGroup m_isPersistent; private Hidden m_timestamp; private Hidden m_returnURL; private TextField m_loginName; private Password m_password; private boolean m_autoRegistrationOn; + private SecurityConfig securityConfig = SecurityConfig.getConfig(); public UserRegistrationForm() { this(true); @@ -111,18 +110,18 @@ public class UserRegistrationForm extends Form m_autoRegistrationOn = autoRegistrationOn; - m_timestamp = new Hidden(new StringParameter (FORM_TIMESTAMP)); + m_timestamp = new Hidden(new StringParameter(FORM_TIMESTAMP)); add(m_timestamp); - m_returnURL = new Hidden(new URLParameter - (LoginHelper.RETURN_URL_PARAM_NAME)); + m_returnURL = new Hidden(new URLParameter( + LoginHelper.RETURN_URL_PARAM_NAME)); m_returnURL.setPassIn(true); add(m_returnURL); setupLogin(); - add(new Label(LoginHelper.getMessage - ("login.userRegistrationForm.password"))); + add(new Label(LoginHelper.getMessage( + "login.userRegistrationForm.password"))); m_password = new Password(new StringParameter(FORM_PASSWORD)); // Since new users should not enter a password, allow null. //m_password.addValidationListener(new NotNullValidationListener()); @@ -130,25 +129,27 @@ public class UserRegistrationForm extends Form SimpleContainer cookiePanel = new BoxPanel(BoxPanel.HORIZONTAL); m_isPersistent = - new CheckboxGroup(FORM_PERSISTENT_LOGIN_P); + new CheckboxGroup(FORM_PERSISTENT_LOGIN_P); Label optLabel = - new Label(LoginHelper.getMessage - ("login.userRegistrationForm.cookieOption")); + new Label(LoginHelper.getMessage( + "login.userRegistrationForm.cookieOption")); Option opt = new Option(FORM_PERSISTENT_LOGIN_P_DEFAULT, optLabel); m_isPersistent.addOption(opt); if (Kernel.getConfig().isLoginRemembered()) { m_isPersistent.setOptionSelected(FORM_PERSISTENT_LOGIN_P_DEFAULT); } cookiePanel.add(m_isPersistent); - cookiePanel.add(new DynamicLink - ("login.userRegistrationForm.explainCookieLink", - UI.getCookiesExplainPageURL())); + cookiePanel.add(new DynamicLink( + "login.userRegistrationForm.explainCookieLink", + UI.getCookiesExplainPageURL())); add(cookiePanel); add(new Submit(SUBMIT), ColumnPanel.CENTER | ColumnPanel.FULL_WIDTH); - add(new DynamicLink("login.userRegistrationForm.forgotPasswordLink", - UI.getRecoverPasswordPageURL())); + if (securityConfig.getEnableQuestion()) { + add(new DynamicLink("login.userRegistrationForm.forgotPasswordLink", + UI.getRecoverPasswordPageURL())); + } if (m_autoRegistrationOn) { add(new DynamicLink("login.userRegistrationForm.newUserRegister", @@ -156,20 +157,19 @@ public class UserRegistrationForm extends Form } add(new ElementComponent("subsite:promptToEnableCookiesMsg", - SubsiteDispatcher.SUBSITE_NS_URI)); + SubsiteDispatcher.SUBSITE_NS_URI)); } - /** * Sets up the login form parameters */ private void setupLogin() { SimpleContainer loginMessage = - new SimpleContainer("subsite:loginPromptMsg", - SubsiteDispatcher.SUBSITE_NS_URI); + new SimpleContainer("subsite:loginPromptMsg", + SubsiteDispatcher.SUBSITE_NS_URI); - if (KernelHelper.emailIsPrimaryIdentifier()){ + if (KernelHelper.emailIsPrimaryIdentifier()) { loginMessage.setClassAttr("email"); } else { loginMessage.setClassAttr("screenName"); @@ -177,26 +177,26 @@ public class UserRegistrationForm extends Form add(loginMessage); - if (KernelHelper.emailIsPrimaryIdentifier()){ - add(new Label(LoginHelper.getMessage - ("login.userRegistrationForm.email"))); + if (KernelHelper.emailIsPrimaryIdentifier()) { + add(new Label(LoginHelper.getMessage( + "login.userRegistrationForm.email"))); m_loginName = new TextField(new EmailParameter(FORM_LOGIN)); - addInitListener(new EmailInitListener - ((EmailParameter)m_loginName.getParameterModel())); + addInitListener(new EmailInitListener((EmailParameter) m_loginName. + getParameterModel())); } else { - add(new Label(LoginHelper.getMessage - ("login.userRegistrationForm.screenName"))); + add(new Label(LoginHelper.getMessage( + "login.userRegistrationForm.screenName"))); m_loginName = new TextField(new StringParameter(FORM_LOGIN)); - addInitListener(new ScreenNameInitListener - ((StringParameter)m_loginName.getParameterModel())); + addInitListener(new ScreenNameInitListener((StringParameter) m_loginName. + getParameterModel())); } m_loginName.addValidationListener(new NotNullValidationListener()); add(m_loginName); } public void init(FormSectionEvent event) - throws FormProcessException { - s_log.info( "In init" ); + throws FormProcessException { + s_log.info("In init"); if (Kernel.getConfig().isSSOenabled()) { // try SSO login s_log.info("trying SSO"); @@ -207,42 +207,41 @@ public class UserRegistrationForm extends Form return; } catch (LoginException le) { // continue with standard form-based login - s_log.debug("SSO failed",le); + s_log.debug("SSO failed", le); } } try { // create timestamp - String value = Credential - .create(FORM_TIMESTAMP, 1000 * TIMESTAMP_LIFETIME_SECS) - .toString(); + String value = Credential.create(FORM_TIMESTAMP, + 1000 * TIMESTAMP_LIFETIME_SECS). + toString(); m_timestamp.setValue(event.getPageState(), value); } catch (CredentialException e) { s_log.debug("Could not create timestamp", e); - throw new FormProcessException - ("Could not create timestamp", e); + throw new FormProcessException("Could not create timestamp", e); } } public void validate(FormSectionEvent event) - throws FormProcessException { + throws FormProcessException { - s_log.debug( "In validate" ); + s_log.debug("In validate"); FormData data = event.getFormData(); PageState state = event.getPageState(); try { // check timestamp try { - Credential.parse((String)m_timestamp.getValue(state)); + Credential.parse((String) m_timestamp.getValue(state)); } catch (CredentialException e) { - s_log.info( "Invalid credential" ); + s_log.info("Invalid credential"); - //final String path = LegacyInitializer.getFullURL - // (LegacyInitializer.EXPIRED_PAGE_KEY, state.getRequest()); + //final String path = LegacyInitializer.getFullURL + // (LegacyInitializer.EXPIRED_PAGE_KEY, state.getRequest()); final String path = UI.getLoginExpiredPageURL(); - final URL url = com.arsdigita.web.URL.there - (state.getRequest(), path); + final URL url = com.arsdigita.web.URL.there(state.getRequest(), + path); throw new RedirectSignal(url, false); } @@ -259,11 +258,11 @@ public class UserRegistrationForm extends Form } public void process(FormSectionEvent event) throws FormProcessException { - s_log.debug( "In process" ); + s_log.debug("In process"); final PageState state = event.getPageState(); final HttpServletRequest req = state.getRequest(); - + // Redirect to workspace or return URL, if specified. final String path = UI.getUserRedirectURL(req); @@ -281,29 +280,30 @@ public class UserRegistrationForm extends Form * @throws FormProcessException if there is an unexpected login error **/ protected void loginUser(FormSectionEvent event) - throws FormProcessException { + throws FormProcessException { PageState state = event.getPageState(); try { UserContext ctx = Web.getUserContext(); String username = null; if (KernelHelper.emailIsPrimaryIdentifier()) { - username = ((InternetAddress) m_loginName.getValue(state)) - .getAddress(); + username = ((InternetAddress) m_loginName.getValue(state)). + getAddress(); } else { username = (String) m_loginName.getValue(state); } - char[] password = ((String)m_password.getValue(state)) - .trim().toCharArray(); - boolean forever = getPersistentLoginValue(event.getPageState(), false); + char[] password = ((String) m_password.getValue(state)).trim(). + toCharArray(); + boolean forever = getPersistentLoginValue(event.getPageState(), + false); // attempt to log in user ctx.login(username, password, forever); onLoginSuccess(event); } catch (FailedLoginException e) { onLoginFail(event, e); } catch (AccountNotFoundException e) { - if ( m_autoRegistrationOn) { + if (m_autoRegistrationOn) { onAccountNotFound(event, e); } else { onLoginFail(event, e); @@ -321,10 +321,9 @@ public class UserRegistrationForm extends Form // do nothing } - protected void onBadPassword(FormSectionEvent event, FailedLoginException e) - throws FormProcessException { + throws FormProcessException { onLoginFail(event, e); } @@ -334,14 +333,12 @@ public class UserRegistrationForm extends Form * Default implementation marks password parameter with an error * message. **/ - protected void onLoginFail(FormSectionEvent event, LoginException e) - throws FormProcessException { + throws FormProcessException { s_log.debug("Login fail"); - event.getFormData().addError - ( (String)ERROR_LOGIN_FAIL - .localize(event.getPageState().getRequest())); + event.getFormData().addError((String) ERROR_LOGIN_FAIL.localize(event. + getPageState().getRequest())); } /** @@ -351,7 +348,7 @@ public class UserRegistrationForm extends Form **/ protected void onAccountNotFound(FormSectionEvent event, AccountNotFoundException e) - throws FormProcessException { + throws FormProcessException { PageState state = event.getPageState(); // no such user, so bring up form for new users @@ -387,15 +384,15 @@ public class UserRegistrationForm extends Form * is no such field in the form data, returns the specified default * value. **/ - protected boolean getPersistentLoginValue - (PageState state, boolean defaultValue) { + protected boolean getPersistentLoginValue(PageState state, + boolean defaultValue) { // CheckboxGroup gets you a StringArray - String[] values = (String[])m_isPersistent.getValue(state); + String[] values = (String[]) m_isPersistent.getValue(state); if (values == null) { return defaultValue; } - String persistentLoginValue = (String)values[0]; + String persistentLoginValue = (String) values[0]; return "1".equals(persistentLoginValue); } @@ -403,7 +400,7 @@ public class UserRegistrationForm extends Form // String url = LegacyInitializer.getFullURL // (LegacyInitializer.NEWUSER_PAGE_KEY, state.getRequest()); String url = UI.getNewUserPageURL(); - + ParameterMap map = new ParameterMap(); map.setParameter(LoginHelper.RETURN_URL_PARAM_NAME, m_returnURL.getValue(state)); @@ -411,10 +408,10 @@ public class UserRegistrationForm extends Form m_isPersistent.getValue(state)); map.setParameter(FORM_EMAIL, m_loginName.getValue(state)); - + final URL dest = com.arsdigita.web.URL.there( - state.getRequest(), url, map); - + state.getRequest(), url, map); + throw new RedirectSignal(dest, true); } }