LibreCCM
/
libreccm-legacy
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Frage/Antwort für vergessenes Passwort kann jetzt deaktiviert werden 

git-svn-id: https://svn.libreccm.org/ccm/trunk@1144 8810af33-2d31-482b-a856-94f89814c4df
master
jensp 2011-10-05 14:08:35 +00:00
parent aaf628a435
commit 3447e16e8e
6 changed files with 231 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java
View File

@ -44,24 +44,20 @@ import org.apache.log4j.Logger;
* @version $Revision: #8 $ $Date: 2004/08/16 $
* @version $Id: SecurityConfig.java 1471 2007-03-12 11:27:55Z chrisgilbert23 $
*/
public class SecurityConfig extends AbstractConfig {
private static final Logger s_log = Logger.getLogger(SecurityConfig.class);
private static SecurityConfig s_config = null;
private static String s_systemAdministratorEmailAddress = null;
/** Size of secret key in bytes. **/
public static int SECRET_KEY_BYTES = 16;
/** The class name of the SecurityHelper implementation. Must implement
SecurityHelper interface */
private final Parameter m_securityHelperClass = new SpecificClassParameter
("waf.security_helper_class", Parameter.REQUIRED,
com.arsdigita.kernel.security.DefaultSecurityHelper.class,
com.arsdigita.kernel.security.SecurityHelper.class);
SecurityHelper interface */
private final Parameter m_securityHelperClass =
new SpecificClassParameter(
"waf.security_helper_class", Parameter.REQUIRED,
com.arsdigita.kernel.security.DefaultSecurityHelper.class,
com.arsdigita.kernel.security.SecurityHelper.class);
// /** This parameter is obsolete. */
// private final Parameter m_sessionTrackingMethod = new StringParameter
// ("waf.session_tracking_method", Parameter.REQUIRED, "cookie");
@ -69,16 +65,15 @@ public class SecurityConfig extends AbstractConfig {
* Authentication is checked for all requests, but requests with one of
* these extensions will never cause a new cookie to be set.
* Include a leading dot for each extension. */
private final Parameter m_excludedExtensions = new StringArrayParameter
("waf.excluded_extensions", Parameter.REQUIRED,
new String[] { ".jpg", ".gif", ".png", ".pdf" } );
private final Parameter m_excludedExtensions = new StringArrayParameter(
"waf.excluded_extensions", Parameter.REQUIRED,
new String[]{
".jpg", ".gif", ".png", ".pdf"});
// /////////////////////////////////////////////////////////////////////////////
// This section completely moved to com.arsdigita.ui.UIConfig.
// Configuration is not an Initializer task.
// Retained here during transition, should be removed when completed (2011-02)
// /////////////////////////////////////////////////////////////////////////////
// /** Key for the root page of the site. */
// private final Parameter m_rootPage = new StringParameter
// ("waf.pagemap.root", Parameter.REQUIRED, "register/");
@ -112,17 +107,14 @@ public class SecurityConfig extends AbstractConfig {
// ("waf.pagemap.permission", Parameter.REQUIRED, "permissions/");
// private final Parameter m_permSinglePage = new StringParameter
// ("waf.pagemap.perm_single", Parameter.REQUIRED, "permissions/one");
// ////////////////////////////////////////////////////////////////////////////
private final Parameter m_cookieDurationMinutes = new IntegerParameter
("waf.pagemap.cookies_duration_minutes", Parameter.OPTIONAL, null);
private final Parameter m_cookieDomain = new StringParameter
("waf.cookie_domain", Parameter.OPTIONAL, null);
private final Parameter m_loginConfig = new StringArrayParameter
("waf.login_config", Parameter.REQUIRED, new String[] {
private final Parameter m_cookieDurationMinutes = new IntegerParameter(
"waf.pagemap.cookies_duration_minutes", Parameter.OPTIONAL, null);
private final Parameter m_cookieDomain = new StringParameter(
"waf.cookie_domain", Parameter.OPTIONAL, null);
private final Parameter m_loginConfig = new StringArrayParameter(
"waf.login_config", Parameter.REQUIRED,
new String[]{
"Request:com.arsdigita.kernel.security.AdminLoginModule:sufficient",
"Request:com.arsdigita.kernel.security.RecoveryLoginModule:sufficient",
"Request:com.arsdigita.kernel.security.CookieLoginModule:requisite",
@ -131,15 +123,16 @@ public class SecurityConfig extends AbstractConfig {
"Register:com.arsdigita.kernel.security.CookieLoginModule:optional",
"RegisterSSO:com.arsdigita.kernel.security.SimpleSSOLoginModule:requisite",
"RegisterSSO:com.arsdigita.kernel.security.CookieLoginModule:optional"
}
);
private final Parameter m_adminEmail = new StringParameter
("waf.admin.contact_email", Parameter.OPTIONAL, null);
private final Parameter m_autoRegistrationOn = new BooleanParameter
("waf.auto_registration_on", Parameter.REQUIRED, Boolean.TRUE);
private final Parameter m_userBanOn = new BooleanParameter
("waf.user_ban_on", Parameter.REQUIRED, Boolean.FALSE);
});
private final Parameter m_adminEmail = new StringParameter(
"waf.admin.contact_email", Parameter.OPTIONAL, null);
private final Parameter m_autoRegistrationOn = new BooleanParameter(
"waf.auto_registration_on", Parameter.REQUIRED, Boolean.TRUE);
private final Parameter m_userBanOn = new BooleanParameter("waf.user_ban_on",
Parameter.REQUIRED,
Boolean.FALSE);
private final Parameter m_enableQuestion = new BooleanParameter(
"waf.user_question.enable", Parameter.REQUIRED, Boolean.FALSE);
/**
* Constructs an empty SecurityConfig object
@ -169,6 +162,7 @@ public class SecurityConfig extends AbstractConfig {
register(m_adminEmail);
register(m_autoRegistrationOn);
register(m_userBanOn);
register(m_enableQuestion);
loadInfo();
}
@ -207,13 +201,12 @@ public class SecurityConfig extends AbstractConfig {
// public final String getSessionTrackingMethod() {
// return (String) get(m_sessionTrackingMethod);
// }
/**
*
* @return
*/
public final List getExcludedExtensions() {
return Arrays.asList( (String[]) get(m_excludedExtensions));
return Arrays.asList((String[]) get(m_excludedExtensions));
}
// MOVED, see above
@ -254,37 +247,45 @@ public class SecurityConfig extends AbstractConfig {
// return (String) get(m_permSinglePage);
// }
// ///////////////////////////////////////////////////////////////////////////
public String getCookieDomain() {
return (String) get(m_cookieDomain);
}
String[] getLoginConfig() {
return (String[]) get(m_loginConfig);
}
Integer getCookieDurationMinutes() {
return (Integer) get(m_cookieDurationMinutes);
}
boolean isUserBanOn() {
return ((Boolean) get(m_userBanOn)).booleanValue();
}
public String getAdminContactEmail() {
String email = (String) get(m_adminEmail);
if (email == null || email.trim().length() == 0) {
if (email == null || email.trim().length() == 0) {
email = getSystemAdministratorEmailAddress();
}
return email;
}
public Boolean getEnableQuestion() {
return (Boolean) get(m_enableQuestion);
}
private static synchronized String getSystemAdministratorEmailAddress() {
if (s_systemAdministratorEmailAddress == null) {
ObjectPermissionCollection perms =
PermissionService.getGrantedUniversalPermissions();
PermissionService.
getGrantedUniversalPermissions();
perms.addEqualsFilter("granteeIsUser", Boolean.TRUE);
perms.clearOrder();
perms.addOrder("granteeID");
if (perms.next()) {
s_systemAdministratorEmailAddress = perms.getGranteeEmail().toString();
s_systemAdministratorEmailAddress = perms.getGranteeEmail().
toString();
perms.close();
} else {
// Haven't found anything. We don't want to repeat this query
@ -298,5 +299,4 @@ public class SecurityConfig extends AbstractConfig {
public final boolean isAutoRegistrationOn() {
return ((Boolean) get(m_autoRegistrationOn)).booleanValue();
}
}

9
ccm-core/src/com/arsdigita/kernel/security/SecurityConfig_parameter.properties
View File

@ -2,23 +2,32 @@ waf.login_config.title=Login Configuration
waf.login_config.purpose=Enter JAAS login configuration, using the syntax described in Javadoc for com.arsdigita.kernel.security.LoginConfig
waf.login_config.example=Request:com.arsdigita.kernel.security.AdminLoginModule:sufficient,Register:com.arsdigita.kernel.security.LocalLoginModule:requisite
waf.login_config.format=[string,string,...]
waf.cookie_domain.title=Cookie Domain
waf.cookie_domain.purpose=Enter the domain to which the Aplaws authentication cookie is presented
waf.cookie_domain.example=.example.com
waf.cookie_domain.format=[string]
waf.admin.contact_email.title=System administrator email address
waf.admin.contact_email.purpose=Email address that will be displayed on footer of login/admin pages, if empty then site-wide admin email will be substituted
waf.admin.contact_email.example=ccmadmin@example.com
waf.admin.contact_email.format=[string]
waf.auto_registration_on.title=Auto Registration
waf.auto_registration_on.purpose=New users get automatically redirected to the create new user form
waf.auto_registration_on.example=true
waf.auto_registration_on.format=true|false
waf.user_ban_on.title=User Ban
waf.user_ban_on.purpose=Check on each access if user has been banned from the site.
waf.user_ban_on.example=false
waf.user_ban_on.format=true|false
waf.user_question_enable.title=Enable question
waf.user_question_enable.purpose=Enable question if a user has forgotten its password
waf.user_question_enable.example=false
waf.user_question_enable.format=true|false
# Moved to com.arsdigita.ui.UIConfig (2011-02).
# Retained here for easy reference during transition phase
# waf.pagemap.root.title=Root Page

1
ccm-core/src/com/arsdigita/ui/UIConfig_parameter.properties
View File

@ -34,6 +34,7 @@ core.ui.pagemap.workspace_url.example=pvt/
core.ui.pagemap.workspace_url.format=[string]
#waf.pagemap.newuser.title=New User Page
#waf.pagemap.newuser.purpose=Enter the relative URL for the New User Page
#waf.pagemap.newuser.example=register/new-user

45
ccm-core/src/com/arsdigita/ui/admin/UserAddForm.java
View File

@ -30,41 +30,41 @@ import com.arsdigita.kernel.EmailAddress;
import com.arsdigita.kernel.PersonName;
import com.arsdigita.kernel.User;
import com.arsdigita.kernel.UserAuthentication;
import com.arsdigita.kernel.security.SecurityConfig;
/**
* Form used to add a new user to the system.
*
* @version $Id: UserAddForm.java 287 2005-02-22 00:29:02Z sskracic $
*/
class UserAddForm extends UserForm
implements FormProcessListener,
FormInitListener,
AdminConstants
{
implements FormProcessListener,
FormInitListener,
AdminConstants {
private SecurityConfig securityConfig = SecurityConfig.getConfig();
private AdminSplitPanel m_adminPanel;
/**
* Default constructor.
*/
public UserAddForm (AdminSplitPanel adminPanel) {
public UserAddForm(AdminSplitPanel adminPanel) {
super(USER_FORM_ADD);
m_adminPanel = adminPanel;
addInitListener(this);
addProcessListener(this);
// Add validation listeners for required parameters
m_question.addValidationListener
(new NotEmptyValidationListener());
if (securityConfig.getEnableQuestion()) {
// Add validation listeners for required parameters
// but only if SecurityConfig.getEnableQuestion is true (jensp 2011-10-05)
m_question.addValidationListener(new NotEmptyValidationListener());
}
}
/**
* Initialize the form
*/
public void init(FormSectionEvent e) {
PageState state = e.getPageState();
@ -77,16 +77,14 @@ class UserAddForm extends UserForm
/**
* Process the form.
*/
public void process (FormSectionEvent e)
throws FormProcessException
{
public void process(FormSectionEvent e)
throws FormProcessException {
PageState state = e.getPageState();
User user = new User();
String email =
((InternetAddress) m_primaryEmail.getValue(state)).getAddress();
((InternetAddress) m_primaryEmail.getValue(state)).getAddress();
user.setPrimaryEmail(new EmailAddress(email));
user.setScreenName((String) m_screenName.getValue(state));
@ -106,10 +104,9 @@ class UserAddForm extends UserForm
// Add optional additional email address
InternetAddress additional =
(InternetAddress) m_additionalEmail.getValue(state);
(InternetAddress) m_additionalEmail.getValue(state);
if (additional != null) {
user.addEmailAddress
(new EmailAddress(additional.getAddress()));
user.addEmailAddress(new EmailAddress(additional.getAddress()));
}
// Make new user persistent
@ -119,11 +116,13 @@ class UserAddForm extends UserForm
// Save user authentication credentials.
UserAuthentication auth =
UserAuthentication.createForUser(user);
UserAuthentication.createForUser(user);
auth.setPassword((String) m_password.getValue(state));
auth.setPasswordQuestion((String) m_question.getValue(state));
auth.setPasswordAnswer((String) m_answer.getValue(state));
if (securityConfig.getEnableQuestion()) {
auth.setPasswordQuestion((String) m_question.getValue(state));
auth.setPasswordAnswer((String) m_answer.getValue(state));
}
auth.save();
// Switch to browse tab.

170
ccm-core/src/com/arsdigita/ui/admin/UserForm.java
View File

@ -18,7 +18,6 @@
*/
package com.arsdigita.ui.admin;
import com.arsdigita.bebop.Form;
import com.arsdigita.bebop.FormData;
import com.arsdigita.bebop.FormProcessException;
@ -36,6 +35,7 @@ import com.arsdigita.bebop.parameters.StringLengthValidationListener;
import com.arsdigita.bebop.parameters.StringParameter;
import com.arsdigita.bebop.parameters.URLParameter;
import com.arsdigita.kernel.Kernel;
import com.arsdigita.kernel.security.SecurityConfig;
import com.arsdigita.persistence.DataQuery;
import com.arsdigita.persistence.Filter;
import com.arsdigita.persistence.SessionManager;
@ -52,23 +52,22 @@ import javax.servlet.http.HttpServletRequest;
* @author David Dao
* @version $Id: UserForm.java 1508 2007-03-22 00:04:22Z apevec $
*/
class UserForm extends Form implements FormValidationListener, AdminConstants {
protected TextField m_firstName;
protected TextField m_lastName;
protected TextField m_primaryEmail;
protected TextField m_additionalEmail;
protected Password m_password;
protected Password m_confirmPassword;
protected Password m_password;
protected Password m_confirmPassword;
protected TextField m_question;
protected TextField m_answer;
protected TextField m_url;
protected TextField m_screenName;
protected EmailList m_emailList;
private PasswordValidationListener m_pwListener;
private NotEmptyValidationListener m_notNullListener;
private SecurityConfig securityConfig = SecurityConfig.getConfig();
public UserForm(String formName) {
super(formName);
@ -87,61 +86,61 @@ class UserForm extends Form implements FormValidationListener, AdminConstants {
int max = 60;
m_firstName = new TextField(
new StringParameter(USER_FORM_INPUT_FIRST_NAME));
new StringParameter(USER_FORM_INPUT_FIRST_NAME));
m_firstName.setMaxLength(max);
m_firstName.setSize(20);
m_firstName.addValidationListener
(new NotEmptyValidationListener());
m_firstName.addValidationListener
(new StringLengthValidationListener(max));
m_firstName.addValidationListener(new NotEmptyValidationListener());
m_firstName.addValidationListener(
new StringLengthValidationListener(max));
add(USER_FORM_LABEL_FIRST_NAME);
add(m_firstName);
m_lastName = new TextField(
new StringParameter(USER_FORM_INPUT_LAST_NAME));
new StringParameter(USER_FORM_INPUT_LAST_NAME));
m_lastName.setMaxLength(max);
m_lastName.setSize(25);
m_lastName.addValidationListener
(new NotEmptyValidationListener());
m_lastName.addValidationListener
(new StringLengthValidationListener(max));
m_lastName.addValidationListener(new NotEmptyValidationListener());
m_lastName.addValidationListener(new StringLengthValidationListener(max));
add(USER_FORM_LABEL_LAST_NAME);
add(m_lastName);
// Password
m_password = new Password
(new StringParameter(USER_FORM_INPUT_PASSWORD));
m_password = new Password(new StringParameter(USER_FORM_INPUT_PASSWORD));
add(USER_FORM_LABEL_PASSWORD);
add(m_password);
// Password confirmation
m_confirmPassword = new Password
(new StringParameter(USER_FORM_INPUT_PASSWORD_CONFIRMATION));
m_confirmPassword = new Password(new StringParameter(
USER_FORM_INPUT_PASSWORD_CONFIRMATION));
add(USER_FORM_LABEL_PASSWORD_CONFIRMATION);
add(m_confirmPassword);
// Password question
m_question = new TextField(new StringParameter(USER_FORM_INPUT_QUESTION));
m_question =
new TextField(new StringParameter(USER_FORM_INPUT_QUESTION));
m_question.setSize(50);
add(USER_FORM_LABEL_QUESTION);
add(m_question);
if (securityConfig.getEnableQuestion()) {
add(USER_FORM_LABEL_QUESTION);
add(m_question);
}
// Password answer
m_answer = new TextField(new StringParameter(USER_FORM_INPUT_ANSWER));
m_answer.setSize(50);
add(USER_FORM_LABEL_ANSWER);
add(m_answer);
if (securityConfig.getEnableQuestion()) {
add(USER_FORM_LABEL_ANSWER);
add(m_answer);
}
// Primary email address
m_primaryEmail = new TextField
(new EmailParameter(USER_FORM_INPUT_PRIMARY_EMAIL));
m_primaryEmail.addValidationListener
(new NotEmptyValidationListener());
m_primaryEmail = new TextField(new EmailParameter(
USER_FORM_INPUT_PRIMARY_EMAIL));
m_primaryEmail.addValidationListener(new NotEmptyValidationListener());
m_primaryEmail.setSize(50);
add(USER_FORM_LABEL_PRIMARY_EMAIL);
add(m_primaryEmail);
@ -151,15 +150,15 @@ class UserForm extends Form implements FormValidationListener, AdminConstants {
add(USER_FORM_LABEL_ADDITIONAL_EMAIL_LIST);
add(m_emailList);
m_additionalEmail = new TextField
(new EmailParameter(USER_FORM_INPUT_ADDITIONAL_EMAIL));
m_additionalEmail = new TextField(new EmailParameter(
USER_FORM_INPUT_ADDITIONAL_EMAIL));
m_additionalEmail.setSize(50);
add(USER_FORM_LABEL_ADDITIONAL_EMAIL);
add(m_additionalEmail);
// Screen name
m_screenName = new TextField
(new StringParameter(USER_FORM_INPUT_SCREEN_NAME));
m_screenName = new TextField(new StringParameter(
USER_FORM_INPUT_SCREEN_NAME));
if (Kernel.getConfig().screenNameIsPrimaryIdentifier()) {
m_screenName.addValidationListener(new NotEmptyValidationListener());
}
@ -185,10 +184,8 @@ class UserForm extends Form implements FormValidationListener, AdminConstants {
* password-confirm field. Also verifies that primary email
* address and screen name are unique amoung all users.
*/
public void validate (FormSectionEvent event)
throws FormProcessException
{
public void validate(FormSectionEvent event)
throws FormProcessException {
PageState ps = event.getPageState();
FormData data = event.getFormData();
HttpServletRequest req = ps.getRequest();
@ -199,50 +196,57 @@ class UserForm extends Form implements FormValidationListener, AdminConstants {
/**
* Verify that password and confirmation match.
*/
if (userID == null) {
m_pwListener.validate(
new ParameterEvent(event.getSource(),
data.getParameter(USER_FORM_INPUT_PASSWORD)));
new ParameterEvent(event.getSource(),
data.getParameter(
USER_FORM_INPUT_PASSWORD)));
m_notNullListener.validate(
new ParameterEvent(event.getSource(),
data.getParameter(USER_FORM_INPUT_PASSWORD_CONFIRMATION)));
new ParameterEvent(event.getSource(),
data.getParameter(
USER_FORM_INPUT_PASSWORD_CONFIRMATION)));
String password = (String) m_password.getValue(ps);
String confirm = (String) m_confirmPassword.getValue(ps);
String confirm = (String) m_confirmPassword.getValue(ps);
if (!StringUtils.emptyString(password) && !StringUtils.emptyString(confirm)) {
if (!StringUtils.emptyString(password) && !StringUtils.emptyString(
confirm)) {
if (!password.equals(confirm)) {
data.addError(USER_FORM_INPUT_PASSWORD_CONFIRMATION,
(String) USER_FORM_ERROR_PASSWORD_NOT_MATCH.localize(req));
(String) USER_FORM_ERROR_PASSWORD_NOT_MATCH.
localize(req));
}
}
}
// If the password answer is anything but null, make sure it
// contains some non-whitespace characters
String answer = (String) m_answer.getValue(ps);
if (userID == null) {
// Check for add form.
if (answer == null || answer.trim().length()==0) {
data.addError(USER_FORM_INPUT_ANSWER,
(String) USER_FORM_ERROR_ANSWER_NULL.localize(req));
}
} else {
// Check for edit form
if (answer != null && answer.length() > 0 && answer.trim().length() == 0) {
data.addError(USER_FORM_INPUT_ANSWER,
(String) USER_FORM_ERROR_ANSWER_NULL.localize(req));
if (securityConfig.getEnableQuestion()) {
// If the password answer is anything but null, make sure it
// contains some non-whitespace characters
String answer = (String) m_answer.getValue(ps);
if (userID == null) {
// Check for add form.
if (answer == null || answer.trim().length() == 0) {
data.addError(USER_FORM_INPUT_ANSWER,
(String) USER_FORM_ERROR_ANSWER_NULL.localize(
req));
}
} else {
// Check for edit form
if (answer != null && answer.length() > 0 && answer.trim().
length()
== 0) {
data.addError(USER_FORM_INPUT_ANSWER,
(String) USER_FORM_ERROR_ANSWER_NULL.localize(
req));
}
}
}
/**
* Verify that primary email and screen name are unique
*/
DataQuery query = SessionManager.getSession().retrieveQuery
("com.arsdigita.kernel.RetrieveUsers");
DataQuery query = SessionManager.getSession().retrieveQuery(
"com.arsdigita.kernel.RetrieveUsers");
query.setParameter("excludeGroupId", new BigDecimal(0));
String email = null;
@ -252,8 +256,8 @@ class UserForm extends Form implements FormValidationListener, AdminConstants {
String screenName = (String) m_screenName.getValue(ps);
Filter filter = query.addFilter
("primaryEmail = :email or screenName = :sn");
Filter filter = query.addFilter(
"primaryEmail = :email or screenName = :sn");
filter.set("email", email);
filter.set("sn", screenName);
@ -267,18 +271,17 @@ class UserForm extends Form implements FormValidationListener, AdminConstants {
* screen name, email address, or both. Check the results and
* produce appropriate error messages.
*/
while (query.next()) {
if (screenName != null &&
screenName.equals(query.get("screenName"))) {
if (screenName != null && screenName.equals(query.get("screenName"))) {
data.addError(USER_FORM_INPUT_SCREEN_NAME,
(String) USER_FORM_ERROR_SCREEN_NAME_NOT_UNIQUE.localize(req));
(String) USER_FORM_ERROR_SCREEN_NAME_NOT_UNIQUE.
localize(req));
}
if (email != null &&
email.equals(query.get("primaryEmail"))) {
if (email != null && email.equals(query.get("primaryEmail"))) {
data.addError(USER_FORM_INPUT_PRIMARY_EMAIL,
(String) USER_FORM_ERROR_PRIMARY_EMAIL_NOT_UNIQUE.localize(req));
(String) USER_FORM_ERROR_PRIMARY_EMAIL_NOT_UNIQUE.
localize(req));
}
}
@ -288,30 +291,31 @@ class UserForm extends Form implements FormValidationListener, AdminConstants {
/**
* Hide all security-related components
*/
protected void hideSecurityInfo (PageState state) {
setSecurityInfo(state,false);
protected void hideSecurityInfo(PageState state) {
setSecurityInfo(state, false);
}
/**
* Show all security-related components
*/
protected void showSecurityInfo (PageState state) {
setSecurityInfo(state,true);
protected void showSecurityInfo(PageState state) {
setSecurityInfo(state, true);
}
private void setSecurityInfo (PageState state, boolean isVisible) {
private void setSecurityInfo(PageState state, boolean isVisible) {
USER_FORM_LABEL_PASSWORD.setVisible(state, isVisible);
USER_FORM_LABEL_PASSWORD_CONFIRMATION.setVisible(state, isVisible);
USER_FORM_LABEL_QUESTION.setVisible(state, isVisible);
USER_FORM_LABEL_ANSWER.setVisible(state, isVisible);
if (securityConfig.getEnableQuestion()) {
USER_FORM_LABEL_QUESTION.setVisible(state, isVisible);
USER_FORM_LABEL_ANSWER.setVisible(state, isVisible);
}
m_password.setVisible(state, isVisible);
m_confirmPassword.setVisible(state, isVisible);
m_question.setVisible(state, isVisible);
m_answer.setVisible(state, isVisible);
if (securityConfig.getEnableQuestion()) {
m_question.setVisible(state, isVisible);
m_answer.setVisible(state, isVisible);
}
}
}

135
ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java
View File

@ -48,6 +48,7 @@ import com.arsdigita.kernel.security.AccountNotFoundException;
import com.arsdigita.kernel.security.Credential;
import com.arsdigita.kernel.security.CredentialException;
// import com.arsdigita.kernel.security.LegacyInitializer;
import com.arsdigita.kernel.security.SecurityConfig;
import com.arsdigita.kernel.security.UserContext;
import com.arsdigita.ui.UI;
import com.arsdigita.web.ParameterMap;
@ -71,23 +72,21 @@ import org.apache.log4j.Logger;
*
* @version $Id: UserRegistrationForm.java 1230 2006-06-22 11:50:59Z apevec $
*/
public class UserRegistrationForm extends Form
implements LoginConstants, FormInitListener,
FormValidationListener, FormProcessListener {
FormValidationListener, FormProcessListener {
private static final Logger s_log =
Logger.getLogger(UserRegistrationForm.class);
Logger.getLogger(UserRegistrationForm.class);
// package friendly static form name makes writing HttpUnitTest easier
final static String FORM_NAME = "user-login";
private CheckboxGroup m_isPersistent;
private Hidden m_timestamp;
private Hidden m_returnURL;
private TextField m_loginName;
private Password m_password;
private boolean m_autoRegistrationOn;
private SecurityConfig securityConfig = SecurityConfig.getConfig();
public UserRegistrationForm() {
this(true);
@ -111,18 +110,18 @@ public class UserRegistrationForm extends Form
m_autoRegistrationOn = autoRegistrationOn;
m_timestamp = new Hidden(new StringParameter (FORM_TIMESTAMP));
m_timestamp = new Hidden(new StringParameter(FORM_TIMESTAMP));
add(m_timestamp);
m_returnURL = new Hidden(new URLParameter
(LoginHelper.RETURN_URL_PARAM_NAME));
m_returnURL = new Hidden(new URLParameter(
LoginHelper.RETURN_URL_PARAM_NAME));
m_returnURL.setPassIn(true);
add(m_returnURL);
setupLogin();
add(new Label(LoginHelper.getMessage
("login.userRegistrationForm.password")));
add(new Label(LoginHelper.getMessage(
"login.userRegistrationForm.password")));
m_password = new Password(new StringParameter(FORM_PASSWORD));
// Since new users should not enter a password, allow null.
//m_password.addValidationListener(new NotNullValidationListener());
@ -130,25 +129,27 @@ public class UserRegistrationForm extends Form
SimpleContainer cookiePanel = new BoxPanel(BoxPanel.HORIZONTAL);
m_isPersistent =
new CheckboxGroup(FORM_PERSISTENT_LOGIN_P);
new CheckboxGroup(FORM_PERSISTENT_LOGIN_P);
Label optLabel =
new Label(LoginHelper.getMessage
("login.userRegistrationForm.cookieOption"));
new Label(LoginHelper.getMessage(
"login.userRegistrationForm.cookieOption"));
Option opt = new Option(FORM_PERSISTENT_LOGIN_P_DEFAULT, optLabel);
m_isPersistent.addOption(opt);
if (Kernel.getConfig().isLoginRemembered()) {
m_isPersistent.setOptionSelected(FORM_PERSISTENT_LOGIN_P_DEFAULT);
}
cookiePanel.add(m_isPersistent);
cookiePanel.add(new DynamicLink
("login.userRegistrationForm.explainCookieLink",
UI.getCookiesExplainPageURL()));
cookiePanel.add(new DynamicLink(
"login.userRegistrationForm.explainCookieLink",
UI.getCookiesExplainPageURL()));
add(cookiePanel);
add(new Submit(SUBMIT), ColumnPanel.CENTER | ColumnPanel.FULL_WIDTH);
add(new DynamicLink("login.userRegistrationForm.forgotPasswordLink",
UI.getRecoverPasswordPageURL()));
if (securityConfig.getEnableQuestion()) {
add(new DynamicLink("login.userRegistrationForm.forgotPasswordLink",
UI.getRecoverPasswordPageURL()));
}
if (m_autoRegistrationOn) {
add(new DynamicLink("login.userRegistrationForm.newUserRegister",
@ -156,20 +157,19 @@ public class UserRegistrationForm extends Form
}
add(new ElementComponent("subsite:promptToEnableCookiesMsg",
SubsiteDispatcher.SUBSITE_NS_URI));
SubsiteDispatcher.SUBSITE_NS_URI));
}
/**
* Sets up the login form parameters
*/
private void setupLogin() {
SimpleContainer loginMessage =
new SimpleContainer("subsite:loginPromptMsg",
SubsiteDispatcher.SUBSITE_NS_URI);
new SimpleContainer("subsite:loginPromptMsg",
SubsiteDispatcher.SUBSITE_NS_URI);
if (KernelHelper.emailIsPrimaryIdentifier()){
if (KernelHelper.emailIsPrimaryIdentifier()) {
loginMessage.setClassAttr("email");
} else {
loginMessage.setClassAttr("screenName");
@ -177,26 +177,26 @@ public class UserRegistrationForm extends Form
add(loginMessage);
if (KernelHelper.emailIsPrimaryIdentifier()){
add(new Label(LoginHelper.getMessage
("login.userRegistrationForm.email")));
if (KernelHelper.emailIsPrimaryIdentifier()) {
add(new Label(LoginHelper.getMessage(
"login.userRegistrationForm.email")));
m_loginName = new TextField(new EmailParameter(FORM_LOGIN));
addInitListener(new EmailInitListener
((EmailParameter)m_loginName.getParameterModel()));
addInitListener(new EmailInitListener((EmailParameter) m_loginName.
getParameterModel()));
} else {
add(new Label(LoginHelper.getMessage
("login.userRegistrationForm.screenName")));
add(new Label(LoginHelper.getMessage(
"login.userRegistrationForm.screenName")));
m_loginName = new TextField(new StringParameter(FORM_LOGIN));
addInitListener(new ScreenNameInitListener
((StringParameter)m_loginName.getParameterModel()));
addInitListener(new ScreenNameInitListener((StringParameter) m_loginName.
getParameterModel()));
}
m_loginName.addValidationListener(new NotNullValidationListener());
add(m_loginName);
}
public void init(FormSectionEvent event)
throws FormProcessException {
s_log.info( "In init" );
throws FormProcessException {
s_log.info("In init");
if (Kernel.getConfig().isSSOenabled()) {
// try SSO login
s_log.info("trying SSO");
@ -207,42 +207,41 @@ public class UserRegistrationForm extends Form
return;
} catch (LoginException le) {
// continue with standard form-based login
s_log.debug("SSO failed",le);
s_log.debug("SSO failed", le);
}
}
try {
// create timestamp
String value = Credential
.create(FORM_TIMESTAMP, 1000 * TIMESTAMP_LIFETIME_SECS)
.toString();
String value = Credential.create(FORM_TIMESTAMP,
1000 * TIMESTAMP_LIFETIME_SECS).
toString();
m_timestamp.setValue(event.getPageState(), value);
} catch (CredentialException e) {
s_log.debug("Could not create timestamp", e);
throw new FormProcessException
("Could not create timestamp", e);
throw new FormProcessException("Could not create timestamp", e);
}
}
public void validate(FormSectionEvent event)
throws FormProcessException {
throws FormProcessException {
s_log.debug( "In validate" );
s_log.debug("In validate");
FormData data = event.getFormData();
PageState state = event.getPageState();
try {
// check timestamp
try {
Credential.parse((String)m_timestamp.getValue(state));
Credential.parse((String) m_timestamp.getValue(state));
} catch (CredentialException e) {
s_log.info( "Invalid credential" );
s_log.info("Invalid credential");
//final String path = LegacyInitializer.getFullURL
// (LegacyInitializer.EXPIRED_PAGE_KEY, state.getRequest());
//final String path = LegacyInitializer.getFullURL
// (LegacyInitializer.EXPIRED_PAGE_KEY, state.getRequest());
final String path = UI.getLoginExpiredPageURL();
final URL url = com.arsdigita.web.URL.there
(state.getRequest(), path);
final URL url = com.arsdigita.web.URL.there(state.getRequest(),
path);
throw new RedirectSignal(url, false);
}
@ -259,7 +258,7 @@ public class UserRegistrationForm extends Form
}
public void process(FormSectionEvent event) throws FormProcessException {
s_log.debug( "In process" );
s_log.debug("In process");
final PageState state = event.getPageState();
final HttpServletRequest req = state.getRequest();
@ -281,29 +280,30 @@ public class UserRegistrationForm extends Form
* @throws FormProcessException if there is an unexpected login error
**/
protected void loginUser(FormSectionEvent event)
throws FormProcessException {
throws FormProcessException {
PageState state = event.getPageState();
try {
UserContext ctx = Web.getUserContext();
String username = null;
if (KernelHelper.emailIsPrimaryIdentifier()) {
username = ((InternetAddress) m_loginName.getValue(state))
.getAddress();
username = ((InternetAddress) m_loginName.getValue(state)).
getAddress();
} else {
username = (String) m_loginName.getValue(state);
}
char[] password = ((String)m_password.getValue(state))
.trim().toCharArray();
boolean forever = getPersistentLoginValue(event.getPageState(), false);
char[] password = ((String) m_password.getValue(state)).trim().
toCharArray();
boolean forever = getPersistentLoginValue(event.getPageState(),
false);
// attempt to log in user
ctx.login(username, password, forever);
onLoginSuccess(event);
} catch (FailedLoginException e) {
onLoginFail(event, e);
} catch (AccountNotFoundException e) {
if ( m_autoRegistrationOn) {
if (m_autoRegistrationOn) {
onAccountNotFound(event, e);
} else {
onLoginFail(event, e);
@ -321,10 +321,9 @@ public class UserRegistrationForm extends Form
// do nothing
}
protected void onBadPassword(FormSectionEvent event,
FailedLoginException e)
throws FormProcessException {
throws FormProcessException {
onLoginFail(event, e);
}
@ -334,14 +333,12 @@ public class UserRegistrationForm extends Form
* Default implementation marks password parameter with an error
* message.
**/
protected void onLoginFail(FormSectionEvent event,
LoginException e)
throws FormProcessException {
throws FormProcessException {
s_log.debug("Login fail");
event.getFormData().addError
( (String)ERROR_LOGIN_FAIL
.localize(event.getPageState().getRequest()));
event.getFormData().addError((String) ERROR_LOGIN_FAIL.localize(event.
getPageState().getRequest()));
}
/**
@ -351,7 +348,7 @@ public class UserRegistrationForm extends Form
**/
protected void onAccountNotFound(FormSectionEvent event,
AccountNotFoundException e)
throws FormProcessException {
throws FormProcessException {
PageState state = event.getPageState();
// no such user, so bring up form for new users
@ -387,15 +384,15 @@ public class UserRegistrationForm extends Form
* is no such field in the form data, returns the specified default
* value.
**/
protected boolean getPersistentLoginValue
(PageState state, boolean defaultValue) {
protected boolean getPersistentLoginValue(PageState state,
boolean defaultValue) {
// CheckboxGroup gets you a StringArray
String[] values = (String[])m_isPersistent.getValue(state);
String[] values = (String[]) m_isPersistent.getValue(state);
if (values == null) {
return defaultValue;
}
String persistentLoginValue = (String)values[0];
String persistentLoginValue = (String) values[0];
return "1".equals(persistentLoginValue);
}
@ -413,7 +410,7 @@ public class UserRegistrationForm extends Form
m_loginName.getValue(state));
final URL dest = com.arsdigita.web.URL.there(
state.getRequest(), url, map);
state.getRequest(), url, map);
throw new RedirectSignal(dest, true);
}