You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by as...@apache.org on 2014/10/09 21:15:44 UTC
svn commit: r1630560 - in /sling/trunk/bundles/auth/core/src/main:
java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
resources/OSGI-INF/metatype/metatype.properties
Author: asanso
Date: Thu Oct 9 19:15:43 2014
New Revision: 1630560
URL: http://svn.apache.org/r1630560
Log:
SLING-3991 - Support Password Change Upon Expiry Via SimpleCredentials Attribute (applied patch from Dominique Jaeggi)
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
sling/trunk/bundles/auth/core/src/main/resources/OSGI-INF/metatype/metatype.properties
Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java?rev=1630560&r1=1630559&r2=1630560&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java (original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java Thu Oct 9 19:15:43 2014
@@ -113,6 +113,12 @@ public class SlingAuthenticator implemen
@Property(value = DEFAULT_IMPERSONATION_PARAMETER)
public static final String PAR_IMPERSONATION_PAR_NAME = "auth.sudo.parameter";
+ /** The default new password parameter name */
+ private static final String DEFAULT_NEWPASSWORD_PARAMETER = "newpassword";
+
+ @Property(value = DEFAULT_NEWPASSWORD_PARAMETER)
+ public static final String PAR_NEWPASSWORD_PAR_NAME = "auth.newpassword.parameter";
+
/** The default value for allowing anonymous access */
private static final boolean DEFAULT_ANONYMOUS_ALLOWED = true;
@@ -233,6 +239,9 @@ public class SlingAuthenticator implemen
*/
private char[] anonPassword;
+ /** name of the new password parameter */
+ private String newPasswordParameterName;
+
/** HTTP Basic authentication handler */
private HttpBasicAuthenticationHandler httpBasicHandler;
@@ -350,6 +359,8 @@ public class SlingAuthenticator implemen
this.anonPassword = null;
}
+ this.newPasswordParameterName = OsgiUtil.toString(properties.get(PAR_NEWPASSWORD_PAR_NAME), "");
+
authUriSuffices = OsgiUtil.toStringArray(properties.get(PAR_AUTH_URI_SUFFIX),
new String[] { DEFAULT_AUTH_URI_SUFFIX });
@@ -760,6 +771,7 @@ public class SlingAuthenticator implemen
// try to connect
try {
handleImpersonation(request, authInfo);
+ handlePasswordChange(request, authInfo);
ResourceResolver resolver = resourceResolverFactory.getResourceResolver(authInfo);
final boolean impersChanged = setSudoCookie(request, response, authInfo);
@@ -1241,6 +1253,25 @@ public class SlingAuthenticator implemen
}
}
+ /**
+ * Handles password change based on the request parameter for the new password
+ * (see {@link #newPasswordParameterName}).
+ * <p>
+ * If the new password request parameter is present, it is added to the authInfo
+ * object, which is later transformed to SimpleCredentials attributes.
+ *
+ * @param req The {@link HttpServletRequest} optionally containing
+ * the new password parameter.
+ * @param authInfo The authentication info into which the
+ * <code>newPassword</code> property is set.
+ */
+ private void handlePasswordChange(HttpServletRequest req, AuthenticationInfo authInfo) {
+ String newPassword = req.getParameter(this.newPasswordParameterName);
+ if (newPassword != null && newPassword.length() > 0) {
+ authInfo.put("user.newpassword", newPassword);
+ }
+ }
+
private String getSudoCookieValue(HttpServletRequest req) {
// the current state of impersonation
String currentSudo = null;
Modified: sling/trunk/bundles/auth/core/src/main/resources/OSGI-INF/metatype/metatype.properties
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/resources/OSGI-INF/metatype/metatype.properties?rev=1630560&r1=1630559&r2=1630560&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/resources/OSGI-INF/metatype/metatype.properties (original)
+++ sling/trunk/bundles/auth/core/src/main/resources/OSGI-INF/metatype/metatype.properties Thu Oct 9 19:15:43 2014
@@ -96,6 +96,11 @@ auth.sudo.parameter.description = The na
impersonated session (instead of the actually authenticated session) and set \
a session cookie of the name defined in the Impersonation Cookie setting.
+auth.newpassword.parameter.name = New Password Parameter
+auth.newpassword.parameter.description = The name of the request POST parameter \
+ used for changing the password alongside a login request when the user's password \
+ has expired.
+
auth.http.name = HTTP Basic Authentication
auth.http.description = Level of support for HTTP Basic Authentication. Such \
support can be provided in three levels: (1) no support at all, that is \