You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by Tom Adams <to...@PIsoftware.com> on 2001/04/09 04:08:44 UTC
Null secret key in confirmation email
Some people on the users list (including myself) have been having trouble with a "null" secret key being sent to a user in their confirmation email.
I've done some investigating and it appears that the secret key is never being added to the user object, from where the confirmation email attempts to retrieve it. I've made some mods to org.apache.jetspeed.modules.actions.CreateNewUserAndConfirm that add the key to the user object before the email is sent.
Could somebody with the appropriate permissions pls review the diff below and if it seems ok, commit it to the main source?
Thanks heaps,
Tom
-- >8 --- >8 ---
Index: CreateNewUserAndConfirm.java
===================================================================
RCS file: /home/cvspublic/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/CreateNewUserAndConfirm.java,v
retrieving revision 1.7
diff -c -w -r1.7 CreateNewUserAndConfirm.java
*** CreateNewUserAndConfirm.java 2001/03/07 06:43:35 1.7
--- CreateNewUserAndConfirm.java 2001/04/09 01:54:02
***************
*** 65,76 ****
--- 65,78 ----
import org.apache.turbine.services.localization.Localization;
import org.apache.turbine.services.resources.TurbineResources;
import org.apache.turbine.services.db.TurbineDB;
import org.apache.turbine.util.RunData;
import org.apache.turbine.util.GenerateUniqueId;
import org.apache.turbine.util.db.Criteria;
import org.apache.turbine.util.db.pool.DBConnection;
import org.apache.turbine.util.db.map.TurbineMapBuilder;
import org.apache.turbine.om.peer.BasePeer;
+ import org.apache.turbine.om.security.User;
import org.apache.turbine.om.security.peer.TurbineUserPeer;
import com.workingdogs.village.TableDataSet;
import com.workingdogs.village.Record;
***************
*** 88,93 ****
--- 90,96 ----
a confirmation email and then show the ConfirmRegistration screen.
@author Jon S. Stevens <a href="mailto:jon@clearink.com">jon@clearink.com</a>
+ @author Tom Adams <a href="mailto:tom@PIsoftware.com">tom@PIsoftware.com</a>
*/
public class CreateNewUserAndConfirm extends Action
{
***************
*** 152,157 ****
--- 155,168 ----
TableDataSet tds = new TableDataSet( connection, TurbineUserPeer.getTableName() );
try
{
+ // create a unique confirmation string for the new user
+ String confirmValue = GenerateUniqueId.getIdentifier();
+
+ // add the string to the user's perm storage
+ User user = data.getUser();
+ if (user != null) user.setPerm(User.CONFIRM_VALUE, confirmValue);
+
+ // add the user's details to the database
Record rec = tds.addRecord();
rec.setValue ( mapBuilder.getPassword(), data.getParameters().getString("password") );
rec.setValue ( mapBuilder.getUsername(), username );
***************
*** 159,165 ****
rec.setValue ( mapBuilder.getLastName(), data.getParameters().getString("lastname") );
rec.setValue ( mapBuilder.getEmail(), data.getParameters().getString("email") );
rec.setValue ( mapBuilder.getCreated(), new java.util.Date() );
! rec.setValue ( mapBuilder.getConfirmValue(), GenerateUniqueId.getIdentifier() );
rec.save();
data.setMessage(Localization.getString("CREATENEWUSERANDCONFIRM_CREATE"));
if (JetspeedResources.getBoolean("services.ProfileManager.enable", false))
--- 170,176 ----
rec.setValue ( mapBuilder.getLastName(), data.getParameters().getString("lastname") );
rec.setValue ( mapBuilder.getEmail(), data.getParameters().getString("email") );
rec.setValue ( mapBuilder.getCreated(), new java.util.Date() );
! rec.setValue ( mapBuilder.getConfirmValue(), confirmValue );
rec.save();
data.setMessage(Localization.getString("CREATENEWUSERANDCONFIRM_CREATE"));
if (JetspeedResources.getBoolean("services.ProfileManager.enable", false))
--
Tom Adams | Plugged In Software
Software Engineer | +61 7 3876 2188
tom@PIsoftware.com |
Fingerprint: 7B49 AB1D 852C A251 787A 5979 12C9 3ADB DD07 A6DC
---------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
RE: Null secret key in confirmation email
Posted by David Sean Taylor <da...@bluesunrise.com>.
Tom -- your fix works and its checked in.
- david
> -----Original Message-----
> From: Tom Adams [mailto:tom@PIsoftware.com]
> Sent: Sunday, April 08, 2001 7:09 PM
> To: jetspeed-dev@jakarta.apache.org
> Subject: Null secret key in confirmation email
>
>
> Some people on the users list (including myself) have been
> having trouble with a "null" secret key being sent to a user
> in their confirmation email.
>
> I've done some investigating and it appears that the secret
> key is never being added to the user object, from where the
> confirmation email attempts to retrieve it. I've made some
> mods to
> org.apache.jetspeed.modules.actions.CreateNewUserAndConfirm
> that add the key to the user object before the email is sent.
>
> Could somebody with the appropriate permissions pls review
> the diff below and if it seems ok, commit it to the main source?
>
> Thanks heaps,
>
> Tom
>
>
> -- >8 --- >8 ---
>
>
> Index: CreateNewUserAndConfirm.java
> ===================================================================
> RCS file:
> /home/cvspublic/jakarta-jetspeed/src/java/org/apache/jetspeed/
> modules/actions/CreateNewUserAndConfirm.java,v
> retrieving revision 1.7
> diff -c -w -r1.7 CreateNewUserAndConfirm.java
> *** CreateNewUserAndConfirm.java 2001/03/07 06:43:35 1.7
> --- CreateNewUserAndConfirm.java 2001/04/09 01:54:02
> ***************
> *** 65,76 ****
> --- 65,78 ----
> import org.apache.turbine.services.localization.Localization;
> import org.apache.turbine.services.resources.TurbineResources;
> import org.apache.turbine.services.db.TurbineDB;
> import org.apache.turbine.util.RunData;
> import org.apache.turbine.util.GenerateUniqueId;
> import org.apache.turbine.util.db.Criteria;
> import org.apache.turbine.util.db.pool.DBConnection;
> import org.apache.turbine.util.db.map.TurbineMapBuilder;
> import org.apache.turbine.om.peer.BasePeer;
> + import org.apache.turbine.om.security.User;
> import org.apache.turbine.om.security.peer.TurbineUserPeer;
> import com.workingdogs.village.TableDataSet;
> import com.workingdogs.village.Record;
> ***************
> *** 88,93 ****
> --- 90,96 ----
> a confirmation email and then show the
> ConfirmRegistration screen.
>
> @author Jon S. Stevens <a
> href="mailto:jon@clearink.com">jon@clearink.com</a>
> + @author Tom Adams <a
> href="mailto:tom@PIsoftware.com">tom@PIsoftware.com</a>
> */
> public class CreateNewUserAndConfirm extends Action
> {
> ***************
> *** 152,157 ****
> --- 155,168 ----
> TableDataSet tds = new TableDataSet(
> connection, TurbineUserPeer.getTableName() );
> try
> {
> + // create a unique confirmation string for
> the new user
> + String confirmValue =
> GenerateUniqueId.getIdentifier();
> +
> + // add the string to the user's perm storage
> + User user = data.getUser();
> + if (user != null)
> user.setPerm(User.CONFIRM_VALUE, confirmValue);
> +
> + // add the user's details to the database
> Record rec = tds.addRecord();
> rec.setValue ( mapBuilder.getPassword(),
> data.getParameters().getString("password") );
> rec.setValue ( mapBuilder.getUsername(), username );
> ***************
> *** 159,165 ****
> rec.setValue ( mapBuilder.getLastName(),
> data.getParameters().getString("lastname") );
> rec.setValue ( mapBuilder.getEmail(),
> data.getParameters().getString("email") );
> rec.setValue ( mapBuilder.getCreated(), new
> java.util.Date() );
> ! rec.setValue (
> mapBuilder.getConfirmValue(), GenerateUniqueId.getIdentifier() );
> rec.save();
>
> data.setMessage(Localization.getString("CREATENEWUSERANDCONFIR
> M_CREATE"));
> if
> (JetspeedResources.getBoolean("services.ProfileManager.enable"
> , false))
> --- 170,176 ----
> rec.setValue ( mapBuilder.getLastName(),
> data.getParameters().getString("lastname") );
> rec.setValue ( mapBuilder.getEmail(),
> data.getParameters().getString("email") );
> rec.setValue ( mapBuilder.getCreated(), new
> java.util.Date() );
> ! rec.setValue (
> mapBuilder.getConfirmValue(), confirmValue );
> rec.save();
>
> data.setMessage(Localization.getString("CREATENEWUSERANDCONFIR
> M_CREATE"));
> if
> (JetspeedResources.getBoolean("services.ProfileManager.enable"
> , false))
>
>
>
> --
> Tom Adams | Plugged In Software
> Software Engineer | +61 7 3876 2188
> tom@PIsoftware.com |
>
> Fingerprint: 7B49 AB1D 852C A251 787A 5979 12C9 3ADB DD07 A6DC
> ---------------------------------------------------------------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org