You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2008/09/23 18:06:13 UTC
svn commit: r698213 - in
/portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security:
ChangePasswordPortlet.java users/UserDetailsPortlet.java
Author: ate
Date: Tue Sep 23 09:06:12 2008
New Revision: 698213
URL: http://svn.apache.org/viewvc?rev=698213&view=rev
Log:
Adjusting credential handling to the new security api
Modified:
portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/ChangePasswordPortlet.java
portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
Modified: portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/ChangePasswordPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/ChangePasswordPortlet.java?rev=698213&r1=698212&r2=698213&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/ChangePasswordPortlet.java (original)
+++ portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/ChangePasswordPortlet.java Tue Sep 23 09:06:12 2008
@@ -19,6 +19,7 @@
import java.io.IOException;
import java.text.MessageFormat;
import java.util.ArrayList;
+import java.util.Iterator;
import java.util.ResourceBundle;
import javax.portlet.ActionRequest;
@@ -33,7 +34,6 @@
import org.apache.jetspeed.CommonPortletServices;
import org.apache.jetspeed.PortalReservedParameters;
import org.apache.jetspeed.audit.AuditActivity;
-import org.apache.jetspeed.portlets.security.users.UserDetailsPortlet;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.InvalidNewPasswordException;
import org.apache.jetspeed.security.InvalidPasswordException;
@@ -41,6 +41,7 @@
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.User;
+import org.apache.jetspeed.security.UserCredential;
import org.apache.jetspeed.security.UserManager;
import org.apache.portals.bridges.common.GenericServletPortlet;
@@ -55,6 +56,8 @@
private UserManager manager;
private AuditActivity audit;
+ public static final String USER_ADMINISTRATION = "J2 User Administration";
+
public static final String CURRENT_PASSWORD = "currentPassword";
public static final String NEW_PASSWORD = "newPassword";
public static final String NEW_PASSWORD_AGAIN = "newPasswordAgain";
@@ -175,14 +178,21 @@
PasswordCredential credential = manager.getPasswordCredential(user);
credential.setPassword(currPassword, newPassword);
manager.storePasswordCredential(credential);
- audit.logUserActivity(userName, getIPAddress(actionRequest), AuditActivity.PASSWORD_CHANGE_SUCCESS, UserDetailsPortlet.USER_ADMINISTRATION);
+ audit.logUserActivity(userName, getIPAddress(actionRequest), AuditActivity.PASSWORD_CHANGE_SUCCESS, USER_ADMINISTRATION);
- // refresh/update Subject in session to reflect the changed PasswordCredential
- //Subject subject = manager.getUser(userName).getSubject();
- Subject subject = manager.getSubject(user);
-
+ // update Subject in session to reflect the changed PasswordCredential
RequestContext requestContext = (RequestContext)actionRequest.getAttribute(PortalReservedParameters.REQUEST_CONTEXT_ATTRIBUTE);
- requestContext.setSessionAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT, subject);
+ Subject subject = (Subject)requestContext.getSessionAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
+ Iterator<Object> iter = subject.getPrivateCredentials().iterator();
+ while (iter.hasNext())
+ {
+ Object o = iter.next();
+ if (o instanceof UserCredential)
+ {
+ ((UserCredential)o).synchronize(credential);
+ break;
+ }
+ }
}
catch ( InvalidPasswordException ipe )
{
Modified: portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java?rev=698213&r1=698212&r2=698213&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java (original)
+++ portals/jetspeed-2/applications/j2-admin/branches/security-refactoring/src/main/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java Tue Sep 23 09:06:12 2008
@@ -682,73 +682,79 @@
{
try
{
+ PasswordCredential credential = userManager.getPasswordCredential(user);
+
String password = actionRequest.getParameter("user_cred_value");
boolean passwordSet = false;
if (password != null && password.trim().length() > 0)
{
- PasswordCredential credential = userManager.getPasswordCredential(user);
credential.setPassword(null, password);
userManager.storePasswordCredential(credential);
audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
AuditActivity.PASSWORD_RESET, USER_ADMINISTRATION);
passwordSet = true;
}
- PasswordCredential credential = getCredential(actionRequest, userName);
- if (credential != null)
- {
- String updateRequiredStr = actionRequest.getParameter("user_cred_updreq");
- if (updateRequiredStr != null)
- {
- boolean updateRequired = Boolean.valueOf(updateRequiredStr).booleanValue();
- if (updateRequired != credential.isUpdateRequired())
- {
- // userManager.setPasswordUpdateRequired(userName,updateRequired);
- credential.setUpdateRequired(updateRequired);
- audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
- AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);
- }
- }
- String enabledStr = actionRequest.getParameter("user_cred_enabled");
- if (enabledStr != null)
- {
- boolean enabled = Boolean.valueOf(enabledStr).booleanValue();
- if (enabled != credential.isEnabled())
- {
- // userManager.setPasswordEnabled(userName,enabled);
- credential.setEnabled(enabled);
- String activity = (enabled) ? AuditActivity.PASSWORD_ENABLED : AuditActivity.PASSWORD_DISABLED;
- audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, activity,
- USER_ADMINISTRATION);
- }
- }
- String expiredFlagStr = actionRequest.getParameter("user_expired_flag");
- if (expiredFlagStr != null)
- {
- if (!passwordSet && expiredFlagStr.equals("expired"))
- {
- java.sql.Date today = new java.sql.Date(new Date().getTime());
- // userManager.setPasswordExpiration(userName,today);
- credential.setExpirationDate(today);
- audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
- AuditActivity.PASSWORD_EXPIRE, USER_ADMINISTRATION);
- }
- else if (expiredFlagStr.equals("extend"))
- {
- //userManager.setPasswordExpiration(userName, null);
- //TODO need to ask
- credential.setExpirationDate(MAX_DATE);
- audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
- AuditActivity.PASSWORD_EXTEND, USER_ADMINISTRATION);
- }
- else if (expiredFlagStr.equals("unlimited"))
- {
- credential.setExpirationDate(MAX_DATE);
- audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
- AuditActivity.PASSWORD_UNLIMITED, USER_ADMINISTRATION);
- }
- }
- }
- userManager.storePasswordCredential(credential);
+ boolean update = false;
+ String updateRequiredStr = actionRequest.getParameter("user_cred_updreq");
+ if (updateRequiredStr != null)
+ {
+ boolean updateRequired = Boolean.valueOf(updateRequiredStr).booleanValue();
+ if (updateRequired != credential.isUpdateRequired())
+ {
+ // userManager.setPasswordUpdateRequired(userName,updateRequired);
+ credential.setUpdateRequired(updateRequired);
+ update = true;
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
+ AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);
+ }
+ }
+ String enabledStr = actionRequest.getParameter("user_cred_enabled");
+ if (enabledStr != null)
+ {
+ boolean enabled = Boolean.valueOf(enabledStr).booleanValue();
+ if (enabled != credential.isEnabled())
+ {
+ // userManager.setPasswordEnabled(userName,enabled);
+ credential.setEnabled(enabled);
+ update = true;
+ String activity = (enabled) ? AuditActivity.PASSWORD_ENABLED : AuditActivity.PASSWORD_DISABLED;
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, activity,
+ USER_ADMINISTRATION);
+ }
+ }
+ String expiredFlagStr = actionRequest.getParameter("user_expired_flag");
+ if (expiredFlagStr != null)
+ {
+ if (!passwordSet && expiredFlagStr.equals("expired"))
+ {
+ java.sql.Date today = new java.sql.Date(new Date().getTime());
+ // userManager.setPasswordExpiration(userName,today);
+ credential.setExpirationDate(today);
+ update = true;
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
+ AuditActivity.PASSWORD_EXPIRE, USER_ADMINISTRATION);
+ }
+ else if (expiredFlagStr.equals("extend"))
+ {
+ //userManager.setPasswordExpiration(userName, null);
+ //TODO need to ask
+ credential.setExpirationDate(MAX_DATE);
+ update = true;
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
+ AuditActivity.PASSWORD_EXTEND, USER_ADMINISTRATION);
+ }
+ else if (expiredFlagStr.equals("unlimited"))
+ {
+ credential.setExpirationDate(MAX_DATE);
+ update = true;
+ audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName,
+ AuditActivity.PASSWORD_UNLIMITED, USER_ADMINISTRATION);
+ }
+ }
+ if (update)
+ {
+ userManager.storePasswordCredential(credential);
+ }
}
catch (InvalidPasswordException ipe)
{
@@ -1073,28 +1079,14 @@
private PasswordCredential getCredential(User user)
{
- PasswordCredential credential = null;
-
- // Set credentials = user.getSubject().getPrivateCredentials();
-
- Set credentials = null;
- try{
- credentials= userManager.getSubject(user).getPrivateCredentials();
- }
- catch (SecurityException sec) {
-
+ try
+ {
+ return userManager.getPasswordCredential(user);
}
- Iterator iter = credentials.iterator();
- while (iter.hasNext())
+ catch (SecurityException sec)
{
- Object o = iter.next();
- if (o instanceof PasswordCredential)
- {
- credential = (PasswordCredential) o;
- break;
- }
+ return null;
}
- return credential;
}
private PasswordCredential getCredential(PortletRequest request, String userName)
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org