Source Code Cross Referenced for LoginPortlet.java in  » Portal » gridsphere » org » gridsphere » portlets » core » login » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation
1. 6.0 JDK Core
2. 6.0 JDK Modules
3. 6.0 JDK Modules com.sun
4. 6.0 JDK Modules com.sun.java
5. 6.0 JDK Modules sun
6. 6.0 JDK Platform
7. Ajax
8. Apache Harmony Java SE
9. Aspect oriented
10. Authentication Authorization
11. Blogger System
12. Build
13. Byte Code
14. Cache
15. Chart
16. Chat
17. Code Analyzer
18. Collaboration
19. Content Management System
20. Database Client
21. Database DBMS
22. Database JDBC Connection Pool
23. Database ORM
24. Development
25. EJB Server geronimo
26. EJB Server GlassFish
27. EJB Server JBoss 4.2.1
28. EJB Server resin 3.1.5
29. ERP CRM Financial
30. ESB
31. Forum
32. GIS
33. Graphic Library
34. Groupware
35. HTML Parser
36. IDE
37. IDE Eclipse
38. IDE Netbeans
39. Installer
40. Internationalization Localization
41. Inversion of Control
42. Issue Tracking
43. J2EE
44. JBoss
45. JMS
46. JMX
47. Library
48. Mail Clients
49. Net
50. Parser
51. PDF
52. Portal
53. Profiler
54. Project Management
55. Report
56. RSS RDF
57. Rule Engine
58. Science
59. Scripting
60. Search Engine
61. Security
62. Sevlet Container
63. Source Control
64. Swing Library
65. Template Engine
66. Test Coverage
67. Testing
68. UML
69. Web Crawler
70. Web Framework
71. Web Mail
72. Web Server
73. Web Services
74. Web Services apache cxf 2.0.1
75. Web Services AXIS2
76. Wiki Engine
77. Workflow Engines
78. XML
79. XML UI
Java
Java Tutorial
Java Open Source
Jar File Download
Java Articles
Java Products
Java by API
Photoshop Tutorials
Maya Tutorials
Flash Tutorials
3ds-Max Tutorials
Illustrator Tutorials
GIMP Tutorials
C# / C Sharp
C# / CSharp Tutorial
C# / CSharp Open Source
ASP.Net
ASP.NET Tutorial
JavaScript DHTML
JavaScript Tutorial
JavaScript Reference
HTML / CSS
HTML CSS Reference
C / ANSI-C
C Tutorial
C++
C++ Tutorial
Ruby
PHP
Python
Python Tutorial
Python Open Source
SQL Server / T-SQL
SQL Server / T-SQL Tutorial
Oracle PL / SQL
Oracle PL/SQL Tutorial
PostgreSQL
SQL / MySQL
MySQL Tutorial
VB.Net
VB.Net Tutorial
Flash / Flex / ActionScript
VBA / Excel / Access / Word
XML
XML Tutorial
Microsoft Office PowerPoint 2007 Tutorial
Microsoft Office Excel 2007 Tutorial
Microsoft Office Word 2007 Tutorial
Java Source Code / Java Documentation » Portal » gridsphere » org.gridsphere.portlets.core.login 
Source Cross Referenced  Class Diagram Java Document (Java Doc) 


001:        /*
002:         * @author <a href="mailto:novotny@gridsphere.org">Jason Novotny</a>
003:         * @version $Id: LoginPortlet.java 6399 2007-11-29 14:55:29Z docentt $
004:         */
005:        package org.gridsphere.portlets.core.login;
006:
007:        import org.gridsphere.layout.PortletPageFactory;
008:        import org.gridsphere.portlet.impl.PortletURLImpl;
009:        import org.gridsphere.portlet.impl.SportletProperties;
010:        import org.gridsphere.portlet.service.PortletServiceException;
011:        import org.gridsphere.provider.event.jsr.ActionFormEvent;
012:        import org.gridsphere.provider.event.jsr.RenderFormEvent;
013:        import org.gridsphere.provider.portlet.jsr.ActionPortlet;
014:        import org.gridsphere.provider.portletui.beans.HiddenFieldBean;
015:        import org.gridsphere.provider.portletui.beans.PasswordBean;
016:        import org.gridsphere.provider.portletui.beans.TextFieldBean;
017:        import org.gridsphere.services.core.filter.PortalFilter;
018:        import org.gridsphere.services.core.filter.PortalFilterService;
019:        import org.gridsphere.services.core.mail.MailMessage;
020:        import org.gridsphere.services.core.mail.MailService;
021:        import org.gridsphere.services.core.portal.PortalConfigService;
022:        import org.gridsphere.services.core.request.Request;
023:        import org.gridsphere.services.core.request.RequestService;
024:        import org.gridsphere.services.core.security.auth.AuthModuleService;
025:        import org.gridsphere.services.core.security.auth.AuthenticationException;
026:        import org.gridsphere.services.core.security.auth.AuthorizationException;
027:        import org.gridsphere.services.core.security.auth.modules.LoginAuthModule;
028:        import org.gridsphere.services.core.security.auth.modules.LateUserRetrievalAuthModule;
029:        import org.gridsphere.services.core.security.auth.modules.impl.UserDescriptor;
030:        import org.gridsphere.services.core.security.auth.modules.impl.AuthenticationParameters;
031:        import org.gridsphere.services.core.security.password.PasswordEditor;
032:        import org.gridsphere.services.core.security.password.PasswordManagerService;
033:        import org.gridsphere.services.core.user.User;
034:        import org.gridsphere.services.core.user.UserManagerService;
035:
036:        import javax.portlet.*;
037:        import javax.servlet.http.HttpServletRequest;
038:        import javax.servlet.http.HttpServletResponse;
039:        import java.io.IOException;
040:        import java.security.cert.X509Certificate;
041:        import java.util.*;
042:
043:        public class LoginPortlet extends ActionPortlet {
044:
045:            private static String FORGOT_PASSWORD_LABEL = "forgotpassword";
046:
047:            private static long REQUEST_LIFETIME = 1000 * 60 * 60 * 24 * 3; // 3 days
048:
049:            public static final String LOGIN_ERROR_FLAG = "LOGIN_FAILED";
050:            public static final Integer LOGIN_ERROR_UNKNOWN = new Integer(-1);
051:
052:            public static final String DO_VIEW_USER_EDIT_LOGIN = "login/createaccount.jsp"; //edit user
053:            public static final String DO_FORGOT_PASSWORD = "login/forgotpassword.jsp";
054:            public static final String DO_NEW_PASSWORD = "login/newpassword.jsp";
055:
056:            private UserManagerService userManagerService = null;
057:
058:            private PortalConfigService portalConfigService = null;
059:            private RequestService requestService = null;
060:            private MailService mailService = null;
061:            private AuthModuleService authModuleService = null;
062:            private PasswordManagerService passwordManagerService = null;
063:            private String newpasswordURL = null;
064:            private String redirectURL = null;
065:
066:            public void init(PortletConfig config) throws PortletException {
067:                super .init(config);
068:                userManagerService = (UserManagerService) createPortletService(UserManagerService.class);
069:                requestService = (RequestService) createPortletService(RequestService.class);
070:                mailService = (MailService) createPortletService(MailService.class);
071:                portalConfigService = (PortalConfigService) createPortletService(PortalConfigService.class);
072:                authModuleService = (AuthModuleService) createPortletService(AuthModuleService.class);
073:                passwordManagerService = (PasswordManagerService) createPortletService(PasswordManagerService.class);
074:                DEFAULT_VIEW_PAGE = "doViewUser";
075:            }
076:
077:            public void doViewUser(RenderFormEvent event)
078:                    throws PortletException {
079:                log.debug("in LoginPortlet: doViewUser");
080:                PortletRequest request = event.getRenderRequest();
081:                RenderResponse response = event.getRenderResponse();
082:
083:                if (newpasswordURL == null) {
084:                    PortletURL url = response.createActionURL();
085:                    ((PortletURLImpl) url).setAction("newpassword");
086:                    ((PortletURLImpl) url).setLayout("login");
087:                    ((PortletURLImpl) url).setEncoding(false);
088:                    newpasswordURL = url.toString();
089:                }
090:
091:                if (redirectURL == null) {
092:                    PortletURL url = response.createRenderURL();
093:                    ((PortletURLImpl) url)
094:                            .setLayout(PortletPageFactory.USER_PAGE);
095:                    ((PortletURLImpl) url).setEncoding(false);
096:                    redirectURL = url.toString();
097:                }
098:
099:                PasswordBean pass = event.getPasswordBean("password");
100:                pass.setValue("");
101:
102:                // Check certificates
103:                String x509supported = portalConfigService
104:                        .getProperty(PortalConfigService.SUPPORT_X509_AUTH);
105:                if ((x509supported != null)
106:                        && (x509supported.equalsIgnoreCase("true"))) {
107:                    X509Certificate[] certs = (X509Certificate[]) request
108:                            .getAttribute("javax.servlet.request.X509Certificate");
109:                    if (certs != null && certs.length > 0) {
110:                        request.setAttribute("certificate", certs[0]
111:                                .getSubjectDN().toString());
112:                    }
113:                }
114:
115:                String remUser = portalConfigService
116:                        .getProperty(PortalConfigService.REMEMBER_USER);
117:                if ((remUser != null) && (remUser.equalsIgnoreCase("TRUE"))) {
118:                    request.setAttribute("remUser", "true");
119:                }
120:
121:                Boolean useSecureLogin = Boolean.valueOf(portalConfigService
122:                        .getProperty(PortalConfigService.USE_HTTPS_LOGIN));
123:
124:                request.setAttribute("useSecureLogin", useSecureLogin
125:                        .toString());
126:                boolean canUserCreateAccount = Boolean
127:                        .valueOf(
128:                                portalConfigService
129:                                        .getProperty(PortalConfigService.CAN_USER_CREATE_ACCOUNT))
130:                        .booleanValue();
131:                if (canUserCreateAccount)
132:                    request.setAttribute("canUserCreateAcct", "true");
133:                boolean dispUser = Boolean
134:                        .valueOf(
135:                                portalConfigService
136:                                        .getProperty(PortalConfigService.SEND_USER_FORGET_PASSWORD))
137:                        .booleanValue();
138:                if (dispUser)
139:                    request.setAttribute("dispPass", "true");
140:
141:                String errorMsg = (String) request.getPortletSession(true)
142:                        .getAttribute(LOGIN_ERROR_FLAG);
143:
144:                if (errorMsg != null) {
145:                    createErrorMessage(event, errorMsg);
146:                    request.getPortletSession(true).removeAttribute(
147:                            LOGIN_ERROR_FLAG);
148:                }
149:
150:                Boolean useUserName = Boolean
151:                        .valueOf(portalConfigService
152:                                .getProperty(PortalConfigService.USE_USERNAME_FOR_LOGIN));
153:                if (useUserName)
154:                    request.setAttribute("useUserName", "true");
155:
156:                setNextState(request, "login/login.jsp");
157:            }
158:
159:            public void gs_login(ActionFormEvent event) throws PortletException {
160:                log.debug("in LoginPortlet: gs_login");
161:                PortletRequest req = event.getActionRequest();
162:
163:                try {
164:                    login(event);
165:                } catch (AuthorizationException err) {
166:                    log.debug(err.getMessage());
167:                    req.getPortletSession(true).setAttribute(LOGIN_ERROR_FLAG,
168:                            err.getMessage());
169:                } catch (AuthenticationException err) {
170:                    log.debug(err.getMessage());
171:                    req.getPortletSession(true).setAttribute(LOGIN_ERROR_FLAG,
172:                            err.getMessage());
173:                }
174:
175:                setNextState(req, DEFAULT_VIEW_PAGE);
176:            }
177:
178:            public void notifyUser(ActionFormEvent evt) {
179:                PortletRequest req = evt.getActionRequest();
180:
181:                User user;
182:                TextFieldBean emailTF = evt.getTextFieldBean("emailTF");
183:
184:                if (emailTF.getValue().equals("")) {
185:                    createErrorMessage(evt, this .getLocalizedText(req,
186:                            "LOGIN_NO_EMAIL"));
187:                    return;
188:                } else {
189:                    user = userManagerService
190:                            .getUserByEmail(emailTF.getValue());
191:                }
192:                if (user == null) {
193:                    createErrorMessage(evt, this .getLocalizedText(req,
194:                            "LOGIN_NOEXIST"));
195:                    return;
196:                }
197:
198:                // create a request
199:                Request request = requestService
200:                        .createRequest(FORGOT_PASSWORD_LABEL);
201:                long now = Calendar.getInstance().getTime().getTime();
202:
203:                request.setLifetime(new Date(now + REQUEST_LIFETIME));
204:                request.setUserID(user.getID());
205:                requestService.saveRequest(request);
206:
207:                MailMessage mailToUser = new MailMessage();
208:                mailToUser.setEmailAddress(emailTF.getValue());
209:                String subjectHeader = portalConfigService
210:                        .getProperty("LOGIN_FORGOT_SUBJECT");
211:                if (subjectHeader == null)
212:                    subjectHeader = getLocalizedText(req, "MAIL_SUBJECT_HEADER");
213:                mailToUser.setSubject(subjectHeader);
214:                StringBuffer body = new StringBuffer();
215:
216:                String forgotMail = portalConfigService
217:                        .getProperty("LOGIN_FORGOT_BODY");
218:                if (forgotMail == null)
219:                    forgotMail = getLocalizedText(req, "LOGIN_FORGOT_MAIL");
220:                body.append(forgotMail).append("\n\n");
221:                body.append(getLocalizedText(req, "USERNAME")).append(" :")
222:                        .append(user.getUserName()).append("\n\n");
223:
224:                body.append(newpasswordURL).append("&reqid=").append(
225:                        request.getOid());
226:                mailToUser.setBody(body.toString());
227:                mailToUser.setSender(portalConfigService
228:                        .getProperty(PortalConfigService.MAIL_FROM));
229:                try {
230:                    mailService.sendMail(mailToUser);
231:                    createSuccessMessage(evt, this .getLocalizedText(req,
232:                            "LOGIN_SUCCESS_MAIL"));
233:                } catch (PortletServiceException e) {
234:                    log.error("Unable to send mail message!", e);
235:                    createErrorMessage(evt, this .getLocalizedText(req,
236:                            "LOGIN_FAILURE_MAIL"));
237:                    setNextState(req, DEFAULT_VIEW_PAGE);
238:                }
239:            }
240:
241:            /**
242:             * Handles login requests
243:             *
244:             * @param event a <code>GridSphereEvent</code>
245:             * @throws org.gridsphere.services.core.security.auth.AuthenticationException
246:             *          if auth fails
247:             * @throws org.gridsphere.services.core.security.auth.AuthorizationException
248:             *          if authz fails
249:             */
250:            protected void login(ActionFormEvent event)
251:                    throws AuthenticationException, AuthorizationException {
252:
253:                ActionRequest req = event.getActionRequest();
254:                ActionResponse res = event.getActionResponse();
255:
256:                User user = login(req);
257:                Long now = Calendar.getInstance().getTime().getTime();
258:                user.setLastLoginTime(now);
259:                Integer numLogins = user.getNumLogins();
260:                if (numLogins == null)
261:                    numLogins = 0;
262:                numLogins++;
263:
264:                user.setNumLogins(numLogins);
265:                user.setAttribute(PortalConfigService.LOGIN_NUMTRIES, "0");
266:
267:                userManagerService.saveUser(user);
268:
269:                req.setAttribute(SportletProperties.PORTLET_USER, user);
270:                req.getPortletSession(true).setAttribute(
271:                        SportletProperties.PORTLET_USER, user.getID(),
272:                        PortletSession.APPLICATION_SCOPE);
273:
274:                String query = event.getAction().getParameter("queryString");
275:
276:                if (query != null) {
277:                    //redirectURL.setParameter("cid", query);
278:                }
279:                //req.setAttribute(SportletProperties.LAYOUT_PAGE, PortletPageFactory.USER_PAGE);
280:
281:                String realuri = null;
282:                Boolean useSecureRedirect = Boolean.valueOf(portalConfigService
283:                        .getProperty(PortalConfigService.USE_HTTPS_REDIRECT));
284:                if (useSecureRedirect.booleanValue()) {
285:                    if (redirectURL.startsWith("https")) {
286:                        realuri = redirectURL;
287:                    } else {
288:                        realuri = "https"
289:                                + redirectURL.substring("http".length());
290:                        String port = portalConfigService
291:                                .getProperty(PortalConfigService.PORTAL_PORT);
292:                        String securePort = portalConfigService
293:                                .getProperty(PortalConfigService.PORTAL_SECURE_PORT);
294:                        if (null != port && !"".equals(port)
295:                                && null != securePort && !"".equals(securePort)) {
296:                            realuri = realuri.replaceAll(port, securePort);
297:                        }
298:                    }
299:                } else {
300:                    realuri = redirectURL;
301:                }
302:
303:                //after login redirect (GPF-463 feature) to URI from session
304:                String redirectURI = (String) ((HttpServletRequest) req)
305:                        .getSession().getAttribute(
306:                                SportletProperties.PORTAL_REDIRECT_PATH);
307:                if (null != redirectURI) {
308:                    realuri = realuri.substring(0, realuri.indexOf('/', 8))
309:                            + redirectURI;
310:                }
311:
312:                //mark request as successfull login in order to invoke doAfterLogin (GPF-457 fix)
313:                req.setAttribute(SportletProperties.PORTAL_FILTER_EVENT,
314:                        SportletProperties.PORTAL_FILTER_EVENT_AFTER_LOGIN);
315:
316:                log.debug("in login redirecting to portal: "
317:                        + realuri.toString());
318:                try {
319:                    if (req.getParameter("ajax") != null) {
320:                        //res.setContentType("text/html");
321:                        //res.getWriter().print(realuri.toString());
322:                    } else {
323:                        res.sendRedirect(realuri.toString());
324:                    }
325:                } catch (IOException e) {
326:                    log.error("Unable to perform a redirect!", e);
327:                }
328:            }
329:
330:            public User login(PortletRequest req)
331:                    throws AuthenticationException, AuthorizationException {
332:                boolean lateUserRetrieval = false;
333:                boolean hasLateUserRetrievalAuthModules = false;
334:
335:                String loginName = req.getParameter("username");
336:                String loginPassword = req.getParameter("password");
337:                String certificate = null;
338:
339:                X509Certificate[] certs = (X509Certificate[]) req
340:                        .getAttribute("javax.servlet.request.X509Certificate");
341:                if (certs != null && certs.length > 0) {
342:                    certificate = certificateTransform(certs[0].getSubjectDN()
343:                            .toString());
344:                }
345:
346:                User user = null;
347:
348:                // if using client certificate, then don't use login modules
349:                if (certificate == null) {
350:                    if ((loginName == null) || (loginPassword == null)) {
351:                        throw new AuthorizationException(getLocalizedText(req,
352:                                "LOGIN_AUTH_BLANK"));
353:                    }
354:                    // first get user
355:                    Boolean useUserName = Boolean
356:                            .valueOf(portalConfigService
357:                                    .getProperty(PortalConfigService.USE_USERNAME_FOR_LOGIN));
358:                    if (useUserName) {
359:
360:                        user = userManagerService.getUserByUserName(loginName);
361:                    } else {
362:                        user = userManagerService.getUserByEmail(loginName);
363:                    }
364:
365:                    // check if there are late user retrieval modules in case user is not obtained from the active login module
366:                    List<LoginAuthModule> modules = authModuleService
367:                            .getActiveAuthModules();
368:                    Iterator modulesIterator = modules.iterator();
369:                    while (modulesIterator.hasNext()) {
370:                        if (modulesIterator.next() instanceof  LateUserRetrievalAuthModule) {
371:                            hasLateUserRetrievalAuthModules = true;
372:                            break;
373:                        }
374:                    }
375:
376:                    if (null == user && hasLateUserRetrievalAuthModules)
377:                        lateUserRetrieval = true;
378:                } else {
379:
380:                    log.debug("Using certificate for login :" + certificate);
381:                    List userList = userManagerService.getUsersByAttribute(
382:                            "certificate", certificate, null);
383:                    if (!userList.isEmpty()) {
384:                        user = (User) userList.get(0);
385:                    }
386:                }
387:
388:                int numTriesInt = 1;
389:                if (!lateUserRetrieval) {
390:                    if (user == null)
391:                        throw new AuthorizationException(getLocalizedText(req,
392:                                "LOGIN_AUTH_NOUSER"));
393:
394:                    // tried one to many times using same name
395:                    int defaultNumTries = Integer
396:                            .valueOf(
397:                                    portalConfigService
398:                                            .getProperty(PortalConfigService.LOGIN_NUMTRIES))
399:                            .intValue();
400:                    String numTries = (String) user
401:                            .getAttribute(PortalConfigService.LOGIN_NUMTRIES);
402:                    if (numTries != null)
403:                        numTriesInt = Integer.valueOf(numTries).intValue();
404:
405:                    System.err.println("num tries = " + numTriesInt);
406:                    if ((defaultNumTries != -1)
407:                            && (numTriesInt >= defaultNumTries)) {
408:                        disableAccount(req);
409:                        throw new AuthorizationException(getLocalizedText(req,
410:                                "LOGIN_TOOMANY_ATTEMPTS"));
411:                    }
412:
413:                    String accountStatus = (String) user
414:                            .getAttribute(User.DISABLED);
415:                    if ((accountStatus != null)
416:                            && ("TRUE".equalsIgnoreCase(accountStatus)))
417:                        throw new AuthorizationException(getLocalizedText(req,
418:                                "LOGIN_AUTH_DISABLED"));
419:                }
420:
421:                // If authorized via certificates no other authorization needed
422:                if (certificate != null)
423:                    return user;
424:
425:                // second invoke the appropriate auth module
426:                List<LoginAuthModule> modules = authModuleService
427:                        .getActiveAuthModules();
428:
429:                Collections.sort(modules);
430:                AuthenticationException authEx = null;
431:
432:                Map parametersMap = new HashMap();
433:                if (hasLateUserRetrievalAuthModules) {
434:                    Enumeration parametersNamesEnumeration = req
435:                            .getParameterNames();
436:                    while (parametersNamesEnumeration.hasMoreElements()) {
437:                        String parameterName = (String) parametersNamesEnumeration
438:                                .nextElement();
439:                        parametersMap.put(parameterName, req
440:                                .getParameter(parameterName));
441:                    }
442:                }
443:
444:                Iterator it = modules.iterator();
445:                if (lateUserRetrieval)
446:                    log.debug("in login: Use late user retrieval modules only");
447:                log.debug("in login: Active modules are: ");
448:                boolean success = false;
449:                while (it.hasNext()) {
450:                    success = false;
451:                    LoginAuthModule mod = (LoginAuthModule) it.next();
452:                    //in case of late user retrieval use LateUserRetrievalAuthModule modules only
453:                    if (lateUserRetrieval
454:                            && !(mod instanceof  LateUserRetrievalAuthModule)) {
455:                        log.debug(mod.getModuleName()
456:                                + " (NOT late user retrieval module)");
457:                        continue;
458:                    }
459:                    log.debug(mod.getModuleName());
460:                    try {
461:                        if (mod instanceof  LateUserRetrievalAuthModule) {
462:                            UserDescriptor userDescriptor = ((LateUserRetrievalAuthModule) mod)
463:                                    .checkAuthentication(new AuthenticationParameters(
464:                                            loginName, loginPassword,
465:                                            parametersMap, req));
466:                            //TODO: substitute with localized messages
467:                            if (null == userDescriptor)
468:                                throw new AuthenticationException(
469:                                        "Late user retrieval module did not return user descriptor");
470:                            //TODO: substitute with localized messages
471:                            if (null == userDescriptor.getUserName()
472:                                    && null == userDescriptor.getEmailAddress()
473:                                    && null == userDescriptor.getID())
474:                                throw new AuthenticationException(
475:                                        "Late user retrieval module did not return user descriptor containing login name or email or id");
476:
477:                            User tmpUser = null;
478:                            //obtain user by user name or email or id
479:                            if (null != userDescriptor.getUserName())
480:                                tmpUser = userManagerService
481:                                        .getUserByUserName(userDescriptor
482:                                                .getUserName());
483:                            else if (null != userDescriptor.getEmailAddress())
484:                                tmpUser = userManagerService
485:                                        .getUserByEmail(userDescriptor
486:                                                .getEmailAddress());
487:                            else if (null != userDescriptor.getID()) {
488:                                List users = userManagerService.getUsers();
489:                                for (int i = 0; i < users.size(); i++) {
490:                                    User user1 = (User) users.get(i);
491:                                    if (user1.getID().equals(
492:                                            userDescriptor.getID())) {
493:                                        tmpUser = user1;
494:                                        break;
495:                                    }
496:                                }
497:                            }
498:                            //TODO: substitute with localized messages
499:                            if (null == tmpUser)
500:                                throw new AuthenticationException(
501:                                        "User descriptor returned by late user retrieval is invalid");
502:
503:                            //check if user descriptor matches user object
504:
505:                            //TODO: substitute with localized messages
506:                            if (null != userDescriptor.getID()
507:                                    && !tmpUser.getID().equals(
508:                                            userDescriptor.getID()))
509:                                throw new AuthenticationException(
510:                                        "ID in auth module and GridSphere doesn't match");
511:
512:                            //TODO: substitute with localized messages
513:                            if (null != userDescriptor.getEmailAddress()
514:                                    && !tmpUser.getEmailAddress().equals(
515:                                            userDescriptor.getEmailAddress()))
516:                                throw new AuthenticationException(
517:                                        "User email in auth module and GridSphere doesn't match");
518:
519:                            //TODO: substitute with localized messages
520:                            if (null != userDescriptor.getUserName()
521:                                    && !tmpUser.getUserName().equals(
522:                                            userDescriptor.getUserName()))
523:                                throw new AuthenticationException(
524:                                        "User name in auth module and GridSphere doesn't match");
525:
526:                            user = tmpUser;
527:                        } else {
528:                            mod.checkAuthentication(user, loginPassword);
529:                        }
530:                        success = true;
531:                    } catch (AuthenticationException e) {
532:                        //TODO: shouldn't we accumulate authentication error messages from all modules - not from the last only ?
533:                        String errMsg = mod.getModuleError(e.getMessage(), req
534:                                .getLocale());
535:                        if (errMsg != null) {
536:                            authEx = new AuthenticationException(errMsg);
537:                        } else {
538:                            authEx = e;
539:                        }
540:                    } catch (Exception e) {
541:                        log.error("", e);
542:                    }
543:                    if (success)
544:                        break;
545:                }
546:                if (!lateUserRetrieval && !success) {
547:
548:                    numTriesInt++;
549:                    user.setAttribute(PortalConfigService.LOGIN_NUMTRIES,
550:                            String.valueOf(numTriesInt));
551:                    userManagerService.saveUser(user);
552:                }
553:                if (!success)
554:                    throw authEx;
555:
556:                return user;
557:            }
558:
559:            /**
560:             * Transform certificate subject from :
561:             * CN=Engbert Heupers, O=sara, O=users, O=dutchgrid
562:             * to :
563:             * /O=dutchgrid/O=users/O=sara/CN=Engbert Heupers
564:             *
565:             * @param certificate string
566:             * @return certificate string
567:             */
568:            private String certificateTransform(String certificate) {
569:                String ls[] = certificate.split(", ");
570:                StringBuffer res = new StringBuffer();
571:                for (int i = ls.length - 1; i >= 0; i--) {
572:                    res.append("/");
573:                    res.append(ls[i]);
574:                }
575:                return res.toString();
576:            }
577:
578:            protected String getLocalizedText(HttpServletRequest req, String key) {
579:                Locale locale = req.getLocale();
580:                ResourceBundle bundle = ResourceBundle.getBundle(
581:                        "gridsphere.resources.Portlet", locale);
582:                return bundle.getString(key);
583:            }
584:
585:            public void disableAccount(PortletRequest req) {
586:                //PortletRequest req = event.getRenderRequest();
587:                String loginName = req.getParameter("username");
588:                User user = userManagerService.getUserByUserName(loginName);
589:                if (user != null) {
590:                    user.setAttribute(User.DISABLED, "true");
591:                    userManagerService.saveUser(user);
592:
593:                    MailMessage mailToUser = new MailMessage();
594:                    StringBuffer body = new StringBuffer();
595:                    body
596:                            .append(
597:                                    getLocalizedText(req, "LOGIN_DISABLED_MSG1"))
598:                            .append(" ")
599:                            .append(
600:                                    getLocalizedText(req, "LOGIN_DISABLED_MSG2"))
601:                            .append("\n\n");
602:                    mailToUser.setBody(body.toString());
603:                    mailToUser.setSubject(getLocalizedText(req,
604:                            "LOGIN_DISABLED_SUBJECT"));
605:                    mailToUser.setEmailAddress(user.getEmailAddress());
606:
607:                    MailMessage mailToAdmin = new MailMessage();
608:                    StringBuffer body2 = new StringBuffer();
609:                    body2.append(
610:                            getLocalizedText(req, "LOGIN_DISABLED_ADMIN_MSG"))
611:                            .append(" ").append(user.getUserName());
612:                    mailToAdmin.setBody(body2.toString());
613:                    mailToAdmin.setSubject(getLocalizedText(req,
614:                            "LOGIN_DISABLED_SUBJECT")
615:                            + " " + user.getUserName());
616:                    String portalAdminEmail = portalConfigService
617:                            .getProperty(PortalConfigService.PORTAL_ADMIN_EMAIL);
618:                    mailToAdmin.setEmailAddress(portalAdminEmail);
619:
620:                    try {
621:                        mailService.sendMail(mailToUser);
622:                        mailService.sendMail(mailToAdmin);
623:                    } catch (PortletServiceException e) {
624:                        log.error("Unable to send mail message!", e);
625:                        //createErrorMessage(event, this.getLocalizedText(req, "LOGIN_FAILURE_MAIL"));
626:                    }
627:                }
628:            }
629:
630:            public void displayForgotPassword(RenderFormEvent event) {
631:                boolean sendMail = Boolean
632:                        .valueOf(
633:                                portalConfigService
634:                                        .getProperty(PortalConfigService.SEND_USER_FORGET_PASSWORD))
635:                        .booleanValue();
636:                if (sendMail) {
637:                    PortletRequest req = event.getRenderRequest();
638:                    setNextState(req, DO_FORGOT_PASSWORD);
639:                }
640:            }
641:
642:            public void newpassword(ActionFormEvent evt) {
643:                PortletRequest req = evt.getActionRequest();
644:                String id = req.getParameter("reqid");
645:                Request request = requestService.getRequest(id,
646:                        FORGOT_PASSWORD_LABEL);
647:                if (request != null) {
648:                    HiddenFieldBean reqid = evt.getHiddenFieldBean("reqid");
649:                    reqid.setValue(id);
650:                    setNextState(req, DO_NEW_PASSWORD);
651:                } else {
652:                    setNextState(req, DEFAULT_VIEW_PAGE);
653:                }
654:            }
655:
656:            public void doSavePass(ActionFormEvent event) {
657:
658:                PortletRequest req = event.getActionRequest();
659:
660:                HiddenFieldBean reqid = event.getHiddenFieldBean("reqid");
661:                String id = reqid.getValue();
662:                Request request = requestService.getRequest(id,
663:                        FORGOT_PASSWORD_LABEL);
664:                if (request != null) {
665:                    String uid = request.getUserID();
666:                    User user = userManagerService.getUser(uid);
667:                    passwordManagerService.editPassword(user);
668:                    String passwordValue = event.getPasswordBean("password")
669:                            .getValue();
670:                    String confirmPasswordValue = event.getPasswordBean(
671:                            "confirmPassword").getValue();
672:
673:                    if (passwordValue == null) {
674:                        createErrorMessage(event, this .getLocalizedText(req,
675:                                "USER_PASSWORD_NOTSET"));
676:                        setNextState(req, DO_NEW_PASSWORD);
677:                        return;
678:                    }
679:
680:                    // Otherwise, password must match confirmation
681:                    if (!passwordValue.equals(confirmPasswordValue)) {
682:                        createErrorMessage(event, this .getLocalizedText(req,
683:                                "USER_PASSWORD_MISMATCH"));
684:                        setNextState(req, DO_NEW_PASSWORD);
685:                        // If they do match, then validate password with our service
686:                    } else {
687:                        if (passwordValue.length() == 0) {
688:                            createErrorMessage(event, this .getLocalizedText(
689:                                    req, "USER_PASSWORD_BLANK"));
690:                            setNextState(req, DO_NEW_PASSWORD);
691:                        } else if (passwordValue.length() < 5) {
692:                            System.err.println("length < 5 password= "
693:                                    + passwordValue);
694:                            createErrorMessage(event, this .getLocalizedText(
695:                                    req, "USER_PASSWORD_TOOSHORT"));
696:                            setNextState(req, DO_NEW_PASSWORD);
697:                        } else {
698:                            // save password
699:                            //System.err.println("saving password= " + passwordValue);
700:                            PasswordEditor editPasswd = passwordManagerService
701:                                    .editPassword(user);
702:                            editPasswd.setValue(passwordValue);
703:                            editPasswd.setDateLastModified(Calendar
704:                                    .getInstance().getTime());
705:                            passwordManagerService.savePassword(editPasswd);
706:                            createSuccessMessage(event, this .getLocalizedText(
707:                                    req, "USER_PASSWORD_SUCCESS"));
708:                            requestService.deleteRequest(request);
709:                        }
710:                    }
711:                }
712:            }
713:
714:        }
www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.