PromptForPrivateKeyPassphraseDispatchAction


1   /*
2    *  SSL-Explorer
3    *
4    *  Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5    *
6    *  This program is free software; you can redistribute it and/or
7    *  modify it under the terms of the GNU General Public License
8    *  as published by the Free Software Foundation; either version 2 of
9    *  the License, or (at your option) any later version.
10   *  This program is distributed in the hope that it will be useful,
11   *  but WITHOUT ANY WARRANTY; without even the implied warranty of
12   *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13   *  GNU General Public License for more details.
14   *
15   *  You should have received a copy of the GNU General Public
16   *  License along with this program; if not, write to the Free Software
17   *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18   */
19              
20  package com.sslexplorer.security.actions;
21  
22  import javax.servlet.http.HttpServletRequest  ;
23  import javax.servlet.http.HttpServletResponse  ;
24  
25  import org.apache.commons.logging.Log;
26  import org.apache.commons.logging.LogFactory;
27  import org.apache.struts.Globals;
28  import org.apache.struts.action.ActionErrors;
29  import org.apache.struts.action.ActionForm;
30  import org.apache.struts.action.ActionForward;
31  import org.apache.struts.action.ActionMapping;
32  import org.apache.struts.action.ActionMessage;
33  
34  import com.sslexplorer.core.CoreAttributeConstants;
35  import com.sslexplorer.core.CoreEvent;
36  import com.sslexplorer.core.CoreEventConstants;
37  import com.sslexplorer.core.CoreServlet;
38  import com.sslexplorer.core.CoreUtil;
39  import com.sslexplorer.core.UserDatabaseManager;
40  import com.sslexplorer.core.actions.AuthenticatedDispatchAction;
41  import com.sslexplorer.security.AuthenticationScheme;
42  import com.sslexplorer.security.Constants;
43  import com.sslexplorer.security.DefaultLogonController;
44  import com.sslexplorer.security.LogonControllerFactory;
45  import com.sslexplorer.security.PasswordCredentials;
46  import com.sslexplorer.security.PublicKeyStore;
47  import com.sslexplorer.security.SessionInfo;
48  import com.sslexplorer.security.UpdatePrivateKeyPassphraseException;
49  import com.sslexplorer.security.UserDatabase;
50  import com.sslexplorer.security.forms.PromptForPrivateKeyPassphraseForm;
51  
52  
53  /**
54   * Implementation of {@link com.sslexplorer.core.actions.AuthenticatedDispatchAction}
55   * that is used to prompt for the users private key passphrase. 
56   * <p>
57   * This will happen for when the <b>no</b> authentication modules used to login 
58   * used the account password.
59   *   
60   * @author Brett Smith <a HREF="mailto: brett@3sp.com">&lt;brett@3sp.com&gt;</a>
61   * @see com.sslexplorer.security.forms.UpdatePrivateKeyPassphraseForm
62   */
63  public class PromptForPrivateKeyPassphraseDispatchAction extends AuthenticatedDispatchAction {
64      final static Log log = LogFactory.getLog(SetPasswordAction.class);
65  
66      /**
67       * Constructor.
68       */
69      public PromptForPrivateKeyPassphraseDispatchAction() {
70          super();
71      }
72  
73      /* (non-Javadoc)
74       * @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
75       */
76      public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response)
77                      throws Exception   {
78          PromptForPrivateKeyPassphraseForm f = (PromptForPrivateKeyPassphraseForm) form;
79          f.setNewKey(!PublicKeyStore.getInstance().hasPrivateKey(getSessionInfo(request).getUser().getPrincipalName()));
80          return mapping.findForward("display");
81      }
82  
83      /**
84       * Commit the passphrase change.
85       * 
86       * @param mapping mappng
87       * @param form form
88       * @param request request
89       * @param response response
90       * @return forward
91       * @throws Exception
92       */
93      public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response)
94                      throws Exception   {
95          PromptForPrivateKeyPassphraseForm f = (PromptForPrivateKeyPassphraseForm) form;
96          SessionInfo session = getSessionInfo(request);
97          UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(session.getUser().getRealm());
98          if(!udb.checkPassword(session.getUser().getPrincipalName(),
99                  f.getPassphrase())) {
100             // User has entered incorrect passphrase - go back
101             ActionErrors errs = new ActionErrors();
102             errs.add(Globals.ERROR_KEY, new ActionMessage("promptForPrivateKeyPassphrase.error.incorrectPassphrase"));
103             saveErrors(request.getSession(), errs);
104             return mapping.getInputForward();           
105         }
106         
107         // Now check to see if the password has been added to the authentication scheme
108         AuthenticationScheme scheme = (AuthenticationScheme) getSessionInfo(request).getHttpSession().getAttribute(Constants.AUTH_SESSION);
109         if(LogonControllerFactory.getInstance().getPasswordFromCredentials(scheme)==null) {
110             // No so lets add it
111             scheme.addCredentials(new PasswordCredentials(getSessionInfo(request).getUser().getPrincipalName(), f.getPassphrase().toCharArray()));
112         }
113         
114         try {
115             PublicKeyStore.getInstance().verifyPrivateKey(getSessionInfo(request).getUser().getPrincipalName(), f.getPassphrase().toCharArray());
116         }
117         catch(UpdatePrivateKeyPassphraseException upkpe) {
118 
119             // LDP - This code was incorrectly adding a bad logon warning. What we actually have to 
120             // do is redirect back again to the UpdatePrivateKeyPassphraseIntercerptListener
121             CoreUtil.removePageInterceptListener(request.getSession(), "promptForPrivateKeyPassphrase");
122             CoreUtil.addPageInterceptListener(request.getSession(), new DefaultLogonController.UpdatePrivateKeyPassphraseInterceptListener());
123             
124             // Force the forward back to /showHome.do so that the intercerpt functions correctly
125             return new ActionForward("/showHome.do");
126         }
127         
128         CoreUtil.removePageInterceptListener(request.getSession(), "promptForPrivateKeyPassphrase");            
129         CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this, CoreEventConstants.LOGON, getSessionInfo(request).getCredentials(), getSessionInfo(request)).addAttribute(
130             CoreAttributeConstants.EVENT_ATTR_IP_ADDRESS, request.getRemoteAddr()).addAttribute(
131                 CoreAttributeConstants.EVENT_ATTR_HOST, request.getRemoteHost()));
132         
133         return mapping.findForward("success");
134     }
135 
136     /**
137      * Cancel and logout.
138      * 
139      * @param mapping mappng
140      * @param form form
141      * @param request request
142      * @param response response
143      * @return forward
144      * @throws Exception
145      */
146     public ActionForward cancel(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response)
147                     throws Exception   {
148         return mapping.findForward("cancel");
149     }
150 
151     /* (non-Javadoc)
152      * @see com.sslexplorer.core.actions.CoreAction#getNavigationContext(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
153      */
154     public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response) {
155         return SessionInfo.USER_CONSOLE_CONTEXT | SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
156     }
157 
158     @Override  
159     public ActionForward checkIntercept(ActionMapping mapping, HttpServletRequest   request, HttpServletResponse   response) throws Exception   {
160         return null;
161     }
162 
163 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags