KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > security > actions > SetPasswordAction


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */
19             
20 package com.sslexplorer.security.actions;
21
22 import java.util.Iterator JavaDoc;
23 import java.util.Properties JavaDoc;
24
25 import javax.servlet.http.HttpServletRequest JavaDoc;
26 import javax.servlet.http.HttpServletResponse JavaDoc;
27 import javax.servlet.http.HttpSession JavaDoc;
28
29 import org.apache.commons.logging.Log;
30 import org.apache.commons.logging.LogFactory;
31 import org.apache.struts.Globals;
32 import org.apache.struts.action.ActionForm;
33 import org.apache.struts.action.ActionForward;
34 import org.apache.struts.action.ActionMapping;
35 import org.apache.struts.action.ActionMessage;
36 import org.apache.struts.action.ActionMessages;
37
38 import com.sslexplorer.boot.PropertyClassManager;
39 import com.sslexplorer.boot.PropertyDefinition;
40 import com.sslexplorer.boot.Util;
41 import com.sslexplorer.core.CoreAttributeConstants;
42 import com.sslexplorer.core.CoreEvent;
43 import com.sslexplorer.core.CoreEventConstants;
44 import com.sslexplorer.core.CoreServlet;
45 import com.sslexplorer.core.CoreUtil;
46 import com.sslexplorer.core.UserDatabaseManager;
47 import com.sslexplorer.core.actions.AuthenticatedDispatchAction;
48 import com.sslexplorer.policyframework.Permission;
49 import com.sslexplorer.policyframework.PolicyConstants;
50 import com.sslexplorer.properties.Property;
51 import com.sslexplorer.properties.attributes.AttributeDefinition;
52 import com.sslexplorer.properties.impl.realms.RealmKey;
53 import com.sslexplorer.properties.impl.systemconfig.SystemConfigKey;
54 import com.sslexplorer.properties.impl.userattributes.UserAttributeKey;
55 import com.sslexplorer.properties.impl.userattributes.UserAttributes;
56 import com.sslexplorer.security.AuthenticationScheme;
57 import com.sslexplorer.security.Constants;
58 import com.sslexplorer.security.LogonControllerFactory;
59 import com.sslexplorer.security.PasswordPolicyViolationException;
60 import com.sslexplorer.security.PublicKeyStore;
61 import com.sslexplorer.security.SessionInfo;
62 import com.sslexplorer.security.User;
63 import com.sslexplorer.security.UserDatabase;
64 import com.sslexplorer.security.forms.SetPasswordForm;
65
66 /**
67  */
68 public class SetPasswordAction extends AuthenticatedDispatchAction {
69     final static Log log = LogFactory.getLog(SetPasswordAction.class);
70
71     /**
72      */
73     public SetPasswordAction() {
74         super(PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE, new Permission[] { PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN });
75     }
76
77     /*
78      * (non-Javadoc)
79      *
80      * @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
81      * org.apache.struts.action.ActionForm,
82      * javax.servlet.http.HttpServletRequest,
83      * javax.servlet.http.HttpServletResponse)
84      */
85     public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request,
86                                         HttpServletResponse JavaDoc response) throws Exception JavaDoc {
87         User user = (User) request.getSession().getAttribute("setPassword.user");
88         ((SetPasswordForm) form).initialize(user);
89         if (((SetPasswordForm) form).getReferer() == null) {
90             ((SetPasswordForm) form).setReferer(getReferer(request));
91         }
92         request.getSession().removeAttribute("setPassword.user");
93         ActionMessages messages = new ActionMessages();
94         messages.add(Globals.MESSAGE_KEY,
95             new ActionMessage("setPassword.message.passwordPolicy",
96                             Property.getProperty(new RealmKey("security.password.pattern.description", user.getRealm()
97                                             .getResourceId()))));
98         saveMessages(request, messages);
99         CoreUtil.addRequiredFieldMessage(this, request);
100         return mapping.findForward("display");
101     }
102     
103     private static String JavaDoc getReferer(HttpServletRequest JavaDoc request) {
104         if(CoreUtil.isRefererInRequest(request)) {
105             return CoreUtil.getRequestReferer(request);
106         }
107         return CoreUtil.getReferer(request);
108     }
109
110     /**
111      * @param mapping
112      * @param form
113      * @param request
114      * @param response
115      * @return ActionForward
116      * @throws Exception
117      */
118     public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
119                     throws Exception JavaDoc {
120         SetPasswordForm setPasswordForm = (SetPasswordForm) form;
121         User user = setPasswordForm.getUser();
122         UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(getSessionInfo(request).getUser().getRealm());
123
124         if (user == null) {
125             user = (User) this.getSessionInfo(request).getHttpSession().getAttribute("newUser");
126         }
127
128         if (!udb.supportsPasswordChange()) {
129             throw new Exception JavaDoc("Underlying database does not support changing of passwords.");
130         }
131         SessionInfo info = this.getSessionInfo(request);
132
133         // Read in all of the confidential user attribute values
134
135         /* BPS - Can only do this if the users key is currently loaded */
136
137         Properties JavaDoc confidentialAttributes = new Properties JavaDoc();
138         UserAttributes userAttributes = (UserAttributes) PropertyClassManager.getInstance().getPropertyClass(UserAttributes.NAME);
139         if ("automatic".equals(Property.getProperty(new SystemConfigKey("security.privateKeyMode")))
140                         && PublicKeyStore.getInstance().hasLoadedKey(user.getPrincipalName())) {
141             for (PropertyDefinition def : userAttributes.getDefinitions()) {
142                 AttributeDefinition attrDef = (AttributeDefinition) def;
143                 if (attrDef.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
144                     String JavaDoc val = attrDef.getPropertyClass()
145                     .retrieveProperty(new UserAttributeKey(user, def.getName()));
146                     if(val == null) {
147                         val = def.getDefaultValue();
148                     }
149                     confidentialAttributes.setProperty(def.getName(), val);
150                 }
151             }
152         }
153
154         try {
155
156             char[] creds = LogonControllerFactory.getInstance()
157                             .getPasswordFromCredentials((AuthenticationScheme) request.getSession()
158                                             .getAttribute(Constants.AUTH_SESSION));
159
160             if (creds == null) {
161                 HttpSession JavaDoc httpSession = getSessionInfo(request).getHttpSession();
162                 httpSession.setAttribute("newUser", user);
163                 // as the form will be reset, we need to store the current values to be used later
164 httpSession.setAttribute(SetPasswordForm.SAVED_PASSWORD, setPasswordForm.getConfirmPassword());
165                 httpSession.setAttribute(SetPasswordForm.SAVED_FORCE_PASSWORD_CHANGE, setPasswordForm.getForceChangePasswordAtLogon());
166                 String JavaDoc forwardTo = Util.urlEncode(CoreUtil.addParameterToPath(request.getServletPath(), "action", "commit"));
167                 return new ActionForward("/promptForSessionPassword.do?forwardTo=" + forwardTo, false);
168             }
169
170             udb.setPassword(user.getPrincipalName(),
171                 setPasswordForm.getNewPassword(),
172                 setPasswordForm.getForceChangePasswordAtLogon(),
173                 LogonControllerFactory.getInstance().getUser(request),
174                 new String JavaDoc(creds));
175
176             /* Only attempt to re-encrypt user attributes if users key is loaded */
177             if ("automatic".equals(Property.getProperty(new SystemConfigKey("security.privateKeyMode")))) {
178                 if(PublicKeyStore.getInstance().hasLoadedKey(user.getPrincipalName())) {
179                     PublicKeyStore.getInstance().removeKeys(user.getPrincipalName());
180                     PublicKeyStore.getInstance().verifyPrivateKey(user.getPrincipalName(), setPasswordForm.getNewPassword().toCharArray());
181                     for(Iterator JavaDoc i = confidentialAttributes.keySet().iterator(); i.hasNext(); ) {
182                         String JavaDoc n = (String JavaDoc)i.next();
183                         AttributeDefinition attrDef = (AttributeDefinition) userAttributes.getDefinition(n);
184                         if (attrDef.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
185                             Property.setProperty(new UserAttributeKey(user, n),
186                                 confidentialAttributes.getProperty(n),
187                                 info);
188                         }
189                     }
190                 }
191             }
192             else {
193                 PublicKeyStore.getInstance().removeCachedKeys(user.getPrincipalName());
194             }
195
196             CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this,
197                             CoreEventConstants.CHANGE_PASSWORD,
198                             null,
199                             info,
200                             CoreEvent.STATE_SUCCESSFUL).addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID,
201                 user.getPrincipalName()));
202             return mapping.findForward("success");
203         } catch (PasswordPolicyViolationException e) {
204             saveError(request, "setPassword.error.doesNotMatchPolicy");
205             return mapping.findForward("display");
206         } catch (Exception JavaDoc e) {
207             CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this,
208                             CoreEventConstants.CHANGE_PASSWORD,
209                             null,
210                             info,
211                             CoreEvent.STATE_UNSUCCESSFUL).addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID,
212                 user.getPrincipalName()));
213             throw e;
214         } finally {
215         }
216     }
217
218     public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) {
219         return SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
220     }
221
222 }
Popular Tags