ChangePasswordForm


1   /*
2    *  SSL-Explorer
3    *
4    *  Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5    *
6    *  This program is free software; you can redistribute it and/or
7    *  modify it under the terms of the GNU General Public License
8    *  as published by the Free Software Foundation; either version 2 of
9    *  the License, or (at your option) any later version.
10   *  This program is distributed in the hope that it will be useful,
11   *  but WITHOUT ANY WARRANTY; without even the implied warranty of
12   *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13   *  GNU General Public License for more details.
14   *
15   *  You should have received a copy of the GNU General Public
16   *  License along with this program; if not, write to the Free Software
17   *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18   */
19              
20  package com.sslexplorer.security.forms;
21  
22  import java.util.regex.Pattern  ;
23  
24  import javax.servlet.http.HttpServletRequest  ;
25  
26  import org.apache.struts.Globals;
27  import org.apache.struts.action.ActionErrors;
28  import org.apache.struts.action.ActionMapping;
29  import org.apache.struts.action.ActionMessage;
30  
31  import com.sslexplorer.core.FieldValidationException;
32  import com.sslexplorer.core.UserDatabaseManager;
33  import com.sslexplorer.core.forms.CoreForm;
34  import com.sslexplorer.properties.Property;
35  import com.sslexplorer.properties.impl.realms.RealmKey;
36  import com.sslexplorer.security.LogonControllerFactory;
37  import com.sslexplorer.security.User;
38  import com.sslexplorer.security.UserDatabase;
39  import com.sslexplorer.security.UserDatabaseException;
40  
41  public class ChangePasswordForm extends CoreForm {
42  
43      String   oldPassword, newPassword, confirmPassword;
44      String   username;
45  
46      public ChangePasswordForm() {
47      }
48  
49      public void init(String   username) {
50          this.username = username;
51      }
52  
53      public String   getUsername() {
54          return username;
55      }
56  
57      public String   getOldPassword() {
58          return oldPassword;
59      }
60  
61      public String   getNewPassword() {
62          return newPassword;
63      }
64  
65      public String   getConfirmPassword() {
66          return confirmPassword;
67      }
68  
69      public void setOldPassword(String   oldPassword) {
70          this.oldPassword = oldPassword.trim();
71      }
72  
73      public void setNewPassword(String   newPassword) {
74          this.newPassword = newPassword.trim();
75      }
76  
77      public void setConfirmPassword(String   confirmPassword) {
78          this.confirmPassword = confirmPassword.trim();
79      }
80  
81      public void reset(ActionMapping mapping, javax.servlet.http.HttpServletRequest   request) {
82          oldPassword = null;
83          newPassword = null;
84          confirmPassword = null;
85      }
86  
87      public ActionErrors validate(ActionMapping mapping, HttpServletRequest   request) {
88  
89          ActionErrors errors = new ActionErrors();
90          try {
91              User user = LogonControllerFactory.getInstance().getUser(request);
92              UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(user.getRealm());
93              if (getOldPassword().length() == 0) {
94                  throw new FieldValidationException("noOldPassword");
95              }
96              if (getOldPassword().equals(getNewPassword())) {
97                  throw new FieldValidationException("newAndOldPasswordMatch");
98              }
99              if (!getNewPassword().equals(getConfirmPassword())) {
100                 throw new FieldValidationException("newAndConfirmPasswordsDontMatch");
101             }
102             if (getNewPassword().length() == 0) {
103                 throw new FieldValidationException("noNewPassword");
104             }
105             if (!udb.checkPassword(user.getPrincipalName(), getOldPassword())) {
106                 throw new FieldValidationException("oldPasswordIncorrect");
107             } else {
108                 // Check that the password matches the current policy, if not
109                 // then request a new one
110                 try {
111                     String   pattern = Property.getProperty(new RealmKey("security.password.pattern", user.getRealm().getResourceId()));
112                     Pattern   p = Pattern.compile(pattern);
113                     if (!p.matcher(newPassword).matches()) {
114                         throw new FieldValidationException("doesNotMatchPolicy");
115                     }
116                 } catch(FieldValidationException fve) {
117                     throw fve;
118                 } catch (Exception   e) {
119                     throw new UserDatabaseException("Could not check password against current policy.", e);
120                 }
121             }
122         } catch (FieldValidationException fve) {
123             errors.add(Globals.ERROR_KEY, new ActionMessage("changePassword.error." + fve.getResourceKey()));
124         } catch (Exception   e) {
125             errors.add(Globals.ERROR_KEY, new ActionMessage("changePassword.error.validateFailed", e.getMessage()));
126         }
127         return errors;
128     }
129 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags