1 40 package org.dspace.app.webui.servlet; 41 42 import java.io.IOException ; 43 import java.sql.SQLException ; 44 45 import javax.mail.Message ; 46 import javax.mail.MessagingException ; 47 import javax.mail.internet.AddressException ; 48 import javax.mail.internet.InternetAddress ; 49 import javax.servlet.ServletException ; 50 import javax.servlet.http.HttpServletRequest ; 51 import javax.servlet.http.HttpServletResponse ; 52 53 import org.apache.log4j.Logger; 54 import org.dspace.app.webui.util.Authenticate; 55 import org.dspace.app.webui.util.JSPManager; 56 import org.dspace.app.webui.util.UIUtil; 57 import org.dspace.authorize.AuthorizeException; 58 import org.dspace.core.ConfigurationManager; 59 import org.dspace.core.Context; 60 import org.dspace.core.LogManager; 61 import org.dspace.eperson.AccountManager; 62 import org.dspace.eperson.EPerson; 63 import org.dspace.eperson.AuthenticationManager; 64 65 import com.sun.mail.smtp.SMTPAddressFailedException; 66 67 import java.util.Hashtable ; 68 import javax.naming.*; 69 import javax.naming.directory.*; 70 71 90 public class RegisterServlet extends DSpaceServlet 91 { 92 93 private static Logger log = Logger.getLogger(RegisterServlet.class); 94 95 96 public static final int ENTER_EMAIL_PAGE = 1; 97 98 99 public static final int PERSONAL_INFO_PAGE = 2; 100 101 102 public static final int NEW_PASSWORD_PAGE = 3; 103 104 105 private boolean registering; 106 107 108 private boolean ldap_enabled; 109 110 public void init() 111 { 112 registering = getInitParameter("register").equalsIgnoreCase("true"); 113 ldap_enabled = ConfigurationManager.getBooleanProperty("ldap.enable"); 114 } 115 116 protected void doDSGet(Context context, HttpServletRequest request, 117 HttpServletResponse response) throws ServletException , IOException , 118 SQLException , AuthorizeException 119 { 120 126 boolean updated = false; 127 128 String token = request.getParameter("token"); 130 131 if (token == null) 132 { 133 if (registering) 135 { 136 if (ldap_enabled) JSPManager.showJSP(request, response, "/register/new-ldap-user.jsp"); 138 JSPManager.showJSP(request, response, "/register/new-user.jsp"); 139 } 140 else 141 { 142 JSPManager.showJSP(request, response, 144 "/register/forgot-password.jsp"); 145 } 146 } 147 else 148 { 149 String email = AccountManager.getEmail(context, token); 151 152 EPerson eperson = null; 153 154 if (email != null) 155 { 156 eperson = EPerson.findByEmail(context, email); 157 } 158 159 request.setAttribute("eperson", eperson); 161 162 request.setAttribute("token", token); 164 165 if (registering && (email != null)) 166 { 167 boolean setPassword = 169 AuthenticationManager.allowSetPassword(context, request, email); 170 request.setAttribute("set.password", new Boolean (setPassword)); 171 172 JSPManager.showJSP(request, response, 174 "/register/registration-form.jsp"); 175 } 176 else if (!registering && (eperson != null)) 177 { 178 JSPManager.showJSP(request, response, 180 "/register/new-password.jsp"); 181 } 182 else 183 { 184 JSPManager.showJSP(request, response, 186 "/register/invalid-token.jsp"); 187 188 return; 189 } 190 } 191 } 192 193 protected void doDSPost(Context context, HttpServletRequest request, 194 HttpServletResponse response) throws ServletException , IOException , 195 SQLException , AuthorizeException 196 { 197 202 203 int step = UIUtil.getIntParameter(request, "step"); 205 206 switch (step) 207 { 208 case ENTER_EMAIL_PAGE: 209 processEnterEmail(context, request, response); 210 211 break; 212 213 case PERSONAL_INFO_PAGE: 214 processPersonalInfo(context, request, response); 215 216 break; 217 218 case NEW_PASSWORD_PAGE: 219 processNewPassword(context, request, response); 220 221 break; 222 223 default: 224 log.warn(LogManager.getHeader(context, "integrity_error", UIUtil 225 .getRequestLogInfo(request))); 226 JSPManager.showIntegrityError(request, response); 227 } 228 } 229 230 242 private void processEnterEmail(Context context, HttpServletRequest request, 243 HttpServletResponse response) throws ServletException , IOException , 244 SQLException , AuthorizeException 245 { 246 String email = request.getParameter("email").toLowerCase().trim(); 247 String netid = request.getParameter("netid"); 248 String password = request.getParameter("password"); 249 EPerson eperson = EPerson.findByEmail(context, email); 250 EPerson eperson2 = null; 251 if (netid!=null) eperson2 = EPerson.findByNetid(context, netid); 252 253 try 254 { 255 if (registering) 256 { 257 if ((eperson != null && eperson.canLogIn()) || (eperson2 != null && eperson2.canLogIn())) 259 { 260 log.info(LogManager.getHeader(context, 261 "already_registered", "email=" + email)); 262 263 JSPManager.showJSP(request, response, 264 "/register/already-registered.jsp"); 265 } 266 else 267 { 268 boolean canRegister = 271 AuthenticationManager.canSelfRegister(context, request, email); 272 273 if (canRegister) 274 { 275 if ((!ldap_enabled)||(netid==null)||(netid.trim().equals(""))) 277 { 278 log.info(LogManager.getHeader(context, 280 "sendtoken_register", "email=" + email)); 281 282 try 283 { 284 AccountManager.sendRegistrationInfo(context, email); 285 } 286 catch (javax.mail.SendFailedException e) 287 { 288 if (e.getNextException() instanceof SMTPAddressFailedException) 289 { 290 log.info(LogManager.getHeader(context, 292 "invalid_email", 293 "email=" + email)); 294 request.setAttribute("retry", new Boolean (true)); 295 JSPManager.showJSP(request, response, "/register/new-user.jsp"); 296 return; 297 } 298 else 299 { 300 throw e; 301 } 302 } 303 JSPManager.showJSP(request, response, 304 "/register/registration-sent.jsp"); 305 306 context.complete(); 308 } 309 else 311 { 312 if (password!=null && !password.equals("")) 314 { 315 String ldap_provider_url = ConfigurationManager.getProperty("ldap.provider_url"); 316 String ldap_id_field = ConfigurationManager.getProperty("ldap.id_field"); 317 String ldap_search_context = ConfigurationManager.getProperty("ldap.search_context"); 318 319 Hashtable env = new Hashtable (11); 321 env.put(javax.naming.Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); 322 env.put(javax.naming.Context.PROVIDER_URL, ldap_provider_url); 323 324 env.put(javax.naming.Context.SECURITY_AUTHENTICATION, "simple"); 326 env.put(javax.naming.Context.SECURITY_PRINCIPAL, ldap_id_field+"="+netid+","+ldap_search_context); 327 env.put(javax.naming.Context.SECURITY_CREDENTIALS, password); 328 329 try { 330 DirContext ctx = new InitialDirContext(env); 332 333 ctx.close(); 335 } 336 catch (NamingException e) 337 { 338 log.info(LogManager.getHeader(context, 340 "failed_login", 341 "netid=" + netid + e)); 342 JSPManager.showJSP(request, response, "/login/ldap-incorrect.jsp"); 343 return; 344 } 345 } 346 JSPManager.showJSP(request, response, "/register/registration-form.jsp"); 349 } 350 } 351 else 352 { 353 JSPManager.showJSP(request, response, 354 "/register/cannot-register.jsp"); 355 } 356 } 357 } 358 else 359 { 360 if (eperson == null) 361 { 362 log.info(LogManager.getHeader(context, "unknown_email", 364 "email=" + email)); 365 366 request.setAttribute("retry", new Boolean (true)); 367 368 JSPManager.showJSP(request, response, 369 "/register/forgot-password.jsp"); 370 } 371 else if (!eperson.canLogIn()) 372 { 373 log.info(LogManager.getHeader(context, 375 "unregistered_forgot_password", "email=" + email)); 376 377 JSPManager.showJSP(request, response, 378 "/register/inactive-account.jsp"); 379 } 380 else if (eperson.getRequireCertificate() && !registering) 381 { 382 log.info(LogManager.getHeader(context, 384 "certificate_user_forgot_password", "email=" 385 + email)); 386 387 JSPManager.showJSP(request, response, 388 "/error/require-certificate.jsp"); 389 } 390 else 391 { 392 log.info(LogManager.getHeader(context, 394 "sendtoken_forgotpw", "email=" + email)); 395 396 AccountManager.sendForgotPasswordInfo(context, email); 397 JSPManager.showJSP(request, response, 398 "/register/password-token-sent.jsp"); 399 400 context.complete(); 402 } 403 } 404 } 405 catch (AddressException ae) 406 { 407 log.info(LogManager.getHeader(context, "bad_email", "email=" 409 + email)); 410 411 request.setAttribute("retry", new Boolean (true)); 412 413 if (registering) 414 { 415 if (ldap_enabled) JSPManager.showJSP(request, response, "/register/new-ldap-user.jsp"); 416 else JSPManager.showJSP(request, response, "/register/new-user.jsp"); 417 } 418 else 419 { 420 JSPManager.showJSP(request, response, 421 "/register/forgot-password.jsp"); 422 } 423 } 424 catch (MessagingException me) 425 { 426 log.info(LogManager.getHeader(context, "error_emailing", "email=" 428 + email), me); 429 430 JSPManager.showInternalError(request, response); 431 } 432 } 433 434 444 private void processPersonalInfo(Context context, 445 HttpServletRequest request, HttpServletResponse response) 446 throws ServletException , IOException , SQLException , 447 AuthorizeException 448 { 449 String token = request.getParameter("token"); 451 452 String email = AccountManager.getEmail(context, token); 454 String netid = request.getParameter("netid"); 455 if ((netid!=null)&&(email==null)) email = request.getParameter("email"); 456 457 if (email == null && netid==null) 459 { 460 log.info(LogManager.getHeader(context, "invalid_token", "token=" 461 + token)); 462 463 JSPManager 465 .showJSP(request, response, "/register/invalid-token.jsp"); 466 467 return; 468 } 469 470 EPerson eperson = null; 472 if (email!=null) eperson = EPerson.findByEmail(context, email); 473 EPerson eperson2 = null; 474 eperson2 = EPerson.findByNetid(context, netid); 475 if (eperson2 !=null) eperson = eperson2; 476 477 if (eperson == null) 478 { 479 context.setIgnoreAuthorization(true); 483 eperson = EPerson.create(context); 484 eperson.setEmail(email); 485 eperson.setNetid(netid); 486 eperson.update(); 487 context.setIgnoreAuthorization(false); 488 } 489 490 context.setCurrentUser(eperson); 494 495 boolean infoOK = EditProfileServlet.updateUserProfile(eperson, request); 497 498 eperson.setCanLogIn(true); 499 eperson.setSelfRegistered(true); 500 501 AuthenticationManager.initEPerson(context, request, eperson); 503 504 boolean passwordOK = true; 506 if (eperson.getRequireCertificate() == false && netid==null && 507 AuthenticationManager.allowSetPassword(context, request, 508 eperson.getEmail())) 509 { 510 passwordOK = EditProfileServlet.confirmAndSetPassword(eperson, 511 request); 512 } 513 514 if (infoOK && passwordOK) 515 { 516 log.info(LogManager.getHeader(context, "usedtoken_register", 518 "email=" + eperson.getEmail())); 519 520 if (token!=null) AccountManager.deleteToken(context, token); 522 523 eperson.update(); 525 526 request.setAttribute("eperson", eperson); 527 JSPManager.showJSP(request, response, "/register/registered.jsp"); 528 context.complete(); 529 } 530 else 531 { 532 request.setAttribute("token", token); 533 request.setAttribute("eperson", eperson); 534 request.setAttribute("netid", netid); 535 request.setAttribute("missing.fields", new Boolean (!infoOK)); 536 request.setAttribute("password.problem", new Boolean (!passwordOK)); 537 538 boolean setPassword = AuthenticationManager.allowSetPassword( 540 context, request, email); 541 request.setAttribute("set.password", new Boolean (setPassword)); 542 543 JSPManager.showJSP(request, response, 544 "/register/registration-form.jsp"); 545 546 context.abort(); 548 } 549 } 550 551 561 private void processNewPassword(Context context, 562 HttpServletRequest request, HttpServletResponse response) 563 throws ServletException , IOException , SQLException , 564 AuthorizeException 565 { 566 String token = request.getParameter("token"); 568 569 EPerson eperson = AccountManager.getEPerson(context, token); 571 572 if (eperson == null) 574 { 575 log.info(LogManager.getHeader(context, "invalid_token", "token=" 576 + token)); 577 578 JSPManager 580 .showJSP(request, response, "/register/invalid-token.jsp"); 581 582 return; 583 } 584 585 context.setCurrentUser(eperson); 589 590 boolean passwordOK = EditProfileServlet.confirmAndSetPassword(eperson, 592 request); 593 594 if (passwordOK) 595 { 596 log.info(LogManager.getHeader(context, "usedtoken_forgotpw", 597 "email=" + eperson.getEmail())); 598 599 eperson.update(); 600 AccountManager.deleteToken(context, token); 601 602 JSPManager.showJSP(request, response, 603 "/register/password-changed.jsp"); 604 context.complete(); 605 } 606 else 607 { 608 request.setAttribute("password.problem", new Boolean (true)); 609 request.setAttribute("token", token); 610 request.setAttribute("eperson", eperson); 611 612 JSPManager.showJSP(request, response, "/register/new-password.jsp"); 613 } 614 } 615 } 616 | Popular Tags |