1 16 package org.jmanage.webui.actions.auth; 17 18 import org.jmanage.webui.actions.BaseAction; 19 import org.jmanage.webui.util.WebContext; 20 import org.jmanage.webui.util.Forwards; 21 import org.jmanage.webui.forms.ChangePasswordForm; 22 import org.jmanage.core.auth.UserManager; 23 import org.jmanage.core.services.AccessController; 24 import org.jmanage.core.auth.AuthConstants; 25 import org.jmanage.core.crypto.Crypto; 26 import org.jmanage.core.crypto.EncryptedKey; 27 import org.jmanage.core.crypto.KeyManager; 28 import org.jmanage.core.util.ErrorCodes; 29 import org.apache.struts.action.*; 30 import org.apache.struts.Globals; 31 32 import javax.servlet.http.HttpServletRequest ; 33 import javax.servlet.http.HttpServletResponse ; 34 35 41 public class ChangePasswordAction extends BaseAction{ 42 43 public ActionForward execute(WebContext context, 44 ActionMapping mapping, 45 ActionForm actionForm, 46 HttpServletRequest request, 47 HttpServletResponse response) 48 throws Exception { 49 50 ChangePasswordForm changePasswordForm = (ChangePasswordForm)actionForm; 51 ActionErrors errors = new ActionErrors(); 52 53 54 if(!Crypto.hash(changePasswordForm.getOldPassword()).equals 55 (context.getUser().getPassword())){ 56 errors.add(ActionErrors.GLOBAL_ERROR, 57 new ActionError(ErrorCodes.INVALID_OLD_PASSWORD)); 58 request.setAttribute(Globals.ERROR_KEY, errors); 59 return mapping.getInputForward(); 60 } 61 62 63 if(!changePasswordForm.getNewPassword().equals 64 (changePasswordForm.getConfirmPassword())){ 65 errors.add(ActionErrors.GLOBAL_ERROR, 66 new ActionError(ErrorCodes.PASSWORD_MISMATCH)); 67 request.setAttribute(Globals.ERROR_KEY, errors); 68 return mapping.getInputForward(); 69 } 70 71 72 if(context.getUser().getName().equals(AuthConstants.USER_ADMIN)){ 73 74 EncryptedKey encryptedKey = KeyManager.readKey(changePasswordForm.getOldPassword().toCharArray()); 75 encryptedKey.setPassword(changePasswordForm.getNewPassword().toCharArray()); 76 77 KeyManager.writeKey(encryptedKey); 78 } 79 80 String username = context.getUser().getUsername(); 81 String password = changePasswordForm.getNewPassword(); 82 UserManager.getInstance().updatePassword(username, password); 83 84 return mapping.findForward(Forwards.SUCCESS); 85 86 } 87 } 88 | Popular Tags |