Author: dimuthul
Date: Thu Dec 13 20:36:00 2007
New Revision: 11102
Log:
Changing the user update method.
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/UserStoreAdmin.java
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/readwrite/DefaultUserStoreAdmin.java
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/resources.properties
trunk/commons/usermanager/modules/core/src/test/java/org/wso2/usermanager/readwrite/DefaultRealmTest.java
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/UserStoreAdmin.java
==============================================================================
---
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/UserStoreAdmin.java
(original)
+++
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/UserStoreAdmin.java
Thu Dec 13 20:36:00 2007
@@ -16,7 +16,7 @@
/**
* Update user in the user store
*/
- public void updateUser(String userName, Object credential)
+ public void updateUser(String userName, Object newCredential, Object
oldCredential)
throws UserManagerException;
/**
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
==============================================================================
---
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
(original)
+++
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
Thu Dec 13 20:36:00 2007
@@ -43,7 +43,7 @@
/**
* Update user in the user store
*/
- public void updateUser(String userName, Object credential)
+ public void updateUser(String userName, Object newCredential, Object
oldCredential)
throws UserManagerException {
if (!authorizer.isUserAuthorized(adminUserName,
UserManagerConstants.USER_RESOURCE,
UserManagerConstants.EDIT)) {
@@ -52,7 +52,7 @@
UserManagerConstants.USER_RESOURCE,
UserManagerConstants.EDIT });
}
- usAdmin.updateUser(userName, credential);
+ usAdmin.updateUser(userName, newCredential, oldCredential);
}
/**
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/readwrite/DefaultUserStoreAdmin.java
==============================================================================
---
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/readwrite/DefaultUserStoreAdmin.java
(original)
+++
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/readwrite/DefaultUserStoreAdmin.java
Thu Dec 13 20:36:00 2007
@@ -4,6 +4,7 @@
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
+import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.Map;
@@ -62,18 +63,40 @@
}
- public void updateUser(String userName, Object credential)
+ public void updateUser(String userName, Object newCredential, Object
oldCredential)
throws UserManagerException {
+
+
SimplePoolManager poolMan = SimplePoolManager.getInstance();
Connection dbConnection = poolMan.getConnection();
if (dbConnection == null) {
throw new UserManagerException("null_connection");
}
try {
+
+ PreparedStatement getUserStmt = dbConnection
+
.prepareStatement(data.getAuthenticatorSQL(DefaultRealmConstants.GET_USER));
+ getUserStmt.setString(1, userName);
+
+ ResultSet rs = getUserStmt.executeQuery();
+ if (rs.next()) {
+ if (oldCredential != null) {
+ MessageDigest dgst = MessageDigest.getInstance("MD5");
+ dgst.update(((String) oldCredential).getBytes());
+ String dbCred = rs
+
.getString(data.getColumnName(DefaultRealmConstants.COLUMN_ID_CREDENTIAL));
+ if(!Base64.encode(dgst.digest()).equals(dbCred)){
+ throw new UserManagerException("oldPasswordIncorrect");
+ }
+ }
+ }else{
+ throw new UserManagerException("oldPasswordIncorrect");
+ }
+
PreparedStatement updateUserStmt = dbConnection
.prepareStatement(data.getUserStoreAdminSQL(DefaultRealmConstants.UPDATE_USER));
MessageDigest dgst = MessageDigest.getInstance("MD5");
- dgst.update(((String) credential).getBytes());
+ dgst.update(((String) newCredential).getBytes());
updateUserStmt.setString(1, Base64.encode(dgst.digest()));
updateUserStmt.setString(2, userName);
updateUserStmt.executeUpdate();
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/resources.properties
==============================================================================
---
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/resources.properties
(original)
+++
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/resources.properties
Thu Dec 13 20:36:00 2007
@@ -33,4 +33,5 @@
validatingCredentials = Validating users
dbCreationNotSupported = Database creation not supported for this driver
nullConnection = Cannot get connection. Contact Administrator
-unableToResetPool = Unable to reset realm. There are people holding instances
of PoolManager
\ No newline at end of file
+unableToResetPool = Unable to reset realm. There are people holding instances
of PoolManager
+oldPasswordIncorrect = Cannot update password of user. Invalid user name
password!
\ No newline at end of file
Modified:
trunk/commons/usermanager/modules/core/src/test/java/org/wso2/usermanager/readwrite/DefaultRealmTest.java
==============================================================================
---
trunk/commons/usermanager/modules/core/src/test/java/org/wso2/usermanager/readwrite/DefaultRealmTest.java
(original)
+++
trunk/commons/usermanager/modules/core/src/test/java/org/wso2/usermanager/readwrite/DefaultRealmTest.java
Thu Dec 13 20:36:00 2007
@@ -90,7 +90,7 @@
TestCase.assertTrue(reader.isExistingUser("dimuthu"));
TestCase.assertFalse(reader.isExistingUser("muhaha"));
// update
- admin.updateUser("dimuthu", "password");
+ admin.updateUser("dimuthu", "password", "credential");
TestCase.assertFalse(authen.authenticate("dimuthu", "credential"));
// list
String[] names = reader.getAllUserNames();
_______________________________________________
Commons-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/commons-dev
