Author: sshyrkov Date: Tue Jun 19 13:26:41 2007 New Revision: 17637 URL: https://svndev.jahia.net/websvn/listing.php?sc=3D1&rev=3D17637&repname= =3Djahia Log: JAHIA-1965: username creation does not allow @ and dot(.) character =
http://www.jahia.net/jira/browse/JAHIA-1965 Resolved: patterns added into jahia.properties for the user name, user pass= word and group name to check the correct syntax and allowed characters Modified: trunk/core/src/java/org/jahia/admin/sites/ManageSites.java trunk/core/src/java/org/jahia/admin/users/ManageGroups.java trunk/core/src/java/org/jahia/admin/users/ManageUsers.java trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerDBP= rovider.java trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerLDA= PProvider.java trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerPro= vider.java trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerRou= tingService.java trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerSer= vice.java trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerDBPr= ovider.java trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerLDAP= Provider.java trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerProv= ider.java trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerRout= ingService.java trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerServ= ice.java trunk/core/src/java/org/jahia/settings/SettingsBean.java trunk/core/src/webapp/WEB-INF/etc/config/jahia.skeleton Modified: trunk/core/src/java/org/jahia/admin/sites/ManageSites.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/admin/sites/ManageSites.java&rev=3D17637&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/admin/sites/ManageSites.java (original) +++ trunk/core/src/java/org/jahia/admin/sites/ManageSites.java Tue Jun 19 1= 3:26:41 2007 @@ -107,7 +107,6 @@ = private static JahiaSitesService sMgr; = - private static ServletContext context; private static HttpSession session; = private License coreLicense; @@ -128,7 +127,6 @@ HttpSession session, ServletContext context) throws Throwable { - ManageSites.context =3D context; ManageSites.session =3D session; = ServicesRegistry sReg =3D ServicesRegistry.getInstance(); @@ -646,7 +644,6 @@ try { // get admins list... JahiaGroupManagerService groupManager =3D ServicesRegistry.get= Instance().getJahiaGroupManagerService(); - JahiaUserManagerService userManager =3D ServicesRegistry.getIn= stance().getJahiaUserManagerService(); Enumeration allSites =3D sMgr.getSites(); Vector sitesList =3D new Vector(); Integer siteIDInteger =3D new Integer(selectedSite); @@ -745,7 +742,9 @@ request.setAttribute("adminEmail", adminEmail); = // get current user... - JahiaUser currentUser =3D ServicesRegistry.getInstance().getJahiaU= serManagerService(). + JahiaUserManagerService userManager =3D ServicesRegistry.getInstan= ce() + .getJahiaUserManagerService(); + JahiaUser currentUser =3D userManager. lookupUser(0, (String) session.getAttribute(CLASS_NAME + "= jahiaLoginUsername")); = if (adminUsername.equals(currentUser.getUsername())) { @@ -769,10 +768,10 @@ } else if (adminEmail.length() =3D=3D 0) { warningMsg =3D JahiaResourceBundle.getAdminResource("org.jahia= .admin.JahiaDisplayMessage.EmailMustset.label", jParams, jParams.getLocale()); - } else if (!JahiaTools.isAlphaValid(adminUsername)) { + } else if (!userManager.isUsernameSyntaxCorrect(adminUsername)) { warningMsg =3D JahiaResourceBundle.getAdminResource("org.jahia= .admin.JahiaDisplayMessage.onlyLettersDigitsUnderscoreWithUsername.label", jParams, jParams.getLocale()); - } else if (!JahiaTools.isAlphaValid(adminPassword)) { + } else if (!userManager.isPasswordSyntaxCorrect(adminPassword)) { warningMsg =3D JahiaResourceBundle.getAdminResource("org.jahia= .admin.JahiaDisplayMessage.onlyLettersDigitsUnderscoreWithPasswd.label", jParams, jParams.getLocale()); } else { @@ -830,8 +829,6 @@ String selectedTmplSet =3D (String) request.getAttribute("selected= TmplSet"); String thumbnail =3D null; = - JahiaSite site =3D (JahiaSite) session.getAttribute(CLASS_NAME + "= newJahiaSite"); - // get tmplPackage list... SharedTemplatePackagesRegistry tmplSetReg =3D SharedTemplatePackag= esRegistry.getInstance(); = @@ -914,8 +911,6 @@ // get services... JahiaUserManagerService jums =3D ServicesRegistry.getInstance(= ).getJahiaUserManagerService(); JahiaGroupManagerService jgms =3D ServicesRegistry.getInstance= ().getJahiaGroupManagerService(); - JahiaSiteGroupManagerService jsgms =3D ServicesRegistry.getIns= tance().getJahiaSiteGroupManagerService(); - JahiaSiteUserManagerService jsums =3D ServicesRegistry.getInst= ance().getJahiaSiteUserManagerService(); JahiaSitesService jsms =3D ServicesRegistry.getInstance().getJ= ahiaSitesService(); JahiaPageTemplateService jpts =3D ServicesRegistry.getInstance= ().getJahiaPageTemplateService(); JahiaSearchService searchServ =3D ServicesRegistry.getInstance= ().getJahiaSearchService(); @@ -1173,8 +1168,6 @@ session.setAttribute(JahiaAdministration.CLASS_NAME + = "manageSiteID", new Integer(site.getID())); } = - Integer siteID =3D new Integer(site.getID()); - // set new site in session session.setAttribute(CLASS_NAME + "newJahiaSite", site); } else { @@ -1381,8 +1374,6 @@ HttpServletResponse response, HttpSession session) throws IOException, ServletException { - //logger.debug(" process existant administrator selected started "= ); - boolean processError =3D true; = // get form values... String adminSelected =3D request.getParameter("adminSelected"); @@ -1426,8 +1417,6 @@ HttpServletResponse respon= se, HttpSession session) throws IOException, ServletException { - //logger.debug(" process existant administrator change site starte= d "); - boolean processError =3D true; = request.setAttribute("selectedSite", request.getParameter("site")); displaySelectExistantAdmin(request, response, session); @@ -1445,7 +1434,6 @@ HttpSession session) throws IOException, ServletException { logger.debug("Process template set choice started "); - boolean processError =3D true; = // get form values... String operation =3D jParams.getParameter("operation"); @@ -2126,41 +2114,6 @@ = // -------------------------- OTHER METHODS -------------------------- = - /** - * copy all shared templates package (.jar) found in the - * jahiafiles\shared_templates - * - * @param siteKey - * @return boolean false on error - */ - private boolean copySharedTemplates(String siteKey) { - JahiaTemplatesDeployerService tds =3D ServicesRegistry - .getInstance() - .getJahiaTemplatesDeployerService(); - - if (tds =3D=3D null) { - return false; - } - - - File f =3D new File(tds.getSharedTemplatesPath()); - - // get the new templates folder for the site, create it if not exi= sts - File newTemplate =3D new File(tds.getNewTemplatesPath() + File.sep= arator + siteKey); - newTemplate.mkdirs(); - logger.debug(" newtemplate is " + newTemplate.getAbsolutePath()); - - try { - // copy all shared package to the new templates folder for the= site - JahiaTools.copyFolderContent(f.getAbsolutePath(), - newTemplate.getAbsolutePath()); - } catch (Exception e) { - // msg.. - return false; - } - return true; - } - public void createSite(HttpServletRequest request, String root, String= title, String serverName, String key, String descr, Locale locale, String admin, Stri= ng adminPass, Properties adminProps, String templates, File fileImport, boo= lean asAJob) throws Exception { JahiaBaseACL acl =3D null; @@ -2198,50 +2151,4 @@ = terminateAdd(request, session); } - - /** - * Deploy templates found in the new template folder of this site. - * - * @param site the site - * @return boolean false on error - */ - private boolean deployTemplates(JahiaSite site) { - JahiaTemplatesDeployerService tds =3D ServicesRegistry - .getInstance() - .getJahiaTemplatesDeployerService(); - - if (site =3D=3D null || tds =3D=3D null) { - return false; - } - - // get the new templates folder for the site, create it if not exi= sts - File newTemplate =3D new File(tds.getNewTemplatesPath() + File.sep= arator + site.getSiteKey()); - newTemplate.mkdirs(); - logger.debug(" newtemplate is " + newTemplate.getAbsolutePath()); - - Vector v =3D new Vector(); - - File[] files =3D newTemplate.listFiles(); - for (int i =3D 0; i < files.length; i++) { - logger.debug(" shared template package found " + files[i].getN= ame()); - if (files[i].isFile()) { - v.add(files[i]); - } - } - - //Site changes flush the ESI cache - if (jParams.settings().isEsiCacheActivated()) { - if (logger.isDebugEnabled()) - logger.info("Site template change so triggering ESI cache = flush "); - JahiaEvent flushEsiEvent =3D new JahiaEvent(this, jParams, jPa= rams.getSite()); - try { - ServicesRegistry.getInstance().getJahiaEventService().fire= FlushEsiCacheEvent(flushEsiEvent); - } catch (JahiaException e) { - logger.info("could not do triggering of ESI cache flush du= e to site template change. Exception : "+e); - } - } - - - return tds.deploy(site, v); - } } Modified: trunk/core/src/java/org/jahia/admin/users/ManageGroups.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/admin/users/ManageGroups.java&rev=3D17637&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/admin/users/ManageGroups.java (original) +++ trunk/core/src/java/org/jahia/admin/users/ManageGroups.java Tue Jun 19 = 13:26:41 2007 @@ -58,11 +58,9 @@ import org.jahia.services.usermanager.JahiaGroup; import org.jahia.services.usermanager.JahiaGroupManagerService; import org.jahia.services.usermanager.JahiaSiteGroupManagerService; -import org.jahia.services.usermanager.JahiaSiteUserManagerService; import org.jahia.services.usermanager.JahiaUser; import org.jahia.services.usermanager.JahiaUserManagerService; import org.jahia.services.version.EntryLoadRequest; -import org.jahia.utils.JahiaString; import org.jahia.utils.JahiaTools; import org.jahia.utils.LanguageCodeConverters; = @@ -86,7 +84,6 @@ = private static JahiaUserManagerService uMgr; private static JahiaGroupManagerService gMgr; - private static JahiaSiteUserManagerService uSiteMgr; private JahiaSite jahiaSite; private String groupMessage =3D ""; private static HashSet groupMembers; // Contain the group members of t= he selected group list @@ -114,7 +111,6 @@ if (sReg !=3D null) { uMgr =3D sReg.getJahiaUserManagerService(); gMgr =3D sReg.getJahiaGroupManagerService(); - uSiteMgr =3D sReg.getJahiaSiteUserManagerService(); } // get the current website. get the jahiaserver if it's null... jahiaSite =3D (JahiaSite) session.getAttribute( ProcessingContext= .SESSION_SITE ); @@ -228,9 +224,6 @@ request.setAttribute("title", "Manage Groups"); } = - // get browser entity... - String userAgent =3D request.getHeader("user-agent"); - // redirect! JahiaAdministration.doRedirect( request, response, session, ta= rget ); = @@ -339,7 +332,8 @@ } // The following test is really disputable because we should can e= nter // as well accentueted char and any internationalized char. - else if (!JahiaTools.isAlphaValid(groupName)) { + else if (!ServicesRegistry.getInstance().getJahiaGroupManagerServi= ce() + .isGroupNameSyntaxCorrect(groupName)) { groupMessage =3D JahiaResourceBundle.getAdminResource("org.jahia= .admin.groupMessage.onlyLettersDigitsUnderscores.label", jParams, jParams.getLocale()); return false; @@ -650,7 +644,8 @@ } // The following test is really disputable because we should can e= nter // as well accentueted char and any internationalized char. - else if (!JahiaTools.isAlphaValid(groupName)) { + else if (!ServicesRegistry.getInstance().getJahiaGroupManagerServi= ce() + .isGroupNameSyntaxCorrect(groupName)) { groupMessage =3D JahiaResourceBundle.getAdminResource("org.jahia= .admin.groupMessage.onlyLettersDigitsUnderscores.label", jParams, jParams.getLocale()); return false; Modified: trunk/core/src/java/org/jahia/admin/users/ManageUsers.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/admin/users/ManageUsers.java&rev=3D17637&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/admin/users/ManageUsers.java (original) +++ trunk/core/src/java/org/jahia/admin/users/ManageUsers.java Tue Jun 19 1= 3:26:41 2007 @@ -75,7 +75,6 @@ private static final String JSP_PATH =3D JahiaAdministration.JSP_PATH; = private static JahiaUserManagerService uMgr; - private static JahiaGroupManagerService gMgr; = private JahiaSite jahiaSite; = @@ -109,7 +108,6 @@ ServicesRegistry sReg =3D ServicesRegistry.getInstance(); if (sReg !=3D null) { uMgr =3D sReg.getJahiaUserManagerService(); - gMgr =3D sReg.getJahiaGroupManagerService(); } = // get the current website. get the jahiaserver if it's null... @@ -144,7 +142,6 @@ ServicesRegistry sReg =3D ServicesRegistry.getInstance(); if (sReg !=3D null) { uMgr =3D sReg.getJahiaUserManagerService(); - gMgr =3D sReg.getJahiaGroupManagerService(); } } = @@ -405,7 +402,8 @@ } // The following test is really disputable because we should can e= nter // as well accentueted char and any internationalized char. - else if (!JahiaTools.isAlphaValid(username)) { + else if (!ServicesRegistry.getInstance().getJahiaUserManagerServic= e() + .isUsernameSyntaxCorrect(username)) { userMessage =3D JahiaResourceBundle.getAdminResource("org.jahia.= admin.userMessage.onlyLettersDigitsUnderscores.label", jParams, jParams.getLocale()); return false; @@ -423,6 +421,11 @@ userMessage =3D JahiaResourceBundle.getAdminResource("org.jahi= a.admin.userMessage.passwdLeast6Chars.label", jParams, jParams.getLocale()); return false; + } else if(!ServicesRegistry.getInstance().getJahiaUserManagerServi= ce() + .isPasswordSyntaxCorrect(passwd)) { + userMessage =3D JahiaResourceBundle.getAdminResource("org.jahi= a.admin.JahiaDisplayMessage.onlyLettersDigitsUnderscoreWithPasswd.label", + jParams, jParams.getLocale()); + return false; } else { String passwdConfirm =3D request.getParameter("passwdconfirm")= .trim(); if (!passwdConfirm.equals(passwd)) { Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupMana= gerDBProvider.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaGroupManagerDBProvider.java&rev=3D17637&= repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerDBP= rovider.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerDBP= rovider.java Tue Jun 19 13:26:41 2007 @@ -25,6 +25,7 @@ * @version 1.0 */ = +import org.apache.log4j.Logger; import org.jahia.exceptions.JahiaException; import org.jahia.hibernate.manager.JahiaGroupManager; import org.jahia.registries.ServicesRegistry; @@ -57,8 +58,8 @@ /** Group Member type designation * */ public static int GROUPTYPE =3D 2; = - private static org.apache.log4j.Logger logger =3D - org.apache.log4j.Logger.getLogger (JahiaGroupManagerDBProvider= .class); + private static Logger logger =3D Logger + .getLogger(JahiaGroupManagerDBProvider.class); = private static JahiaGroupManagerDBProvider mGroupManagerDBProvider; = @@ -123,7 +124,7 @@ public synchronized JahiaGroup createGroup (int siteID, String name, Properties properties) { // try to avoid a NullPointerException - if (!isNameValid (name)) { + if (!isGroupNameSyntaxCorrect(name)) { return null; } = @@ -143,36 +144,6 @@ } = //--------------------------------------------------------------------= ----- - private boolean isNameValid (String name) { - if (name =3D=3D null) { - return false; - } - - if (name.length () =3D=3D 0) { - return false; - } - - String authorizedCharacters =3D - "-abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_012= 3456789"; - /* EP : 2004-17-06 - char[] chars =3D authorizedCharacters.toCharArray (); - char[] nameBuffer =3D name.toCharArray ();*/ - - boolean badCharFound =3D false; - for (int i =3D 0; i < name.length() && !badCharFound; i++) { - badCharFound =3D authorizedCharacters.indexOf((int)name.charAt= (i)) < 0; - if (badCharFound) { - logger.debug ("Bad character found in DB group name [" + - name + - "] at position " + i); - } - } - /* end EP mods */ - - return (!badCharFound); - } - - //--------------------------------------------------------------------= ----- /** * This function checks on a gived site if the groupname has already b= een * assigned to another group. @@ -201,7 +172,7 @@ */ public JahiaGroup lookupGroup (int siteID, String name) { // try to avoid a NullPointerException - if (!isNameValid (name)) { + if (!isGroupNameSyntaxCorrect(name)) { return null; } = Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupMana= gerLDAPProvider.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaGroupManagerLDAPProvider.java&rev=3D1763= 7&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerLDA= PProvider.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerLDA= PProvider.java Tue Jun 19 13:26:41 2007 @@ -26,7 +26,6 @@ import org.jahia.registries.ServicesRegistry; import org.jahia.services.cache.Cache; import org.jahia.services.cache.CacheService; -import org.jahia.services.database.JahiaIncrementorsDBService; import org.jahia.services.sites.JahiaSite; import org.jahia.services.sites.JahiaSiteTools; import org.jahia.utils.JahiaTools; @@ -37,7 +36,6 @@ import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; -import java.sql.Connection; import java.util.*; = = @@ -101,17 +99,12 @@ */ private static String SEARCH_USER_ATTRIBUTE_NAME =3D "groups.ldap.memb= ers.user.attibute.map"; = - private final String MSG_INTERNAL_ERROR =3D "Group Manager internal er= ror"; - private Cache mGroupCache; private Cache mProvidersGroupCache; = - private JahiaIncrementorsDBService incrementorService =3D null; - private Properties ldapProperties =3D null; = private DirContext publicCtx =3D null; - private boolean connectedToPublic =3D false; private Vector searchWildCardAttributeList =3D null; = //in order to avoid the continuous LDAP lookups due to lookupGroup("ad= ministrators:0,1,..") @@ -163,10 +156,6 @@ this.cacheService =3D cacheService; } = - public void setIncrementorService(JahiaIncrementorsDBService increment= orService) { - this.incrementorService =3D incrementorService; - } - // -------------------------- OTHER METHODS -------------------------- = public void start() @@ -1073,7 +1062,7 @@ */ public JahiaGroup lookupGroup (int siteID, String name) { // try to avoid a NullPointerException - if (!isNameValid (name)) { + if (!isGroupNameSyntaxCorrect(name)) { return null; } = @@ -1106,34 +1095,6 @@ return group; } = - private boolean isNameValid (String name) { - if (name =3D=3D null) { - return false; - } - - if (name.length () =3D=3D 0) { - return false; - } - - String authorizedCharacters =3D - " -abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_01= 23456789{}"; - /* EP : 2004-17-06 - char[] chars =3D authorizedCharacters.toCharArray (); - char[] nameBuffer =3D name.toCharArray ();*/ - - boolean badCharFound =3D false; - for (int i =3D 0; i < name.length() && !badCharFound; i++) { - badCharFound =3D authorizedCharacters.indexOf((int)name.charAt= (i)) < 0; - if (badCharFound) { - logger.debug ("Bad character found in ldap group name [" + - name + - "] at position " + i); - } - } - /* end EP mods */ - return (!badCharFound); - } - private JahiaLDAPGroup lookupGroupInLDAP (int siteID, String name) { JahiaLDAPGroup group =3D lookupGroupInLDAP (name); if (group =3D=3D null) { Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupMana= gerProvider.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaGroupManagerProvider.java&rev=3D17637&re= pname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerPro= vider.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerPro= vider.java Tue Jun 19 13:26:41 2007 @@ -16,12 +16,15 @@ * limitations under the License. */package org.jahia.services.usermanager; = +import org.apache.log4j.Logger; +import org.jahia.bin.Jahia; import org.jahia.services.JahiaService; = import java.util.List; import java.util.Properties; import java.util.Set; import java.util.Vector; +import java.util.regex.Pattern; = /** * <p>Title: </p> @@ -36,11 +39,50 @@ public abstract class JahiaGroupManagerProvider extends JahiaService { // ------------------------------ FIELDS ------------------------------ = + private static Logger logger =3D Logger + .getLogger(JahiaGroupManagerProvider.class); + + private static Pattern groupNamePattern; + private boolean defaultProvider =3D false; private boolean readOnly =3D false; private int priority =3D 99; private String key; = + protected static Pattern getGroupNamePattern() { + if (groupNamePattern =3D=3D null) { + synchronized (JahiaUserManagerProvider.class) { + if (groupNamePattern =3D=3D null) { + groupNamePattern =3D Pattern.compile(Jahia.getSettings= () + .lookupString("userManagementGroupNamePattern"= )); + } + } + } + return groupNamePattern; + } + + /** + * Validates provided group name against a regular expression pattern, + * specified in the Jahia configuration. + * = + * @param name + * the group name to be validated + * @return <code>true</code> if the specified group name matches the + * validation pattern + */ + public boolean isGroupNameSyntaxCorrect(String name) { + if (name =3D=3D null || name.length() =3D=3D 0) { + return false; + } + + boolean nameValid =3D getGroupNamePattern().matcher(name).matches(= ); + if (!nameValid && logger.isDebugEnabled()) { + logger.debug("Validation failed for the group name: " + name + + " against pattern: " + getGroupNamePattern().pattern= ()); + } + return nameValid; + } + // --------------------- GETTER / SETTER METHODS --------------------- = public String getKey() { Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupMana= gerRoutingService.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaGroupManagerRoutingService.java&rev=3D17= 637&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerRou= tingService.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerRou= tingService.java Tue Jun 19 13:26:41 2007 @@ -785,6 +785,16 @@ return results; } = + public boolean isGroupNameSyntaxCorrect(final String name) { + Boolean result =3D (Boolean) routeCallOne(new Command() { + public Object execute(JahiaGroupManagerProvider p) { + return p.isGroupNameSyntaxCorrect(name) ? Boolean.TRUE + : Boolean.FALSE; + } + }, null, null); + return result.booleanValue(); + } + // -------------------------- INNER CLASSES -------------------------- = interface Command { Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupMana= gerService.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaGroupManagerService.java&rev=3D17637&rep= name=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerSer= vice.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaGroupManagerSer= vice.java Tue Jun 19 13:26:41 2007 @@ -246,4 +246,16 @@ * @param jahiaGroup JahiaGroup the group to be updated in the cache. */ public abstract void updateCache(JahiaGroup jahiaGroup); + = + /** + * Validates provided group name against a regular expression pattern, + * specified in the Jahia configuration. + * = + * @param name + * the group name to be validated + * @return <code>true</code> if the specified group name matches the + * validation pattern + */ + public abstract boolean isGroupNameSyntaxCorrect(String name); + } Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManag= erDBProvider.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaUserManagerDBProvider.java&rev=3D17637&r= epname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerDBPr= ovider.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerDBPr= ovider.java Tue Jun 19 13:26:41 2007 @@ -18,6 +18,7 @@ = package org.jahia.services.usermanager; = +import org.apache.log4j.Logger; import org.jahia.exceptions.JahiaException; import org.jahia.exceptions.JahiaInitializationException; import org.jahia.hibernate.manager.JahiaUserManager; @@ -50,8 +51,8 @@ /** Root user unique identification number */ public static final int ROOT_USER_ID =3D 0; = - private static org.apache.log4j.Logger logger =3D - org.apache.log4j.Logger.getLogger (JahiaUserManagerDBProvider.= class); + private static Logger logger =3D Logger + .getLogger(JahiaUserManagerDBProvider.class); = private static JahiaUserManagerDBProvider mUserManagerDBService; = @@ -135,7 +136,7 @@ public synchronized JahiaUser createUser (String name, String password, String userKey, int siteID, Properties properties) { - if (!isNameValid (name)) { + if (!isUsernameSyntaxCorrect(name)) { return null; } = @@ -145,7 +146,7 @@ } = if (!password.startsWith("SHA-1:")) { - if (!isNameValid (password)) { + if (!isPasswordSyntaxCorrect(password)) { return null; } // Encrypt the password @@ -181,34 +182,6 @@ return user; } = - //--------------------------------------------------------------------= ----- - private boolean isNameValid (String name) { - if (name =3D=3D null) { - return false; - } - - if (name.length () =3D=3D 0) { - return false; - } - - String authorizedCharacters =3D "abcdefghijklmnopqrstuvwxyzABCDEFG= HIJKLMNOPQRSTUVWXYZ_0123456789{}"; - /* EP : 2004-17-06 - char[] chars =3D authorizedCharacters.toCharArray (); - char[] nameBuffer =3D name.toCharArray ();*/ - - boolean badCharFound =3D false; - for (int i =3D 0; i < name.length() && !badCharFound; i++) { - badCharFound =3D authorizedCharacters.indexOf((int)name.charAt= (i)) < 0; - if (badCharFound) { - logger.debug ("Bad character found in DB user name [" + - name + - "] at position " + i); - } - } - /* end EP mods */ - return (!badCharFound); - } - //--------------------------------------------------------------------= ------ /** * This function checks into the system if the name has already been @@ -245,7 +218,7 @@ */ public JahiaUser lookupUser (int siteID, String name) { // try to avoid a NullPointerException - if (!isNameValid (name)) { + if (!isUsernameSyntaxCorrect(name)) { return null; } = Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManag= erLDAPProvider.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaUserManagerLDAPProvider.java&rev=3D17637= &repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerLDAP= Provider.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerLDAP= Provider.java Tue Jun 19 13:26:41 2007 @@ -19,6 +19,7 @@ = package org.jahia.services.usermanager; = +import org.apache.log4j.Logger; import org.jahia.exceptions.JahiaException; import org.jahia.exceptions.JahiaInitializationException; import org.jahia.exceptions.database.JahiaDatabaseException; @@ -65,10 +66,8 @@ public static final int GUEST_USER_ID =3D 1; = /** logging */ - private static org.apache.log4j.Logger logger =3D - org.apache.log4j.Logger.getLogger(JahiaUserManagerLDAPProvider.cla= ss); - - private static final String USERNAME_PROPERTY_NAME =3D "username"; + private static Logger logger =3D Logger + .getLogger(JahiaUserManagerLDAPProvider.class); = private static String DEFAULT_CONFIGURATION_FILE =3D "users.ldap.prope= rties"; = @@ -100,12 +99,8 @@ private Properties ldapProperties =3D null; = private DirContext publicCtx =3D null; - private boolean connectedToPublic =3D false; private Vector searchWildCardAttributeList =3D null; = - private final String MSG_INTERNAL_ERROR =3D new String( - "JahiaUserManagerLDAPProvider"); - private Cache mUserCache; private Cache mProvidersUserCache; = @@ -690,35 +685,6 @@ } } = - //--------------------------------------------------------------------= ----- - private boolean isNameValid (String name) { - if (name =3D=3D null) { - return false; - } - - if (name.length() =3D=3D 0) { - return false; - } - - String authorizedCharacters =3D "abcdefghijklmnopqrstuvwxyzABCDEFG= HIJKLMNOPQRSTUVWXYZ_0123456789{}"; - /* EP : 2004-17-06 - char[] chars =3D authorizedCharacters.toCharArray (); - char[] nameBuffer =3D name.toCharArray ();*/ - - boolean badCharFound =3D false; - for (int i =3D 0; i < name.length() && !badCharFound; i++) { - badCharFound =3D authorizedCharacters.indexOf((int)name.charAt= (i)) < 0; - if (badCharFound) { - logger.debug ("Bad character found in LDAP user name [" + - name + - "] at position " + i); - } - } - /* end EP mods */ - - return (!badCharFound); - } - /** * Performs a login of the specified user. * Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManag= erProvider.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaUserManagerProvider.java&rev=3D17637&rep= name=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerProv= ider.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerProv= ider.java Tue Jun 19 13:26:41 2007 @@ -17,6 +17,8 @@ */ package org.jahia.services.usermanager; = +import org.apache.log4j.Logger; +import org.jahia.bin.Jahia; import org.jahia.services.JahiaService; import org.jahia.utils.Base64; = @@ -25,6 +27,7 @@ import java.util.List; import java.util.Properties; import java.util.Set; +import java.util.regex.Pattern; = = /** @@ -45,6 +48,13 @@ */ public static final String GUEST_USERNAME =3D "guest"; = + private static Logger logger =3D Logger + .getLogger(JahiaUserManagerProvider.class); + + private static Pattern userNamePattern; + + private static Pattern userPasswordPattern; + private boolean defaultProvider =3D false; private boolean readOnly =3D false; private int priority =3D 99; @@ -90,6 +100,31 @@ return result; } = + private static Pattern getUserNamePattern() { + if (userNamePattern =3D=3D null) { + synchronized (JahiaUserManagerProvider.class) { + if (userNamePattern =3D=3D null) { + userNamePattern =3D Pattern.compile(Jahia.getSettings() + .lookupString("userManagementUserNamePattern")= ); + } + } + } + return userNamePattern; + } + + private static Pattern getUserPasswordPattern() { + if (userPasswordPattern =3D=3D null) { + synchronized (JahiaUserManagerProvider.class) { + if (userPasswordPattern =3D=3D null) { + userPasswordPattern =3D Pattern + .compile(Jahia.getSettings().lookupString( + "userManagementUserPasswordPattern")); + } + } + } + return userPasswordPattern; + } + // --------------------- GETTER / SETTER METHODS --------------------- = public String getKey() { @@ -209,6 +244,56 @@ */ public abstract boolean login (String userKey, String userPassword); = + /** + * Validates provided user password against a regular expression patte= rn, + * specified in the Jahia configuration. + * = + * @param password + * the user password to be validated + * @return <code>true</code> if the specified user password matches the + * validation pattern + */ + public boolean isPasswordSyntaxCorrect(String password) { + if (password =3D=3D null || password.length() =3D=3D 0) { + return false; + } + + boolean pwdCorrect =3D getUserPasswordPattern().matcher(password) + .matches(); + if (!pwdCorrect && logger.isDebugEnabled()) { + logger + .debug("Validation failed for the user password: " + + password + " against pattern: " + + getUserPasswordPattern().pattern()); + } + return pwdCorrect; + } + + /** + * Validates provided user name against a regular expression pattern, + * specified in the Jahia configuration. + * = + * @param name + * the user name to be validated + * @return <code>true</code> if the specified user name matches the + * validation pattern + */ + public boolean isUsernameSyntaxCorrect(String name) { + if (name =3D=3D null || name.length() =3D=3D 0) { + return false; + } + + boolean usernameCorrect =3D getUserNamePattern().matcher(name) + .matches(); + if (!usernameCorrect && logger.isDebugEnabled()) { + logger + .debug("Validation failed for the user name: " + + name + " against pattern: " + + getUserNamePattern().pattern()); + } + return usernameCorrect; + } + = //--------------------------------------------------------------------= ----- /** * Load all the user data and attributes. On success a reference on th= e user Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManag= erRoutingService.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaUserManagerRoutingService.java&rev=3D176= 37&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerRout= ingService.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerRout= ingService.java Tue Jun 19 13:26:41 2007 @@ -756,6 +756,27 @@ return results; } = + + public boolean isPasswordSyntaxCorrect(final String password) { + Boolean result =3D (Boolean) routeCallOne(new Command() { + public Object execute(JahiaUserManagerProvider p) { + return p.isPasswordSyntaxCorrect(password) ? Boolean.TRUE + : Boolean.FALSE; + } + }, null, null); + return result.booleanValue(); + } + + public boolean isUsernameSyntaxCorrect(final String name) { + Boolean result =3D (Boolean) routeCallOne(new Command() { + public Object execute(JahiaUserManagerProvider p) { + return p.isUsernameSyntaxCorrect(name) ? Boolean.TRUE + : Boolean.FALSE; + } + }, null, null); + return result.booleanValue(); + } + = // -------------------------- INNER CLASSES -------------------------- = interface Command { Modified: trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManag= erService.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/services/usermanager/JahiaUserManagerService.java&rev=3D17637&repn= ame=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerServ= ice.java (original) +++ trunk/core/src/java/org/jahia/services/usermanager/JahiaUserManagerServ= ice.java Tue Jun 19 13:26:41 2007 @@ -262,4 +262,26 @@ * return false on any failure. */ public abstract boolean userExists (int siteID, String name); + + /** + * Validates provided user name against a regular expression pattern, + * specified in the Jahia configuration. + * = + * @param name + * the user name to be validated + * @return <code>true</code> if the specified user name matches the + * validation pattern + */ + public abstract boolean isUsernameSyntaxCorrect(String name); + + /** + * Validates provided user password against a regular expression patte= rn, + * specified in the Jahia configuration. + * = + * @param password + * the user password to be validated + * @return <code>true</code> if the specified user password matches the + * validation pattern + */ + public abstract boolean isPasswordSyntaxCorrect(String password); } Modified: trunk/core/src/java/org/jahia/settings/SettingsBean.java URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/java/o= rg/jahia/settings/SettingsBean.java&rev=3D17637&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/java/org/jahia/settings/SettingsBean.java (original) +++ trunk/core/src/java/org/jahia/settings/SettingsBean.java Tue Jun 19 13:= 26:41 2007 @@ -806,6 +806,12 @@ = editModeSessionTimeout =3D getInt("editModeSessionTimeout", 2*= 60*60); = + settings.put("userManagementUserNamePattern", getString( + "userManagementUserNamePattern", "[\\w\\{\\}\\-]+")); + settings.put("userManagementUserPasswordPattern", getString( + "userManagementUserPasswordPattern", "[\\w\\{\\}\\-]+"= )); + settings.put("userManagementGroupNamePattern", getString( + "userManagementGroupNamePattern", "[\\w\\{\\}\\-]+")); } catch (NullPointerException npe) { logger.debug ("Properties file is not valid...!", npe); } catch (NumberFormatException nfe) { Modified: trunk/core/src/webapp/WEB-INF/etc/config/jahia.skeleton URL: https://svndev.jahia.net/websvn/diff.php?path=3D/trunk/core/src/webapp= /WEB-INF/etc/config/jahia.skeleton&rev=3D17637&repname=3Djahia =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/core/src/webapp/WEB-INF/etc/config/jahia.skeleton (original) +++ trunk/core/src/webapp/WEB-INF/etc/config/jahia.skeleton Tue Jun 19 13:2= 6:41 2007 @@ -934,4 +934,20 @@ # less memory is used by session data. In Tomcat, the default session # setting is located in the tomcat/conf/web.xml file, under the tag # <session-timeout>. -editModeSessionTimeout =3D 1800 \ No newline at end of file +editModeSessionTimeout =3D 1800 + +###################################################################### +### User and Group name validation ################################### +###################################################################### +# Pattern for the user name validation. The new user name will be +# tested against this regular expression (see java.util.regex.Pattern) +# pattern. +userManagementUserNamePattern =3D [0-9a-z_A-Z\\-= [EMAIL PROTECTED] +# Pattern for the user password validation. The new user password will be +# tested against this regular expression (see java.util.regex.Pattern) +# pattern. +userManagementUserPasswordPattern =3D [0-9a-z_A-Z\\-= [EMAIL PROTECTED] +# Pattern for the group name validation. The new group name will be +# tested against this regular expression (see java.util.regex.Pattern) +# pattern. +userManagementGroupNamePattern =3D [0-9a-z_A-Z\\-= \\{\\}]+ _______________________________________________ cvs_list mailing list [email protected] http://lists.jahia.org/cgi-bin/mailman/listinfo/cvs_list
