Author: ate
Date: Thu Sep 22 14:31:19 2005
New Revision: 291018
URL: http://svn.apache.org/viewcvs?rev=291018&view=rev
Log:
Implementation of http://issues.apache.org/jira/browse/JS2-371:
Provide password expiration management and defaults for "Change password on
first login" from the admin UserDetailsPortlet
Online documentation for using this will be provided shortly.
Modified:
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources.properties
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources_en.properties
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/portlet.xml
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details-edit.jsp
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details.jsp
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/AuthenticationProviderProxy.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthenticationProviderProxyImpl.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/CredentialHandler.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/UserManager.java
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/om/InternalCredential.java
Modified:
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources.properties
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources.properties?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources.properties
(original)
+++
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources.properties
Thu Sep 22 14:31:19 2005
@@ -33,6 +33,9 @@
security.profile.rules=Profile Rules
security.enabled=enabled
security.expired=expired
+security.active=active
+security.Extend=Extend
+security.Extend.Unlimited=Extend Unlimited
security.credential.value=Value
security.credential.update.required=change required at next logon
security.credential.last.logon=Last Logon
@@ -58,8 +61,11 @@
user.details.preference.showGroupTab=Show Group Tab
user.details.preference.showProfileTab=Show Profile Tab
user.details.preference.showPasswordOnUserTab=Show Password on User Tab
+user.details.preference.showPasswordExpiration=Show Password Expiration
+user.details.preference.showChangePasswordRequiredForAddUser=Define default
\"Change Password Required on First Login\" for new User
user.details.preference.showRoleForAddUser=Define default Role for new User
user.details.preference.showProfileForAddUser=Define default Profile for new
User
+user.details.preference.defaultChangePasswordRequired=Default \"Change
Password Required on First Login\"
user.details.preference.defaultRole=Default Role for new User
user.details.preference.defaultProfile=Default Profile for new User
user.details.save.preferences=Save
Modified:
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources_en.properties
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources_en.properties?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources_en.properties
(original)
+++
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/SecurityResources_en.properties
Thu Sep 22 14:31:19 2005
@@ -29,6 +29,9 @@
security.profile.rules=Profile Rules
security.enabled=enabled
security.expired=expired
+security.active=active
+security.Extend=Extend
+security.Extend.Unlimited=Extend Unlimited
security.credential.value=Value
security.credential.update.required=change required at next logon
security.credential.last.logon=Last Logon
@@ -60,8 +63,11 @@
user.details.preference.showGroupTab=Show Group Tab
user.details.preference.showProfileTab=Show Profile Tab
user.details.preference.showPasswordOnUserTab=Show Password on User Tab
+user.details.preference.showPasswordExpiration=Show Password Expiration
+user.details.preference.showChangePasswordRequiredForAddUser=Define default
\"Change Password Required on First Login\" for new User
user.details.preference.showRoleForAddUser=Define default Role for new User
user.details.preference.showProfileForAddUser=Define default Profile for new
User
+user.details.preference.defaultChangePasswordRequired=Default \"Change
Password Required on First Login\"
user.details.preference.defaultRole=Default Role for new User
user.details.preference.defaultProfile=Default Profile for new User
user.details.save.preferences=Save
Modified:
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
(original)
+++
portals/jetspeed-2/trunk/applications/security/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
Thu Sep 22 14:31:19 2005
@@ -19,6 +19,7 @@
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
+import java.util.Date;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedList;
@@ -64,6 +65,7 @@
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.UserPrincipal;
+import org.apache.jetspeed.security.om.InternalCredential;
import org.apache.portals.bridges.beans.TabBean;
import org.apache.portals.bridges.common.GenericServletPortlet;
import org.apache.portals.bridges.util.PreferencesHelper;
@@ -85,7 +87,6 @@
private final String VIEW_RULES = "rules";
private final String VIEW_CREDENTIAL = "credential";
private final String VIEW_ALL_RULES = "prules";
- private final String VIEW_SELECTED_RULE = "selectedRule";
private final String VIEW_PA_USER_ATTRIBUTES = "paUserAttributes";
private final String USER_ACTION_PREFIX = "security_user.";
@@ -567,7 +568,9 @@
Folder folder = pageManager.getFolder(Folder.USER_FOLDER +
userName);
pageManager.removeFolder(folder);
-
+
+ // remove selected user from USERS_TOPIC
+
PortletMessaging.cancel(actionRequest,SecurityResources.TOPIC_USERS,
SecurityResources.MESSAGE_SELECTED);
// TODO: send message to site manager portlet
}
@@ -606,11 +609,11 @@
try
{
String password =
actionRequest.getParameter("user_cred_value");
- boolean updated = false;
+ boolean passwordSet = false;
if ( password != null && password.trim().length() > 0 )
{
userManager.setPassword(userName, null, password);
- updated = true;
+ passwordSet = true;
}
PasswordCredential credential = getCredential(userName);
if ( credential != null )
@@ -622,7 +625,6 @@
if (updateRequired != credential.isUpdateRequired())
{
userManager.setPasswordUpdateRequired(userName,updateRequired);
- updated = true;
}
}
String enabledStr =
actionRequest.getParameter("user_cred_enabled");
@@ -632,7 +634,23 @@
if (enabled != credential.isEnabled())
{
userManager.setPasswordEnabled(userName,enabled);
- updated = true;
+ }
+ }
+ String expiredFlagStr =
actionRequest.getParameter("user_expired_flag");
+ if (expiredFlagStr != null)
+ {
+ if ( !passwordSet && expiredFlagStr.equals("expired"))
+ {
+ java.sql.Date today = new java.sql.Date(new
Date().getTime());
+ userManager.setPasswordExpiration(userName,today);
+ }
+ else if (expiredFlagStr.equals("extend"))
+ {
+ userManager.setPasswordExpiration(userName,null);
+ }
+ else if (expiredFlagStr.equals("unlimited"))
+ {
+
userManager.setPasswordExpiration(userName,InternalCredential.MAX_DATE);
}
}
}
@@ -723,7 +741,6 @@
{
String userName = (String)PortletMessaging.receive(actionRequest,
SecurityResources.TOPIC_USERS,
SecurityResources.MESSAGE_SELECTED);
- List deletes = new LinkedList();
User user = lookupUser(userName);
if (user != null)
@@ -893,10 +910,11 @@
return new LinkedList();
}
- private PasswordCredential getCredential(String userName)
+ private PasswordCredential getCredential(User user)
{
PasswordCredential credential = null;
- Set credentials =
lookupUser(userName).getSubject().getPrivateCredentials();
+
+ Set credentials = user.getSubject().getPrivateCredentials();
Iterator iter = credentials.iterator();
while (iter.hasNext())
{
@@ -909,6 +927,10 @@
}
return credential;
}
+ private PasswordCredential getCredential(String userName)
+ {
+ return getCredential(lookupUser(userName));
+ }
private User lookupUser(String userName)
{
@@ -1016,6 +1038,21 @@
PortletMessaging.publish(actionRequest,
SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED, userName);
User user = userManager.getUser(userName);
+
+ PasswordCredential credential = getCredential(user);
+ if ( credential != null )
+ {
+ String updateRequiredStr =
actionRequest.getParameter("user_cred_updreq");
+ if (updateRequiredStr != null)
+ {
+ boolean updateRequired =
Boolean.valueOf(updateRequiredStr).booleanValue();
+ if (updateRequired != credential.isUpdateRequired())
+ {
+
userManager.setPasswordUpdateRequired(userName,updateRequired);
+ }
+ }
+ }
+
String role = actionRequest.getParameter(ROLES_CONTROL);
if (!SecurityUtil.isEmpty(role) && user != null)
{
Modified:
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/portlet.xml
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/portlet.xml?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/portlet.xml
(original)
+++
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/portlet.xml
Thu Sep 22 14:31:19 2005
@@ -201,6 +201,14 @@
<value>false</value>
</preference>
<preference>
+ <name>showPasswordExpiration</name>
+ <value>false</value>
+ </preference>
+ <preference>
+ <name>showChangePasswordRequiredForAddUser</name>
+ <value>true</value>
+ </preference>
+ <preference>
<name>showRoleForAddUser</name>
<value>true</value>
</preference>
@@ -208,6 +216,10 @@
<name>showProfileForAddUser</name>
<value>true</value>
</preference>
+ <preference>
+ <name>defaultChangePasswordRequired</name>
+ <value>false</value>
+ </preference>
<preference>
<name>defaultRole</name>
<value>user</value>
Modified:
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details-edit.jsp
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details-edit.jsp?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details-edit.jsp
(original)
+++
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details-edit.jsp
Thu Sep 22 14:31:19 2005
@@ -35,13 +35,13 @@
<form action="<portlet:actionURL/>" method="post">
<c:set var="prefs" value="${renderRequest.preferences.map}"/>
<table border="0" cellspacing="2" cellpadding="3">
- <c:forEach var="prefName"
items="showUserTab,showAttributesTab,showPasswordTab,showRoleTab,showGroupTab,showProfileTab,showPasswordOnUserTab,showRoleForAddUser,showProfileForAddUser">
+ <c:forEach var="prefName"
items="showUserTab,showAttributesTab,showPasswordTab,showPasswordExpiration,showRoleTab,showGroupTab,showProfileTab,showPasswordOnUserTab,showChangePasswordRequiredForAddUser,showRoleForAddUser,showProfileForAddUser,defaultChangePasswordRequired">
<tr>
<c:set var="prefValue" value='${prefs[prefName][0]}'/>
- <th class="portlet-section-alternate">
+ <td class="portlet-section-alternate">
<font class="portlet-form-field-label"><fmt:message
key="user.details.preference.${prefName}"/></font>
- </th>
- <td>
+ </td>
+ <td class="portlet-section-body">
<input type="hidden" name="<c:out value="${prefName}"/>" value="<c:out
value="${prefValue}"/>"/>
<input type="checkbox" <c:if test="${prefValue}">checked</c:if>
onclick="t(this,<c:out value="${prefName}"/>)"
class="portlet-form-field-label" />
@@ -51,10 +51,10 @@
<tr>
<c:set var="prefName" value="defaultRole"/>
<c:set var="prefValue" value='${prefs[prefName][0]}'/>
- <th class="portlet-section-alternate">
+ <td class="portlet-section-alternate">
<font class="portlet-form-field-label"><fmt:message
key="user.details.preference.${prefName}"/></font>
- </th>
- <td>
+ </td>
+ <td class="portlet-section-body">
<select name="<c:out value="${prefName}"/>"
class="portlet-form-field-label">
<option value=""/>
<c:forEach var="item" items="${jetspeedRoles}">
@@ -68,10 +68,10 @@
<tr>
<c:set var="prefName" value="defaultProfile"/>
<c:set var="prefValue" value='${prefs[prefName][0]}'/>
- <th class="portlet-section-alternate">
+ <td class="portlet-section-alternate">
<font class="portlet-form-field-label"><fmt:message
key="user.details.preference.${prefName}"/></font>
- </th>
- <td>
+ </td>
+ <td class="portlet-section-body">
<select name="<c:out value="${prefName}"/>"
class="portlet-form-field-label">
<option value=""/>
<c:forEach var="item" items="${jetspeedRules}">
Modified:
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details.jsp
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details.jsp?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details.jsp
(original)
+++
portals/jetspeed-2/trunk/applications/security/src/webapp/WEB-INF/security/users/user-details.jsp
Thu Sep 22 14:31:19 2005
@@ -79,6 +79,7 @@
<c:set var="canUpdate" value="true"/>
<tr>
<th class="portlet-section-header"
colspan="2"><fmt:message key="user.attributes.header"/></th>
+ <td colspan="2"></td>
</tr>
</c:if>
<c:forEach var="attr" items="${requestScope.paUserAttributes}">
@@ -96,11 +97,11 @@
<c:if test='${prefs["showPasswordOnUserTab"][0]}'>
<c:if test="${canUpdate}">
- <tr><td colspan="5"> </td></tr>
+ <tr><td colspan="4"> </td></tr>
</c:if>
<c:set var="canUpdate" value="true"/>
<tr>
- <th class="portlet-section-header"
colspan="5"><fmt:message key="user.password.header"/></th>
+ <th class="portlet-section-header"
colspan="4"><fmt:message key="user.password.header"/></th>
</tr>
<tr>
<td class="portlet-section-alternate" >
@@ -118,8 +119,6 @@
<c:if test="${credential.updateRequired}">checked</c:if>
onclick="if(this.checked) user_cred_updreq.value='true';else
user_cred_updreq.value='false';"
class="portlet-form-field-label" />
- </td>
- <td class="portlet-section-body" >
<fmt:message key="security.credential.update.required"/>
</td>
</tr>
@@ -128,7 +127,7 @@
<fmt:message key="security.credential.last.logon"/>
</td>
<td class="portlet-section-body" >
- <fmt:formatDate value="${credential.lastAuthenticationDate}"
type="both" dateStyle="short" timeStyle="long"/>
+ <fmt:formatDate value="${credential.lastAuthenticationDate}"
type="both" dateStyle="long" timeStyle="long"/>
</td>
<td>
@@ -139,28 +138,49 @@
<c:if test="${credential.enabled}">checked</c:if>
onclick="if(this.checked) user_cred_enabled.value='true';else
user_cred_enabled.value='false';"
class="portlet-form-field-label" />
- </td>
- <td class="portlet-section-body" >
<fmt:message key="security.enabled"/>
</td>
</tr>
+ <c:if test='${prefs["showPasswordExpiration"][0]}'>
<tr>
<td class="portlet-section-alternate" >
<fmt:message key="security.credential.expires"/>
</td>
- <td class="portlet-section-body" >
- <fmt:formatDate value="${credential.expirationDate}" type="both"
dateStyle="short" timeStyle="long"/>
+ <td class="portlet-section-body" nowrap>
+ <fmt:formatDate value="${credential.expirationDate}" type="both"
dateStyle="long" timeStyle="long"/>
</td>
<td>
</td>
- <td class="portlet-section-body" >
- <input type="checkbox" disabled <c:if
test="${credential.expired}">checked</c:if>/>
- </td>
- <td class="portlet-section-body" >
- <fmt:message key="security.expired"/>
- </td>
+ <td class="portlet-section-body">
+ <table cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+ <c:if test="${!credential.expired}">
+ <input type="radio" name="user_expired_flag" value="active"
checked>
+ <fmt:message key="security.active"/>
+
+ </c:if>
+ </td>
+ <td>
+ <input type="radio" name="user_expired_flag" value="expired"
<c:if test="${credential.expired}">checked</c:if>>
+ <fmt:message key="security.expired"/>
+
+ </td>
+ <td>
+ <input type="radio" name="user_expired_flag" value="extend">
+ <fmt:message key="security.Extend"/>
+
+ </td>
+ <td>
+ <input type="radio" name="user_expired_flag" value="unlimited">
+ <fmt:message key="security.Extend.Unlimited"/>
+ </td>
+ </tr>
+ </table>
+ </td>
</tr>
+ </c:if>
</c:if>
</table>
<c:if test="${canUpdate}">
@@ -275,8 +295,6 @@
<c:if test="${credential.updateRequired}">checked</c:if>
onclick="if(this.checked) user_cred_updreq.value='true';else
user_cred_updreq.value='false';"
class="portlet-form-field-label" />
- </td>
- <td class="portlet-section-body" >
<fmt:message key="security.credential.update.required"/>
</td>
</tr>
@@ -285,7 +303,7 @@
<fmt:message key="security.credential.last.logon"/>
</td>
<td class="portlet-section-body" >
- <fmt:formatDate value="${credential.lastAuthenticationDate}"
type="both" dateStyle="short" timeStyle="long"/>
+ <fmt:formatDate value="${credential.lastAuthenticationDate}"
type="both" dateStyle="long" timeStyle="long"/>
</td>
<td>
@@ -296,28 +314,49 @@
<c:if test="${credential.enabled}">checked</c:if>
onclick="if(this.checked) user_cred_enabled.value='true';else
user_cred_enabled.value='false';"
class="portlet-form-field-label" />
- </td>
- <td class="portlet-section-body" >
<fmt:message key="security.enabled"/>
</td>
</tr>
+ <c:if test='${prefs["showPasswordExpiration"][0]}'>
<tr>
<td class="portlet-section-alternate" >
<fmt:message key="security.credential.expires"/>
</td>
<td class="portlet-section-body" >
- <fmt:formatDate value="${credential.expirationDate}" type="both"
dateStyle="short" timeStyle="long"/>
+ <fmt:formatDate value="${credential.expirationDate}" type="both"
dateStyle="long" timeStyle="long"/>
</td>
<td>
</td>
<td class="portlet-section-body" >
- <input type="checkbox" disabled <c:if
test="${credential.expired}">checked</c:if>/>
- </td>
- <td class="portlet-section-body" >
- <fmt:message key="security.expired"/>
+ <table cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+ <c:if test="${!credential.expired}">
+ <input type="radio" name="user_expired_flag" value="active"
checked>
+ <fmt:message key="security.active"/>
+
+ </c:if>
+ </td>
+ <td>
+ <input type="radio" name="user_expired_flag" value="expired"
<c:if test="${credential.expired}">checked</c:if>>
+ <fmt:message key="security.expired"/>
+
+ </td>
+ <td>
+ <input type="radio" name="user_expired_flag" value="extend">
+ <fmt:message key="security.Extend"/>
+
+ </td>
+ <td>
+ <input type="radio" name="user_expired_flag" value="unlimited">
+ <fmt:message key="security.Extend.Unlimited"/>
+ </td>
+ </tr>
+ </table>
</td>
</tr>
+ </c:if>
</table>
<input type="submit" value="<fmt:message key="security.update"/>"
class="portlet-form-button" />
</form>
@@ -544,6 +583,7 @@
<%-- Add New User --%>
<c:if test="${user == null}">
+<script language="JavaScript">function t(i,f){if(i.checked)
f.value='true';else f.value='false';}</script>
<h3 class="portlet-section-header">Add User</h3>
@@ -576,6 +616,26 @@
<c:set var="defaultRole" value='${prefs["defaultRole"][0]}'/>
<c:set var="defaultProfile" value='${prefs["defaultProfile"][0]}'/>
+ <c:set var="prefName" value="showChangePasswordRequiredForAddUser"/>
+ <c:set var="prefValue" value='${prefs[prefName][0]}'/>
+ <c:choose>
+ <c:when test='${prefs[prefName][0]}'>
+ <tr colspan="2" align="right">
+ <td nowrap class="portlet-section-alternate" align="right">Change
Password on first Login: </td>
+ <td class="portlet-section-body" align="left">
+ <c:set var="prefName" value="defaultChangePasswordRequired"/>
+ <c:set var="prefValue" value='${prefs[prefName][0]}'/>
+ <input type="hidden" name="user_cred_updreq" value="<c:out
value="${prefValue}"/>"/>
+ <input type="checkbox" <c:if test="${prefValue}">checked</c:if>
+ onclick="t(this,user_cred_updreq)"
class="portlet-form-field-label" />
+ </td>
+ </tr>
+ </c:when>
+ <c:otherwise>
+ <input type="hidden" name="jetspeedRoles" value="<c:out
value="${defaultRole}"/>">
+ </c:otherwise>
+ </c:choose>
+
<c:choose>
<c:when test='${prefs["showRoleForAddUser"][0]}'>
<!-- Select Roles -->
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/AuthenticationProviderProxy.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/AuthenticationProviderProxy.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/AuthenticationProviderProxy.java
(original)
+++
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/AuthenticationProviderProxy.java
Thu Sep 22 14:31:19 2005
@@ -14,6 +14,8 @@
*/
package org.apache.jetspeed.security;
+import java.sql.Date;
+
import org.apache.jetspeed.security.spi.CredentialHandler;
import org.apache.jetspeed.security.spi.UserSecurityHandler;
@@ -114,6 +116,21 @@
* @throws Throws a security exception.
*/
void setPasswordEnabled(String userName, boolean enabled,
+ String authenticationProvider) throws SecurityException;
+
+ /**
+ * <p>
+ * Set the expiration date and the expired flag of the password credential
in a given authentication provider</p>
+ * <p>
+ * If a date equal or before the current date is provided, the expired
flag will be set to true,
+ * otherwise to false.</p>
+ *
+ * @param userName The user name.
+ * @param expirationDate The expiration date to set.
+ * @param authenticationProvider The authentication provider name.
+ * @throws Throws a security exception.
+ */
+ void setPasswordExpiration(String userName, Date expirationDate,
String authenticationProvider) throws SecurityException;
/**
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthenticationProviderProxyImpl.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthenticationProviderProxyImpl.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthenticationProviderProxyImpl.java
(original)
+++
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthenticationProviderProxyImpl.java
Thu Sep 22 14:31:19 2005
@@ -15,6 +15,7 @@
package org.apache.jetspeed.security.impl;
import java.security.Principal;
+import java.sql.Date;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.LinkedList;
@@ -367,6 +368,38 @@
if ( providerName != null )
{
setPasswordUpdateRequired(userName, updateRequired, providerName);
+ }
+ else
+ {
+ throw new
SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
+ }
+ }
+
+ /**
+ * @see
org.apache.jetspeed.security.AuthenticationProviderProxy#setPasswordExpiration(java.lang.String,
java.sql.Date, java.lang.String)
+ */
+ public void setPasswordExpiration(String userName, Date expirationDate,
String authenticationProvider) throws SecurityException
+ {
+ AuthenticationProvider provider =
getAuthenticationProviderByName(authenticationProvider);
+ if ( provider != null )
+ {
+
provider.getCredentialHandler().setPasswordExpiration(userName,expirationDate);
+ }
+ else
+ {
+ throw new
SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
+ }
+ }
+
+ /**
+ * @see
org.apache.jetspeed.security.spi.CredentialHandler#setPasswordExpiration(java.lang.String,
java.sql.Date)
+ */
+ public void setPasswordExpiration(String userName, Date expirationDate)
throws SecurityException
+ {
+ String providerName = getAuthenticationProvider(userName);
+ if ( providerName != null )
+ {
+ setPasswordExpiration(userName, expirationDate, providerName);
}
else
{
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/UserManagerImpl.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
(original)
+++
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
Thu Sep 22 14:31:19 2005
@@ -15,6 +15,7 @@
package org.apache.jetspeed.security.impl;
import java.security.Principal;
+import java.sql.Date;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
@@ -503,5 +504,21 @@
userPrincipal.setEnabled(enabled);
atnProviderProxy.updateUserPrincipal(userPrincipal);
}
+ }
+
+ /**
+ * @see
org.apache.jetspeed.security.UserManager#setPasswordExpiration(java.lang.String,
java.sql.Date)
+ */
+ public void setPasswordExpiration(String userName, Date expirationDate)
throws SecurityException
+ {
+ ArgUtil.notNull(new Object[]
+ { userName,}, new String[]
+ { "userName"}, "setPasswordExpiration(java.lang.String,
java.sql.Date)");
+
+ if (getAnonymousUser().equals(userName))
+ {
+ throw new
SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED.create(userName));
+ }
+ atnProviderProxy.setPasswordExpiration(userName, expirationDate);
}
}
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/CredentialHandler.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/CredentialHandler.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/CredentialHandler.java
(original)
+++
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/CredentialHandler.java
Thu Sep 22 14:31:19 2005
@@ -14,6 +14,7 @@
*/
package org.apache.jetspeed.security.spi;
+import java.sql.Date;
import java.util.Set;
import org.apache.jetspeed.security.PasswordCredential;
@@ -89,6 +90,19 @@
* @throws Throws a security exception.
*/
void setPasswordEnabled(String userName, boolean enabled) throws
SecurityException;
+
+ /**
+ * <p>
+ * Set the expiration date and the expired flag of the password
credential.</p>
+ * <p>
+ * If a date equal or before the current date is provided, the expired
flag will be set to true,
+ * otherwise to false.</p>
+ *
+ * @param userName The user name.
+ * @param expirationDate The expiration date to set.
+ * @throws Throws a security exception.
+ */
+ void setPasswordExpiration(String userName, Date expirationDate) throws
SecurityException;
/**
* <p>
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
(original)
+++
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
Thu Sep 22 14:31:19 2005
@@ -291,6 +291,39 @@
}
/**
+ * @see
org.apache.jetspeed.security.spi.CredentialHandler#setPasswordExpiration(java.lang.String,
java.sql.Date)
+ */
+ public void setPasswordExpiration(String userName, java.sql.Date
expirationDate) throws SecurityException
+ {
+ InternalUserPrincipal internalUser =
securityAccess.getInternalUserPrincipal(userName, false);
+ if (null != internalUser)
+ {
+ InternalCredential credential =
getPasswordCredential(internalUser, userName );
+ if ( credential != null )
+ {
+ long time = new Date().getTime();
+ if ( expirationDate != null && new
java.sql.Date(time).after(expirationDate))
+ {
+ credential.setExpired(true);
+ }
+ else
+ {
+ credential.setExpired(false);
+ }
+ credential.setExpirationDate(expirationDate);
+
+ credential.setModifiedDate(new Timestamp(time));
+ internalUser.setModifiedDate(new Timestamp(time));
+ securityAccess.setInternalUserPrincipal(internalUser, false);
+ }
+ }
+ else
+ {
+ throw new
SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
+ }
+ }
+
+ /**
* @see
org.apache.jetspeed.security.spi.CredentialHandler#authenticate(java.lang.String,
java.lang.String)
*/
public boolean authenticate(String userName, String password) throws
SecurityException
Modified:
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/UserManager.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/UserManager.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/UserManager.java
(original)
+++
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/UserManager.java
Thu Sep 22 14:31:19 2005
@@ -14,6 +14,7 @@
*/
package org.apache.jetspeed.security;
+import java.sql.Date;
import java.util.Collection;
import java.util.Iterator;
@@ -179,4 +180,17 @@
* @param enabled enabled flag for the user
*/
void setUserEnabled(String userName, boolean enabled) throws
SecurityException;
+
+ /**
+ * <p>
+ * Set the expiration date and the expired flag of the password
credential.</p>
+ * <p>
+ * If a date equal or before the current date is provided, the expired
flag will be set to true,
+ * otherwise to false.</p>
+ *
+ * @param userName The user name.
+ * @param expirationDate The expiration date to set.
+ * @throws Throws a security exception.
+ */
+ void setPasswordExpiration(String userName, Date expirationDate) throws
SecurityException;
}
Modified:
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/om/InternalCredential.java
URL:
http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/om/InternalCredential.java?rev=291018&r1=291017&r2=291018&view=diff
==============================================================================
---
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/om/InternalCredential.java
(original)
+++
portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/om/InternalCredential.java
Thu Sep 22 14:31:19 2005
@@ -42,6 +42,14 @@
public static final int PRIVATE = 0;
/** Public credentials type. */
public static final int PUBLIC = 1;
+
+ /**
+ * Maximum allowed java.sql.Date value (according to the specs).
+ * <em>Note:</em><br>
+ * The concrete value is default time zone dependent and should
<em>only</em>
+ * be used for setting Date fields, not to <em>compare<em> against.
+ */
+ public static final Date MAX_DATE = Date.valueOf("8099-01-01");
/**
* <p>Getter for the credential id.</p>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
