Author: channa
Date: Mon Mar 10 06:22:41 2008
New Revision: 14656
Log:
Removed password fields from InfoCard self registration form (MASHUP-688). Also
added restricted separator string to ensure passwords can contain any
characters (completed MASHUP-655).
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardRegistrationBean.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/RegistrationBean.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
trunk/mashup/java/modules/www/register_self_infocard.jsp
trunk/mashup/java/modules/www/user.jsp
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
==============================================================================
--- trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
(original)
+++ trunk/mashup/java/modules/core/src/org/wso2/mashup/MashupConstants.java
Mon Mar 10 06:22:41 2008
@@ -133,6 +133,7 @@
public static final String SIGNIN = "signin";
public static final int MIN_PASSWORD_LENGTH = 5;
+ public static final String PASSWORD_SEPARATOR = "<separator/>";
public static String MASHUP_PRIVATE_FOLDER_NAME = "_private";
}
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardRegistrationBean.java
==============================================================================
---
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardRegistrationBean.java
(original)
+++
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardRegistrationBean.java
Mon Mar 10 06:22:41 2008
@@ -17,6 +17,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.axiom.om.util.UUIDGenerator;
import org.wso2.mashup.MashupConstants;
import org.wso2.mashup.webapp.userprofile.ManageUsers;
import org.wso2.registry.users.UserStoreException;
@@ -44,8 +45,6 @@
// Get registration values submitted using form.
private String userName;
private String fullName;
- private String password;
- private String confirmedPassword;
private String emailId;
private String ppid;
private Hashtable errors;
@@ -58,22 +57,6 @@
this.userName = userName;
}
- public String getPassword() {
- return password;
- }
-
- public void setPassword(String password) {
- this.password = password;
- }
-
- public String getConfirmedPassword() {
- return confirmedPassword;
- }
-
- public void setConfirmedPassword(String confirmedPassword) {
- this.confirmedPassword = confirmedPassword;
- }
-
public String getFullName() {
return fullName;
}
@@ -91,8 +74,6 @@
*/
public InfoCardRegistrationBean() {
this.userName = "";
- this.password = "";
- this.confirmedPassword = "";
this.errors = new Hashtable();
}
@@ -113,6 +94,10 @@
userAttributes.put(MashupConstants.INFOCARD_PPID + 0, ppid);
userAttributes.put(MashupConstants.INFOCARD_COUNT, "1");
+ // Auto generate a password becuase the user manager needs one.
+ String uuid = UUIDGenerator.getUUID();
+ String password = uuid.substring(uuid.length() - 8);
+
try {
verifier.requestUserVerification(userName, emailId, password,
userAttributes);
success = true;
@@ -154,8 +139,6 @@
valid = false;
}
- valid = RegistrationBean.isPasswordValid(password, confirmedPassword,
errors);
-
// Expensive operation, so do only once all other data has been
validated.
if (valid) {
if (ManageUsers.isExistingUser(request, userName)) {
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/RegistrationBean.java
==============================================================================
---
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/RegistrationBean.java
(original)
+++
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/RegistrationBean.java
Mon Mar 10 06:22:41 2008
@@ -383,6 +383,9 @@
errors.put("password", "Password should be atleast " +
MashupConstants.MIN_PASSWORD_LENGTH + " characters.");
valid = false;
+ } else if (password.indexOf(MashupConstants.PASSWORD_SEPARATOR) > -1) {
+ errors.put("password", "Password uses restricted string!");
+ valid = false;
}
if (confirmedPassword.equals("")) {
@@ -394,6 +397,7 @@
errors.put("confirmedPassword", "Confirmation password must match
password.");
valid = false;
}
+
return valid;
}
}
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
==============================================================================
---
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
(original)
+++
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
Mon Mar 10 06:22:41 2008
@@ -252,6 +252,19 @@
valid = false;
}
+ // Password validated only in add mode or in edit mode with a non-null
password field.
+ if (!editMode || editMode && password.length() != 0) {
+ //Check for minimum length and restricted character use.
+ if (password.length() < MashupConstants.MIN_PASSWORD_LENGTH) {
+ errors.put("password", "Password should be atleast " +
+ MashupConstants.MIN_PASSWORD_LENGTH + " characters.");
+ valid = false;
+ } else if (password.indexOf(MashupConstants.PASSWORD_SEPARATOR) >
-1) {
+ errors.put("password", "New password uses restricted string!");
+ valid = false;
+ }
+ }
+
// Duplicate check is backend call, so done once other data is
validated and only for add.
if (!editMode && valid) {
if (ManageUsers.isExistingUser(request, userName)) {
@@ -261,15 +274,6 @@
}
}
- // Password length check done only in add mode or when resetting
password.
- if ((!editMode && password.length() <
MashupConstants.MIN_PASSWORD_LENGTH) ||
- (editMode && password.length() != 0 && password.length() <
- MashupConstants.MIN_PASSWORD_LENGTH)) {
- errors.put("password", "Password should be atleast " +
- MashupConstants.MIN_PASSWORD_LENGTH + " characters.");
- valid = false;
- }
-
return valid;
}
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
==============================================================================
---
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
(original)
+++
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
Mon Mar 10 06:22:41 2008
@@ -223,9 +223,10 @@
}
/**
- * Retrieves the first and last name of the currently logged in user,
concatenated.
+ * Retrieves the full name of the currently logged in user, from the
session if available and
+ * from the user manager if not.
*
- * @param request Current servlet request
+ * @param request Current servlet request.
* @return User's full name.
* @throws RegistryException
*/
@@ -241,6 +242,8 @@
currentUserFullName = (String)
session.getAttribute(MashupConstants.FULL_NAME +
currentUser);
+
+ // If it's not been cached in the session, retrieve it and add to
cache.
if (currentUserFullName == null || "".equals(currentUserFullName)) {
currentUserFullName = getFullName(request, currentUser);
session.setAttribute(MashupConstants.FULL_NAME + currentUser,
currentUserFullName);
@@ -248,6 +251,13 @@
return currentUserFullName;
}
+ /**
+ * Retrieve the full name of a given user from the user manager database.
+ * @param request Servlet request instance.
+ * @param userName Name of user, for whom full name is required.
+ * @return The full name of the specified user.
+ * @throws RegistryException If the retrieval of user information fails.
+ */
public static String getFullName(HttpServletRequest request, String
userName)
throws RegistryException {
String fullName = null;
@@ -655,7 +665,7 @@
public static void changeUserPassword(UserStoreAdmin storeAdmin, String
userName, String values)
throws MashupFault {
// Extract the old and new passwords from the value string.
- String[] passwords = values.split("&");
+ String[] passwords = values.split(MashupConstants.PASSWORD_SEPARATOR);
try {
String newPassword = URLDecoder.decode(passwords[1], "UTF-8");
String oldPassword = URLDecoder.decode(passwords[0], "UTF-8");
Modified: trunk/mashup/java/modules/www/register_self_infocard.jsp
==============================================================================
--- trunk/mashup/java/modules/www/register_self_infocard.jsp (original)
+++ trunk/mashup/java/modules/www/register_self_infocard.jsp Mon Mar 10
06:22:41 2008
@@ -105,22 +105,6 @@
</td>
</tr>
<tr>
- <td><label><strong>Password:<font
color="#FF0000">*</font></strong></label></td>
- <td><input type="password" name="password"
-
value="<%=infoCardRegHandler.getPassword()%>"/>
- <br><font
color="#FF0000"><%=infoCardRegHandler.getErrorMessage("password")%></font>
- </td>
- </tr>
- <tr>
- <td><label><strong>Confirmation Password:<font
color="#FF0000">*</font></strong></label></td>
- <td><input type="password"
-
name="confirmedPassword"<%=infoCardRegHandler
- .getConfirmedPassword()%>"/>
- <br><font
color="#FF0000"><%=infoCardRegHandler
-
.getErrorMessage("confirmedPassword")%></font>
- </td>
- </tr>
- <tr>
<td> </td>
<td><input type="submit" value="Register"/>
<input type="button" value="Cancel" onclick="document.location = '<%=
bounceback %>';"></td>
</tr>
@@ -129,7 +113,12 @@
<td align="center"></td>
</tr>
</table>
- </form>
+ </form>
+ <div>
+ If you need to login using a password at some point of time,
please use the
+ <a
href="reset_password.jsp?firstcall=true&bounceback=<%=URLEncoder.encode(bounceback,"UTF-8")%>">Retrieve
+ Forgotten Password</a> feature to have one generated and sent to
your e-mail ID.
+ </div>
<br>
<% }
} else { %>
Modified: trunk/mashup/java/modules/www/user.jsp
==============================================================================
--- trunk/mashup/java/modules/www/user.jsp (original)
+++ trunk/mashup/java/modules/www/user.jsp Mon Mar 10 06:22:41 2008
@@ -163,7 +163,7 @@
function showControls(field) {
$(field + "_input").show();
$(field).hide();
- $("passwordMessages_value").clear();
+ $("passwordMessages_value").update('');
}
function updatePassword(field, fieldtype, user) {
@@ -176,8 +176,11 @@
} else if (newPassword.length < <%=
MashupConstants.MIN_PASSWORD_LENGTH %>) {
$("passwordMessages_value").update("New password length must
exceed <%=
MashupConstants.MIN_PASSWORD_LENGTH %> characters!");
+ } else if (newPassword.indexOf("<%=
MashupConstants.PASSWORD_SEPARATOR %>") > -1) {
+ $("passwordMessages_value").update("New password uses
restricted string!");
} else {
- var changeDetails = encodeURI(oldPassword) + "&" +
encodeURI(newPassword);
+ var changeDetails = encodeURI(oldPassword) + "<%=
MashupConstants.PASSWORD_SEPARATOR
+ %>" + encodeURI(newPassword);
new Ajax.Request("ajax_profile.jsp?name=" + user + "&field=" +
fieldtype, {
method: "post",
contentType: "text/html",
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
