> On 2012-01-09 17:41:59, mfranklin wrote: > > A couple of notes: > > > > 1) I think there is room for consolidation of similar functionality into > > cohesive units (IE UserService) > > 2) Your services all use checked exceptions, the rest of Rave uses > > RuntimeExceptions > > 3) I would review the model for resetting a password via e-mail. There are > > a couple of attacks that could be made if you were able to get the > > forgotPasswordHash vi Man in the middle or other means. Though, these are > > common in a lot of e-mail reset mechanisms > > > > marijan milicevic wrote: > Hi Matt, > do you have any suggestions for nr. 3)? > > > marijan milicevic wrote: > bump ;-) > Hi Matt, > could you review my changes or maybe suggest some other way to implement > this, thx.
another bump ;-) (before merging becomes a hell) - marijan ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/3427/#review4267 ----------------------------------------------------------- On 2012-01-18 15:18:14, marijan milicevic wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/3427/ > ----------------------------------------------------------- > > (Updated 2012-01-18 15:18:14) > > > Review request for rave. > > > Summary > ------- > > - configure mail settings to be able to test, see comments in: > /rave/rave-components/rave-core/src/main/resources/org/apache/rave/core-applicationContext.xml > > > Diffs > ----- > > https://svn.apache.org/repos/asf/incubator/rave/trunk/pom.xml 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-commons/src/main/java/org/apache/rave/exception/EmailException.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/pom.xml > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/model/NewUser.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/model/User.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/repository/UserRepository.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/repository/impl/JpaUserRepository.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/EmailService.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/UserService.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/DefaultEmailService.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/DefaultUserService.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/main/resources/org/apache/rave/core-applicationContext.xml > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-core/src/test/resources/portal.properties > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/controller/ChangePasswordController.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/controller/NewAccountController.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/controller/ReminderController.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/util/ModelKeys.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/util/ViewNames.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/validator/ChangePasswordValidator.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/validator/NewAccountValidator.java > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/validator/NewPasswordValidator.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/controller/ChangePasswordControllerTest.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/controller/ReminderControllerTest.java > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/resources/messages.properties > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/resources/messages_nl.properties > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/resources/portal.properties > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/jsp/views/changepassword.jsp > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/jsp/views/newpassword.jsp > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/jsp/views/retrieveusername.jsp > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/mailtemplates/password_reminder.ftl > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/mailtemplates/username_reminder.ftl > PRE-CREATION > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal-resources/src/main/webapp/login.jsp > 1232904 > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal/pom.xml > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal/src/main/dist/NOTICE > 1232904 > > https://svn.apache.org/repos/asf/incubator/rave/trunk/rave-portal/src/test/resources/portal.properties > 1232904 > > Diff: https://reviews.apache.org/r/3427/diff > > > Testing > ------- > > > Thanks, > > marijan > >
