/branches/v3/impl/src/java/pt/estgp/estgweb/Globals.java |
---|
427,4 → 427,6 |
public static final boolean USE_XSL_CACHE =ConfigProperties.getBooleanProperty("xsl.use.cache"); |
public final static int CERTIFICATES_EXPIRTATION_IN_DAYS = ConfigProperties.getIntProperty("certificates.expire.in.days"); |
} |
/branches/v3/impl/src/java/pt/estgp/estgweb/services/users/UserRoleConfigService.java |
---|
74,9 → 74,9 |
roleConfig.setValue(userRoleConfig.getValue()); |
roleConfig.setValid(userRoleConfig.isValid()); |
roleConfig.setValueEn(userRoleConfig.getValueEn()); |
roleConfig.setValueEn(userRoleConfig.getValueEs()); |
roleConfig.setValueEn(userRoleConfig.getValueFr()); |
roleConfig.setValueEn(userRoleConfig.getValuePt()); |
roleConfig.setValueEs(userRoleConfig.getValueEs()); |
roleConfig.setValueFr(userRoleConfig.getValueFr()); |
roleConfig.setValuePt(userRoleConfig.getValuePt()); |
roleConfig.setObs(userRoleConfig.getObs()); |
} |
/branches/v3/impl/src/java/pt/estgp/estgweb/services/authenticate/AuthenticateService.java |
---|
1,5 → 1,7 |
package pt.estgp.estgweb.services.authenticate; |
import jomm.dao.impl.AbstractDao; |
import jomm.utils.BytesUtils; |
import jomm.utils.DesUtils; |
import openldap.ILdapManager; |
import openldap.LdapManagerFactory; |
13,10 → 15,7 |
import pt.estgp.estgweb.utils.ConfigProperties; |
import pt.utl.ist.berserk.logic.serviceManager.IService; |
import java.util.HashMap; |
import java.util.Iterator; |
import java.util.Map; |
import java.util.Set; |
import java.util.*; |
/* |
273,6 → 272,90 |
DaoFactory.getUserSessionDaoImpl().reattach(userSession); |
return userSession; |
} |
public UserSession loginCertificate(String certificate, UserSession userSession) throws ServiceException |
{ |
if(userSession.getUser() != null) |
{ |
new LogoutService().run(userSession); |
} |
if(certificate == null || certificate.trim().length() == 0) |
throw new AuthenticateException(AuthenticateException.FAIL_AUTHENTICATION); |
User u = null; |
List<User> users = DaoFactory.getUserDaoImpl().loadByCertificate(certificate); |
if(users == null || users.size() > 1 || users.size()== 0) |
{ |
if(users.size() > 1) |
logger.error("Erro dois users com o mesmo certificado"); |
throw new AuthenticateException(AuthenticateException.FAIL_AUTHENTICATION); |
} |
u = users.get(0); |
logger.info("certificate:" + u.getUsername() + " login:certificate:" + certificate); |
//CHECK USER BLOCK's |
if(!u.isAdmin() && !u.isSuperuser()) |
{ |
if(u.isAutoBlockMode() && u.isAutoBlock() |
|| |
!u.isAutoBlockMode() && u.isManualBlock()) |
{ |
logger.warn("certificate:" + u.getUsername() + " blocked"); |
throw new AuthenticateException(AuthenticateException.BLOCKED); |
} |
} |
logger.warn("certificate:" + u.getUsername() + " authenticated"); |
userSession.setName(u.getName()); |
userSession.setUsername(u.getUsername()); |
userSession.setUser(u); |
if(u.getRoles() == null || u.getRoles().trim().length() == 0) |
u.setRoles(Globals.ROLE_INVITED); |
DaoFactory.getUserSessionDaoImpl().reattach(userSession); |
return userSession; |
} |
/** |
* Create a new Certificate for usage in URL auto login |
* |
* @param userId |
* @return the certificate string to use in URL |
*/ |
public String createCertificate(long userId) |
{ |
User u = DaoFactory.getUserDaoImpl().load(userId); |
return createCertificate(u); |
} |
/** |
* Create a new Certificate for usage in URL auto login |
* |
* @param user to crate certificate |
* @return the certificate string |
*/ |
public String createCertificate(User user) |
{ |
String certificate = user.getId() |
+ "-" + System.currentTimeMillis() |
+ "-" + Thread.currentThread().hashCode() |
+ "-" + Runtime.getRuntime().freeMemory(); |
String md5 = BytesUtils.getMD5(certificate); |
user.setAuthenticationCertificate(md5); |
//3600 seconds = 1 hour = 3600.000 milis * 24 = 1 day * 15 = 15 days |
long daysInMilis = 3600 * 1000 * 24 * Globals.CERTIFICATES_EXPIRTATION_IN_DAYS; |
user.setAuthenticationCertificateExpire(new Date(System.currentTimeMillis()+daysInMilis)); |
return md5; |
} |
public static void main(String [] args) |
{ |
AbstractDao.getCurrentSession().beginTransaction(); |
String certificate = new AuthenticateService().createCertificate(1691); |
AbstractDao.getCurrentSession().getTransaction().commit(); |
} |
} |
/branches/v3/impl/src/java/pt/estgp/estgweb/domain/dao/impl/UserDaoImpl.java |
---|
248,6 → 248,14 |
return (User) createCriteria().add(eq("sigesCode", sigesCode)).uniqueResult(); |
} |
public List<User> loadByCertificate(String certificate) |
{ |
return createCriteria() |
.add(eq("authenticationCertificate", certificate)) |
.add(gt("authenticationCertificateExpire",new Date())) |
.list(); |
} |
// Duarte Santos |
public List<User> loadRolesUsers(List<String> roles) |
/branches/v3/impl/src/java/pt/estgp/estgweb/web/form/profile/ProfileForm.java |
---|
155,10 → 155,10 |
{ |
addMessageWithKeys(errors, httpServletRequest, "errors.required","email"); |
} |
if (userView.getPop3password().length() > 0 && !userView.getPop3password().equals(userView.getPop3passwordAgain())) |
if (userView.getPop3password() != null && userView.getPop3password().length() > 0 && !userView.getPop3password().equals(userView.getPop3passwordAgain())) |
addMessage(errors, httpServletRequest, "errors.diferent.passwords.pop"); |
else |
if (userView.getPassword() != null && userView.getPasswordAgain() != null && !userView.getPassword().equals(userView.getPasswordAgain())) |
if (userView.getPassword() != null && userView.getPassword() != null && userView.getPasswordAgain() != null && !userView.getPassword().equals(userView.getPasswordAgain())) |
addMessage(errors, httpServletRequest, "errors.diferent.passwords"); |
return errors; |
/branches/v3/impl/src/java/pt/estgp/estgweb/web/UserSessionProxy.java |
---|
52,7 → 52,6 |
{ |
try |
{ |
IServiceManager sm = ServiceManager.getInstance(); |
Object[] args = new Object[]{RequestUtils.getRequester(request, response)}; |
UserSession userSession = (UserSession) sm.execute(RequestUtils.getRequester(request, response),"LoadUserSession",args); |
/branches/v3/impl/src/java/pt/estgp/estgweb/web/controllers/authenticate/AuthenticateController.java |
---|
79,6 → 79,54 |
return mapping.findForward("error500"); |
} |
public ActionForward checkin(ActionMapping mapping, |
ActionForm form , |
HttpServletRequest request, |
HttpServletResponse response) |
throws IOException,ServletException |
{ |
String certificate = request.getParameter("certificate"); |
try |
{ |
IServiceManager sm = ServiceManager.getInstance(); |
Object[] args = new Object[]{certificate}; |
UserSession userSession = (UserSession) sm.execute(RequestUtils.getRequester(request, response),"AuthenticateCertificate",args); |
request.setAttribute(Globals.USER_SESSION_KEY,userSession); |
if(!((UserImpl)userSession.getUser()).isNewUser()) |
return mapping.findForward("success"); |
else |
{ |
ProfileForm profileForm = new ProfileForm(); |
IServiceManager sm2 = ServiceManager.getInstance(); |
String[] names = new String[]{"serializable"}; |
Object[] args2 = new Object[]{userSession.getUser().getId()}; |
UserView uV = (UserView) sm2.execute(RequestUtils.getRequester(request, response),"LoadUserById",args2,names); |
profileForm.setUserView(uV); |
request.setAttribute("ProfileForm",profileForm); |
addMessage(request,"profile.enter.first.time",uV.getName()); |
return mapping.findForward("firstTimeAuthenticate"); |
} |
} |
catch (AuthenticateException e) |
{ |
ActionMessages actionMessages = new ActionMessages(); |
actionMessages.add(ActionMessages.GLOBAL_MESSAGE,new ActionMessage(e.getMessage())); |
saveErrors(request, actionMessages); |
return mapping.getInputForward(); |
} |
catch (Throwable e) |
{ |
if(e instanceof NoCookiesException) |
return mapping.findForward("errorNoCookies"); |
logger.fatal(e,e); |
} |
return mapping.findForward("error500"); |
} |
public ActionForward logout(ActionMapping mapping, |
ActionForm form , |
HttpServletRequest request, |
/branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/UserRoleProxy.java |
---|
128,13 → 128,13 |
if(locale == null) |
return c.getValue(); |
String msg = null; |
if(locale.getCountry().equals("pt")) |
if(locale.getLanguage().equals("pt")) |
msg = c.getValuePt(); |
else if(locale.getCountry().equals("en")) |
else if(locale.getLanguage().equals("en")) |
msg = c.getValueEn(); |
else if(locale.getCountry().equals("es")) |
else if(locale.getLanguage().equals("es")) |
msg = c.getValueEs(); |
else if(locale.getCountry().equals("fr")) |
else if(locale.getLanguage().equals("fr")) |
msg = c.getValueFr(); |
if(msg == null || msg.trim().length() == 0) |
msg = c.getValue(); |
/branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/CertificateAuthenticationFilter.java |
---|
New file |
0,0 → 1,73 |
package pt.estgp.estgweb.web.filters; |
import org.apache.log4j.Logger; |
import pt.estgp.estgweb.Globals; |
import pt.estgp.estgweb.domain.UserSession; |
import pt.estgp.estgweb.web.utils.RequestUtils; |
import pt.utl.ist.berserk.logic.serviceManager.IServiceManager; |
import pt.utl.ist.berserk.logic.serviceManager.ServiceManager; |
import javax.servlet.*; |
import javax.servlet.http.HttpServletRequest; |
import javax.servlet.http.HttpServletResponse; |
import java.io.IOException; |
/** |
* |
* @author Jorge Machado |
*/ |
public class CertificateAuthenticationFilter implements Filter |
{ |
private static Logger logger = Logger.getLogger(CertificateAuthenticationFilter.class); |
public CertificateAuthenticationFilter() |
{ |
} |
public void init(FilterConfig config) |
{ |
} |
/** |
* @param resp The servlet response we are processing |
* @param req The servlet request we are processing |
* @param chain The filter chain we are processing |
* |
* @exception java.io.IOException if an input/output error occurs |
* @exception javax.servlet.ServletException if a servlet error occurs |
*/ |
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) |
throws IOException, ServletException |
{ |
HttpServletRequest request = (HttpServletRequest) req; |
HttpServletResponse response = (HttpServletResponse) resp; |
String certificate = request.getParameter("certificate"); |
if(request.getParameter("certificate")!=null) |
{ |
try { |
IServiceManager sm = ServiceManager.getInstance(); |
Object[] args = new Object[]{certificate}; |
UserSession userSession = (UserSession) sm.execute(RequestUtils.getRequester(request, response),"AuthenticateCertificate",args); |
request.setAttribute(Globals.USER_SESSION_KEY,userSession); |
} catch (Throwable e) { |
logger.error(e,e); |
} |
} |
chain.doFilter(request, response); |
} |
public void destroy() |
{ |
// Nothing |
} |
} |
/branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/UserSessionFilter.java |
---|
140,6 → 140,14 |
//{ |
// logger.warn(e); |
//} |
catch(ServletException e) |
{ |
logger.error(e,e); |
if(e.getRootCause() != null) |
{ |
logger.error(e.getRootCause(),e.getRootCause()); |
} |
} |
catch (Throwable e) |
{ |
if(e instanceof NoCookiesException) |
149,6 → 157,7 |
else |
{ |
logger.error(e,e); |
((HttpServletResponse)response).sendError(500); |
} |
} |