bacoAlunosENGSOFT2019

BlueGreycalmElegant

Català-Valencià - Catalan中文 - Chinese (Simplified)中文 - Chinese (Traditional)Česky - CzechDansk - DanishNederlands - DutchEnglish - EnglishSuomi - FinnishFrançais - FrenchDeutsch - Germanעברית - Hebrewहिंदी - HindiMagyar - HungarianBahasa Indonesia - IndonesianItaliano - Italian日本語 - Japanese한국어 - Koreanमराठी - MarathiNorsk - NorwegianPolski - PolishPortuguês - PortuguesePortuguês - Portuguese (Brazil)Русский - RussianSlovenčina - SlovakSlovenščina - SlovenianEspañol - SpanishSvenska - SwedishTürkçe - TurkishOëzbekcha - Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /branches/v3/impl/src/java/pt/estgp/estgweb @ 1316

  → /branches/v3/impl/src/java/pt/estgp/estgweb @ 1317

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 1316 → Rev 1317

/branches/v3/impl/src/java/pt/estgp/estgweb/Globals.java
427,4 → 427,6
public static final boolean USE_XSL_CACHE =ConfigProperties.getBooleanProperty("xsl.use.cache");
public final static int CERTIFICATES_EXPIRTATION_IN_DAYS = ConfigProperties.getIntProperty("certificates.expire.in.days");
}

/branches/v3/impl/src/java/pt/estgp/estgweb/services/users/UserRoleConfigService.java
74,9 → 74,9
roleConfig.setValue(userRoleConfig.getValue());
roleConfig.setValid(userRoleConfig.isValid());
roleConfig.setValueEn(userRoleConfig.getValueEn());
roleConfig.setValueEn(userRoleConfig.getValueEs());
roleConfig.setValueEn(userRoleConfig.getValueFr());
roleConfig.setValueEn(userRoleConfig.getValuePt());
roleConfig.setValueEs(userRoleConfig.getValueEs());
roleConfig.setValueFr(userRoleConfig.getValueFr());
roleConfig.setValuePt(userRoleConfig.getValuePt());
roleConfig.setObs(userRoleConfig.getObs());
}

/branches/v3/impl/src/java/pt/estgp/estgweb/services/authenticate/AuthenticateService.java
1,5 → 1,7
package pt.estgp.estgweb.services.authenticate;
import jomm.dao.impl.AbstractDao;
import jomm.utils.BytesUtils;
import jomm.utils.DesUtils;
import openldap.ILdapManager;
import openldap.LdapManagerFactory;
13,10 → 15,7
import pt.estgp.estgweb.utils.ConfigProperties;
import pt.utl.ist.berserk.logic.serviceManager.IService;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.*;
/*
273,6 → 272,90
DaoFactory.getUserSessionDaoImpl().reattach(userSession);
return userSession;
}
public UserSession loginCertificate(String certificate, UserSession userSession) throws ServiceException
{
if(userSession.getUser() != null)
{
new LogoutService().run(userSession);
}
if(certificate == null || certificate.trim().length() == 0)
throw new AuthenticateException(AuthenticateException.FAIL_AUTHENTICATION);
User u = null;
List<User> users = DaoFactory.getUserDaoImpl().loadByCertificate(certificate);
if(users == null || users.size() > 1 || users.size()== 0)
{
if(users.size() > 1)
logger.error("Erro dois users com o mesmo certificado");
throw new AuthenticateException(AuthenticateException.FAIL_AUTHENTICATION);
}
u = users.get(0);
logger.info("certificate:" + u.getUsername() + " login:certificate:" + certificate);
//CHECK USER BLOCK's
if(!u.isAdmin() && !u.isSuperuser())
{
if(u.isAutoBlockMode() && u.isAutoBlock()
||
!u.isAutoBlockMode() && u.isManualBlock())
{
logger.warn("certificate:" + u.getUsername() + " blocked");
throw new AuthenticateException(AuthenticateException.BLOCKED);
}
}
logger.warn("certificate:" + u.getUsername() + " authenticated");
userSession.setName(u.getName());
userSession.setUsername(u.getUsername());
userSession.setUser(u);
if(u.getRoles() == null || u.getRoles().trim().length() == 0)
u.setRoles(Globals.ROLE_INVITED);
DaoFactory.getUserSessionDaoImpl().reattach(userSession);
return userSession;
}
/**
* Create a new Certificate for usage in URL auto login
*
* @param userId
* @return the certificate string to use in URL
*/
public String createCertificate(long userId)
{
User u = DaoFactory.getUserDaoImpl().load(userId);
return createCertificate(u);
}
/**
* Create a new Certificate for usage in URL auto login
*
* @param user to crate certificate
* @return the certificate string
*/
public String createCertificate(User user)
{
String certificate = user.getId()
+ "-" + System.currentTimeMillis()
+ "-" + Thread.currentThread().hashCode()
+ "-" + Runtime.getRuntime().freeMemory();
String md5 = BytesUtils.getMD5(certificate);
user.setAuthenticationCertificate(md5);
//3600 seconds = 1 hour = 3600.000 milis * 24 = 1 day * 15 = 15 days
long daysInMilis = 3600 * 1000 * 24 * Globals.CERTIFICATES_EXPIRTATION_IN_DAYS;
user.setAuthenticationCertificateExpire(new Date(System.currentTimeMillis()+daysInMilis));
return md5;
}
public static void main(String [] args)
{
AbstractDao.getCurrentSession().beginTransaction();
String certificate = new AuthenticateService().createCertificate(1691);
AbstractDao.getCurrentSession().getTransaction().commit();
}
}

/branches/v3/impl/src/java/pt/estgp/estgweb/domain/dao/impl/UserDaoImpl.java
248,6 → 248,14
return (User) createCriteria().add(eq("sigesCode", sigesCode)).uniqueResult();
}
public List<User> loadByCertificate(String certificate)
{
return createCriteria()
.add(eq("authenticationCertificate", certificate))
.add(gt("authenticationCertificateExpire",new Date()))
.list();
}
// Duarte Santos
public List<User> loadRolesUsers(List<String> roles)

/branches/v3/impl/src/java/pt/estgp/estgweb/web/form/profile/ProfileForm.java
155,10 → 155,10
{
addMessageWithKeys(errors, httpServletRequest, "errors.required","email");
}
if (userView.getPop3password().length() > 0 && !userView.getPop3password().equals(userView.getPop3passwordAgain()))
if (userView.getPop3password() != null && userView.getPop3password().length() > 0 && !userView.getPop3password().equals(userView.getPop3passwordAgain()))
addMessage(errors, httpServletRequest, "errors.diferent.passwords.pop");
else
if (userView.getPassword() != null && userView.getPasswordAgain() != null && !userView.getPassword().equals(userView.getPasswordAgain()))
if (userView.getPassword() != null && userView.getPassword() != null && userView.getPasswordAgain() != null && !userView.getPassword().equals(userView.getPasswordAgain()))
addMessage(errors, httpServletRequest, "errors.diferent.passwords");
return errors;

/branches/v3/impl/src/java/pt/estgp/estgweb/web/UserSessionProxy.java
52,7 → 52,6
{
try
{
IServiceManager sm = ServiceManager.getInstance();
Object[] args = new Object[]{RequestUtils.getRequester(request, response)};
UserSession userSession = (UserSession) sm.execute(RequestUtils.getRequester(request, response),"LoadUserSession",args);

/branches/v3/impl/src/java/pt/estgp/estgweb/web/controllers/authenticate/AuthenticateController.java
79,6 → 79,54
return mapping.findForward("error500");
}
public ActionForward checkin(ActionMapping mapping,
ActionForm form ,
HttpServletRequest request,
HttpServletResponse response)
throws IOException,ServletException
{
String certificate = request.getParameter("certificate");
try
{
IServiceManager sm = ServiceManager.getInstance();
Object[] args = new Object[]{certificate};
UserSession userSession = (UserSession) sm.execute(RequestUtils.getRequester(request, response),"AuthenticateCertificate",args);
request.setAttribute(Globals.USER_SESSION_KEY,userSession);
if(!((UserImpl)userSession.getUser()).isNewUser())
return mapping.findForward("success");
else
{
ProfileForm profileForm = new ProfileForm();
IServiceManager sm2 = ServiceManager.getInstance();
String[] names = new String[]{"serializable"};
Object[] args2 = new Object[]{userSession.getUser().getId()};
UserView uV = (UserView) sm2.execute(RequestUtils.getRequester(request, response),"LoadUserById",args2,names);
profileForm.setUserView(uV);
request.setAttribute("ProfileForm",profileForm);
addMessage(request,"profile.enter.first.time",uV.getName());
return mapping.findForward("firstTimeAuthenticate");
}
}
catch (AuthenticateException e)
{
ActionMessages actionMessages = new ActionMessages();
actionMessages.add(ActionMessages.GLOBAL_MESSAGE,new ActionMessage(e.getMessage()));
saveErrors(request, actionMessages);
return mapping.getInputForward();
}
catch (Throwable e)
{
if(e instanceof NoCookiesException)
return mapping.findForward("errorNoCookies");
logger.fatal(e,e);
}
return mapping.findForward("error500");
}
public ActionForward logout(ActionMapping mapping,
ActionForm form ,
HttpServletRequest request,

/branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/UserRoleProxy.java
128,13 → 128,13
if(locale == null)
return c.getValue();
String msg = null;
if(locale.getCountry().equals("pt"))
if(locale.getLanguage().equals("pt"))
msg = c.getValuePt();
else if(locale.getCountry().equals("en"))
else if(locale.getLanguage().equals("en"))
msg = c.getValueEn();
else if(locale.getCountry().equals("es"))
else if(locale.getLanguage().equals("es"))
msg = c.getValueEs();
else if(locale.getCountry().equals("fr"))
else if(locale.getLanguage().equals("fr"))
msg = c.getValueFr();
if(msg == null || msg.trim().length() == 0)
msg = c.getValue();

/branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/CertificateAuthenticationFilter.java
New file
0,0 → 1,73
package pt.estgp.estgweb.web.filters;
import org.apache.log4j.Logger;
import pt.estgp.estgweb.Globals;
import pt.estgp.estgweb.domain.UserSession;
import pt.estgp.estgweb.web.utils.RequestUtils;
import pt.utl.ist.berserk.logic.serviceManager.IServiceManager;
import pt.utl.ist.berserk.logic.serviceManager.ServiceManager;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
*
* @author Jorge Machado
*/
public class CertificateAuthenticationFilter implements Filter
{
private static Logger logger = Logger.getLogger(CertificateAuthenticationFilter.class);
public CertificateAuthenticationFilter()
{
}
public void init(FilterConfig config)
{
}
/**
* @param resp The servlet response we are processing
* @param req The servlet request we are processing
* @param chain The filter chain we are processing
*
* @exception java.io.IOException if an input/output error occurs
* @exception javax.servlet.ServletException if a servlet error occurs
*/
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String certificate = request.getParameter("certificate");
if(request.getParameter("certificate")!=null)
{
try {
IServiceManager sm = ServiceManager.getInstance();
Object[] args = new Object[]{certificate};
UserSession userSession = (UserSession) sm.execute(RequestUtils.getRequester(request, response),"AuthenticateCertificate",args);
request.setAttribute(Globals.USER_SESSION_KEY,userSession);
} catch (Throwable e) {
logger.error(e,e);
}
}
chain.doFilter(request, response);
}
public void destroy()
{
// Nothing
}
}

/branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/UserSessionFilter.java
140,6 → 140,14
//{
// logger.warn(e);
//}
catch(ServletException e)
{
logger.error(e,e);
if(e.getRootCause() != null)
{
logger.error(e.getRootCause(),e.getRootCause());
}
}
catch (Throwable e)
{
if(e instanceof NoCookiesException)
149,6 → 157,7
else
{
logger.error(e,e);
((HttpServletResponse)response).sendError(500);
}
}