Changeset 25852

Show
Ignore:
Timestamp:
28.06.2012 11:22:44 (7 years ago)
Author:
sjm84
Message:

Fixed email not being properly set in the admin interface. Also increased the maximum password length from 8 to 64. Also made password errors more useful.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java

    r25734 r25852  
    2424public class Authentication extends ServiceRack 
    2525{ 
     26    //Some useful constants 
     27    protected static final int USERNAME_MIN_LENGTH = 2; 
     28    protected static final int USERNAME_MAX_LENGTH = 30; 
     29    protected static final int PASSWORD_MIN_LENGTH = 3; 
     30    protected static final int PASSWORD_MAX_LENGTH = 64; 
     31     
    2632    //Error codes 
    2733    protected static final int NO_ERROR = 0; 
     
    3440    protected static final int ERROR_SQL_EXCEPTION = -7; 
    3541    protected static final int ERROR_INVALID_USERNAME = -8; 
    36     protected static final int ERROR_INVALID_PASSWORD = -9; 
    37     protected static final int ERROR_INCORRECT_PASSWORD = -10; 
    38     protected static final int ERROR_USER_ALREADY_EXISTS = -11; 
    39     protected static final int ERROR_ADDING_USER = -12; 
    40     protected static final int ERROR_REMOVING_USER = -13; 
    41     protected static final int ERROR_CAPTCHA_DOES_NOT_MATCH = -14; 
    42     protected static final int ERROR_CAPTCHA_MISSING = -15; 
    43     protected static final int ERROR_NOT_AUTHORISED = -16; 
     42    protected static final int ERROR_PASSWORD_NOT_ENTERED = -9; 
     43    protected static final int ERROR_PASSWORD_TOO_SHORT = -10; 
     44    protected static final int ERROR_PASSWORD_TOO_LONG = -11; 
     45    protected static final int ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS = -12; 
     46    protected static final int ERROR_INCORRECT_PASSWORD = -13; 
     47    protected static final int ERROR_USER_ALREADY_EXISTS = -14; 
     48    protected static final int ERROR_ADDING_USER = -15; 
     49    protected static final int ERROR_REMOVING_USER = -16; 
     50    protected static final int ERROR_CAPTCHA_DOES_NOT_MATCH = -17; 
     51    protected static final int ERROR_CAPTCHA_MISSING = -18; 
     52    protected static final int ERROR_NOT_AUTHORISED = -19; 
    4453 
    4554    protected static final HashMap<Integer, String> _errorMessageMap; 
     
    5665        errorMessageMap.put(ERROR_SQL_EXCEPTION, "There was an SQL exception while accessing the database."); 
    5766        errorMessageMap.put(ERROR_INVALID_USERNAME, "The username specified was invalid."); 
    58         errorMessageMap.put(ERROR_INVALID_PASSWORD, "The password specified was invalid."); 
     67        errorMessageMap.put(ERROR_PASSWORD_NOT_ENTERED, "No password was entered."); 
     68        errorMessageMap.put(ERROR_PASSWORD_TOO_SHORT, "The password you entered was too short (minimum of 3 characters)."); 
     69        errorMessageMap.put(ERROR_PASSWORD_TOO_LONG, "The password you entered was too long (maximum of 64 characters)."); 
     70        errorMessageMap.put(ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS, "The password you entered contains illegal characters."); 
    5971        errorMessageMap.put(ERROR_INCORRECT_PASSWORD, "The password specified was incorrect."); 
    6072        errorMessageMap.put(ERROR_USER_ALREADY_EXISTS, "This user already exists and therefore cannot be added."); 
     
    463475            String newStatus = (String) paramMap.get("status"); 
    464476            String newComment = (String) paramMap.get("comment"); 
    465             String newEmail = (String) paramMap.get("email"); 
     477            String newEmail = (String) paramMap.get("newEmail"); 
    466478 
    467479            //Check the given user name 
     
    696708    { 
    697709        //Check the given user name 
    698         if ((username == null) || (username.length() < 2) || (username.length() > 30) || (!(Pattern.matches("[a-zA-Z0-9//_//.]+", username)))) 
     710        if ((username == null) || (username.length() < USERNAME_MIN_LENGTH) || (username.length() > USERNAME_MAX_LENGTH) || (!(Pattern.matches("[a-zA-Z0-9//_//.]+", username)))) 
    699711        { 
    700712            return ERROR_INVALID_USERNAME; 
     
    706718    { 
    707719        //Check the given password 
    708         if ((password == null) || (password.length() < 3) || (password.length() > 8) || (!(Pattern.matches("[\\p{ASCII}]+", password)))) 
    709         { 
    710             return ERROR_INVALID_PASSWORD; 
     720        if (password == null) 
     721        { 
     722            return ERROR_PASSWORD_NOT_ENTERED; 
     723        } 
     724        else if (password.length() < PASSWORD_MIN_LENGTH) 
     725        { 
     726            return ERROR_PASSWORD_TOO_SHORT; 
     727        } 
     728        else if (password.length() > PASSWORD_MAX_LENGTH) 
     729        { 
     730            return ERROR_PASSWORD_TOO_LONG; 
     731        } 
     732        else if (!(Pattern.matches("[\\p{ASCII}]+", password))) 
     733        { 
     734            return ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS; 
    711735        } 
    712736        return NO_ERROR;