Context Navigation

source: main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java@ 32413

Last change on this file since 32413 was 32413, checked in by kjdon, 6 years ago
added some extra username checking to make sure it doesn't already exist. merged code for PERFORM_EDIT and PERFORM_ACCOUNT_EDIT as they share a lot of code. added soem extra success 'error messages'
File size: 43.9 KB

Line
1	package org.greenstone.gsdl3.service;
2
3	import java.io.File;
4	import java.io.Serializable;
5	import java.math.BigInteger;
6	import java.sql.SQLException;
7	import java.util.ArrayList;
8	import java.util.HashMap;
9	import java.util.UUID;
10	import java.util.Vector;
11	import java.util.regex.Pattern;
12
13	// for verifying recaptcha
14	import java.io.BufferedReader;
15	import java.io.DataOutputStream;
16	import java.io.IOException;
17	import java.io.InputStreamReader;
18	import java.io.StringReader;
19	import java.net.URL;
20	import javax.net.ssl.HttpsURLConnection;
21	// https://developer.android.com/reference/org/json/JSONObject.html
22	// https://developer.android.com/reference/org/json/JSONArray.html
23	import org.json.JSONArray;
24	import org.json.JSONException;
25	import org.json.JSONObject;
26
27	import org.apache.commons.codec.digest.DigestUtils;
28	import org.greenstone.gsdl3.util.DerbyWrapper;
29	import org.greenstone.gsdl3.util.GSXML;
30	import org.greenstone.gsdl3.util.UserQueryResult;
31	import org.greenstone.gsdl3.util.UserTermInfo;
32	import org.greenstone.gsdl3.util.XMLConverter;
33	import org.greenstone.util.GlobalProperties;
34
35	import org.w3c.dom.Document;
36	import org.w3c.dom.Element;
37	import org.w3c.dom.NodeList;
38
39	public class Authentication extends ServiceRack
40	{
41	//Some useful constants
42	protected static final int USERNAME_MIN_LENGTH = 2;
43	protected static final int USERNAME_MAX_LENGTH = 30;
44	protected static final int PASSWORD_MIN_LENGTH = 3;
45	protected static final int PASSWORD_MAX_LENGTH = 64;
46
47	//Error codes
48	protected static final int NO_ERROR = 0;
49	protected static final int ERROR_NOT_LOGGED_IN = -2;
50	protected static final int ERROR_ADMIN_NOT_LOGGED_IN = -3;
51	protected static final int ERROR_COULD_NOT_GET_USER_INFO = -4;
52	protected static final int ERROR_USERNAME_NOT_SPECIFIED = -5;
53	protected static final int ERROR_USER_NOT_FOUND = -6;
54	protected static final int ERROR_SQL_EXCEPTION = -7;
55	protected static final int ERROR_INVALID_USERNAME = -8;
56	protected static final int ERROR_PASSWORD_NOT_ENTERED = -9;
57	protected static final int ERROR_PASSWORD_TOO_SHORT = -10;
58	protected static final int ERROR_PASSWORD_TOO_LONG = -11;
59	protected static final int ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS = -12;
60	protected static final int ERROR_INCORRECT_PASSWORD = -13;
61	protected static final int ERROR_USER_ALREADY_EXISTS = -14;
62	protected static final int ERROR_ADDING_USER = -15;
63	protected static final int ERROR_REMOVING_USER = -16;
64	protected static final int ERROR_CAPTCHA_FAILED = -17;
65	protected static final int ERROR_CAPTCHA_MISSING = -18;
66	protected static final int ERROR_NOT_AUTHORISED = -19;
67	protected static final int ERROR_MISSING_PARAMS = -20;
68	protected static final int ERROR_SOMETHING_WRONG = -21;
69
70	protected static final HashMap<Integer, String> _errorKeyMap;
71	static
72	{
73	//Corresponding error message keys for looking up in ServiceRack dictionary
74	HashMap<Integer, String> errorKeyMap = new HashMap<Integer, String>();
75	errorKeyMap.put(ERROR_NOT_LOGGED_IN, "auth.error.not_logged_in");
76	errorKeyMap.put(ERROR_ADMIN_NOT_LOGGED_IN, "auth.error.admin_not_logged_in");
77	errorKeyMap.put(ERROR_COULD_NOT_GET_USER_INFO, "auth.error.could_not_get_user_info");
78	errorKeyMap.put(ERROR_USERNAME_NOT_SPECIFIED, "auth.error.username_not_specified");
79	errorKeyMap.put(ERROR_USER_NOT_FOUND, "auth.error.user_not_found");
80	errorKeyMap.put(ERROR_SQL_EXCEPTION, "auth.error.sql_exception");
81	errorKeyMap.put(ERROR_INVALID_USERNAME, "auth.error.invalid_username");
82	errorKeyMap.put(ERROR_PASSWORD_NOT_ENTERED, "auth.error.no_password");
83	errorKeyMap.put(ERROR_PASSWORD_TOO_SHORT, "auth.error.password_too_short");
84	errorKeyMap.put(ERROR_PASSWORD_TOO_LONG, "auth.error.password_too_long");
85	errorKeyMap.put(ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS, "auth.error.password_illegal_chars");
86	errorKeyMap.put(ERROR_INCORRECT_PASSWORD, "auth.error.incorrect_password");
87	errorKeyMap.put(ERROR_USER_ALREADY_EXISTS, "auth.error.user_already_exists");
88	errorKeyMap.put(ERROR_ADDING_USER, "auth.error.add_user_error");
89	errorKeyMap.put(ERROR_REMOVING_USER, "auth.error.remove_user_error");
90	errorKeyMap.put(ERROR_CAPTCHA_FAILED, "auth.error.captcha_failed");
91	errorKeyMap.put(ERROR_CAPTCHA_MISSING, "auth.error.captcha_missing");
92	errorKeyMap.put(ERROR_NOT_AUTHORISED, "auth.error.not_authorised");
93	errorKeyMap.put(ERROR_MISSING_PARAMS, "auth.error.missing_params"); // ???
94	errorKeyMap.put(ERROR_SOMETHING_WRONG, "auth.error.something_wrong");
95	_errorKeyMap = errorKeyMap;
96	}
97
98	//Admin-required operations
99	protected static final String LIST_USERS = "ListUsers";
100	protected static final String PERFORM_ADD = "PerformAdd";
101	protected static final String PERFORM_EDIT = "PerformEdit";
102	protected static final String ADD_USER = "AddUser";
103	protected static final String EDIT_USER = "EditUser";
104	protected static final String PERFORM_DELETE_USER = "PerformDeleteUser";
105
106	protected static final ArrayList<String> _adminOpList;
107	static
108	{
109	ArrayList<String> opList = new ArrayList<String>();
110	opList.add(LIST_USERS);
111	opList.add(PERFORM_ADD);
112	opList.add(PERFORM_EDIT);
113	opList.add(ADD_USER);
114	opList.add(EDIT_USER);
115	opList.add(PERFORM_DELETE_USER);
116
117	_adminOpList = opList;
118	}
119
120	//User-required operations
121	protected static final String ACCOUNT_SETTINGS = "AccountSettings";
122	protected static final String PERFORM_ACCOUNT_EDIT = "PerformAccEdit";
123	protected static final String PERFORM_RESET_PASSWORD = "PerformResetPassword";
124	protected static final String PERFORM_CHANGE_PASSWORD = "PerformChangePassword";
125	protected static final String PERFORM_RETRIEVE_PASSWORD = "PerformRetrievePassword";
126	protected static final ArrayList<String> _userOpList;
127	static
128	{
129	ArrayList<String> opList = new ArrayList<String>();
130	opList.add(ACCOUNT_SETTINGS);
131	opList.add(PERFORM_ACCOUNT_EDIT);
132	opList.add(PERFORM_RESET_PASSWORD);
133	opList.add(PERFORM_CHANGE_PASSWORD);
134	opList.add(PERFORM_RETRIEVE_PASSWORD);
135	opList.addAll(_adminOpList);
136	_userOpList = opList;
137	}
138
139	//Other operations
140	protected static final String REGISTER = "Register"; // displays the register page
141	protected static final String PERFORM_REGISTER = "PerformRegister"; // performs the registration action
142	protected static final String LOGIN = "Login";
143	protected static final String BLANK = "Info"; // a dummy page just for showing an error message
144	//the services on offer
145	protected static final String AUTHENTICATION_SERVICE = "Authentication";
146	protected static final String GET_USER_INFORMATION_SERVICE = "GetUserInformation";
147	protected static final String CHANGE_USER_EDIT_MODE_SERVICE = "ChangeUserEditMode";
148	protected static final String REMOTE_AUTHENTICATION_SERVICE = "RemoteAuthentication";
149
150	protected static boolean _derbyWrapperDoneForcedShutdown = false;
151
152	// some XML strings
153	protected static final String RECAPTCHA_ELEM = "recaptcha";
154	protected static final String SITE_KEY = "site_key";
155	protected static final String SECRET_KEY = "secret_key";
156	protected static final String OPERATIONS = "operations";
157	protected static final String OPERATION = "operation";
158
159	protected static final String USERNAME = "username";
160	protected static final String PREV_USERNAME = "prevUsername";
161	protected static final String NEW_USERNAME = "newUsername";
162	protected static final String PASSWORD = "password";
163	protected static final String OLD_PASSWORD = "oldPassword";
164	protected static final String NEW_PASSWORD = "newPassword";
165
166	protected static final String GROUPS = "groups";
167	protected static final String ENABLED = "enabled";
168	protected static final String COMMENT = "comment";
169	protected static final String STATUS = "status";
170	protected static final String EMAIL = "email";
171	protected static final String NEW_EMAIL = "newEmail";
172	protected static final String ACCOUNT_STATUS = "accountstatus";
173	protected static final String EDIT_ENABLED = "editEnabled";
174
175	protected String _recaptchaSiteKey = null;
176	protected String _recaptchaSecretKey = null;
177	protected static ArrayList<String> _recaptchaOpList = null;
178	/** constructor */
179	public Authentication()
180	{
181	}
182
183	public void cleanUp()
184	{
185	super.cleanUp();
186
187	if (!_derbyWrapperDoneForcedShutdown)
188	{
189
190	// This boolean is used to ensure we always shutdown the derby server, even if it is never
191	// used by the Authentication server. This is because the Tomcat greenstone3.xml
192	// config file also specifies a connection to the database, which can result in the
193	// server being initialized when the servlet is first accessed. Note also,
194	// Authentication is a ServiceRack, meaning cleanUp() is called for each service
195	// supported, however we only need to shutdown the Derby server once. Again
196	// this boolean variable helps achieve this.
197
198	logger.info("Authentication Service performing forced shutdown of Derby Server ...");
199
200	DerbyWrapper.shutdownDatabaseServer();
201	_derbyWrapperDoneForcedShutdown = true;
202	}
203	}
204
205	public boolean configure(Element info, Element extra_info)
206	{
207	logger.info("Configuring Authentication...");
208	this.config_info = info;
209
210	// set up Authentication service info - for now just has name and type
211	Element authentication_service = this.desc_doc.createElement(GSXML.SERVICE_ELEM);
212	authentication_service.setAttribute(GSXML.TYPE_ATT, "authen");
213	authentication_service.setAttribute(GSXML.NAME_ATT, AUTHENTICATION_SERVICE);
214	this.short_service_info.appendChild(authentication_service);
215
216	Element getUserInformation_service = this.desc_doc.createElement(GSXML.SERVICE_ELEM);
217	getUserInformation_service.setAttribute(GSXML.TYPE_ATT, GSXML.SERVICE_TYPE_PROCESS);
218	getUserInformation_service.setAttribute(GSXML.NAME_ATT, GET_USER_INFORMATION_SERVICE);
219	this.short_service_info.appendChild(getUserInformation_service);
220
221	Element changeEditMode_service = this.desc_doc.createElement(GSXML.SERVICE_ELEM);
222	changeEditMode_service.setAttribute(GSXML.TYPE_ATT, GSXML.SERVICE_TYPE_PROCESS);
223	changeEditMode_service.setAttribute(GSXML.NAME_ATT, CHANGE_USER_EDIT_MODE_SERVICE);
224	this.short_service_info.appendChild(changeEditMode_service);
225
226	Element remoteAuthentication_service = this.desc_doc.createElement(GSXML.SERVICE_ELEM);
227	remoteAuthentication_service.setAttribute(GSXML.TYPE_ATT, GSXML.SERVICE_TYPE_PROCESS);
228	remoteAuthentication_service.setAttribute(GSXML.NAME_ATT, REMOTE_AUTHENTICATION_SERVICE);
229	this.short_service_info.appendChild(remoteAuthentication_service);
230
231
232	DerbyWrapper.createDatabaseIfNeeded();
233
234	NodeList recaptchaElems = info.getElementsByTagName(RECAPTCHA_ELEM);
235	for (int i = 0; i < recaptchaElems.getLength(); i++)
236	{
237	Element currentElem = (Element) recaptchaElems.item(i);
238	if (currentElem.getAttribute(GSXML.NAME_ATT).equals(SITE_KEY))
239	{
240	if (!currentElem.getAttribute(GSXML.VALUE_ATT).equals(""))
241	{
242	_recaptchaSiteKey = currentElem.getAttribute(GSXML.VALUE_ATT);
243	}
244	}
245	else if (currentElem.getAttribute(GSXML.NAME_ATT).equals(SECRET_KEY))
246	{
247	if (!currentElem.getAttribute(GSXML.VALUE_ATT).equals(""))
248	{
249	_recaptchaSecretKey = currentElem.getAttribute(GSXML.VALUE_ATT);
250	}
251	}
252	else if (currentElem.getAttribute(GSXML.NAME_ATT).equals(OPERATIONS))
253	{
254	_recaptchaOpList = new ArrayList<String>();
255	String value = currentElem.getAttribute(GSXML.VALUE_ATT);
256	String[] ops = value.split(",");
257	for (int j=0; j<ops.length; j++) {
258	if (!ops[j].equals("")) {
259	_recaptchaOpList.add(ops[j]); /// value checking?
260	}
261	}
262	}
263
264	}
265	// check recaptcha
266	if (_recaptchaSecretKey == null \|\| _recaptchaSecretKey.length() == 0 \|\| _recaptchaSiteKey == null \|\| _recaptchaSiteKey.length() == 0) {
267	_recaptchaOpList = null;
268	}
269
270	return true;
271	}
272
273	protected Element getServiceDescription(Document doc, String service_id, String lang, String subset)
274	{
275
276	Element authen_service = doc.createElement(GSXML.SERVICE_ELEM);
277
278	if (service_id.equals(AUTHENTICATION_SERVICE))
279	{
280	authen_service.setAttribute(GSXML.TYPE_ATT, "authen");
281	authen_service.setAttribute(GSXML.NAME_ATT, AUTHENTICATION_SERVICE);
282	}
283	else if (service_id.equals(GET_USER_INFORMATION_SERVICE))
284	{
285	authen_service.setAttribute(GSXML.TYPE_ATT, GSXML.SERVICE_TYPE_PROCESS);
286	authen_service.setAttribute(GSXML.NAME_ATT, GET_USER_INFORMATION_SERVICE);
287	}
288	else if (service_id.equals(CHANGE_USER_EDIT_MODE_SERVICE))
289	{
290	authen_service.setAttribute(GSXML.TYPE_ATT, GSXML.SERVICE_TYPE_PROCESS);
291	authen_service.setAttribute(GSXML.NAME_ATT, CHANGE_USER_EDIT_MODE_SERVICE);
292	}
293	else if (service_id.equals(REMOTE_AUTHENTICATION_SERVICE))
294	{
295	authen_service.setAttribute(GSXML.TYPE_ATT, GSXML.SERVICE_TYPE_PROCESS);
296	authen_service.setAttribute(GSXML.NAME_ATT, REMOTE_AUTHENTICATION_SERVICE);
297	}
298	else
299	{
300	return null;
301	}
302
303	if (service_id.equals(AUTHENTICATION_SERVICE) && (subset == null \|\| subset.equals(GSXML.DISPLAY_TEXT_ELEM + GSXML.LIST_MODIFIER)))
304	{
305	authen_service.appendChild(GSXML.createDisplayTextElement(doc, GSXML.DISPLAY_TEXT_NAME, getServiceName(service_id, lang)));
306	authen_service.appendChild(GSXML.createDisplayTextElement(doc, GSXML.DISPLAY_TEXT_DESCRIPTION, getServiceDescription(service_id, lang)));
307	}
308	return authen_service;
309	}
310
311	protected String getServiceName(String service_id, String lang)
312	{
313	return getTextString(service_id + ".name", lang);
314	}
315
316	protected String getServiceSubmit(String service_id, String lang)
317	{
318	return getTextString(service_id + ".submit", lang);
319	}
320
321	protected String getServiceDescription(String service_id, String lang)
322	{
323	return getTextString(service_id + ".description", lang);
324	}
325	protected String getErrorTextString(int error_code, String lang) {
326	return getTextString(_errorKeyMap.get(error_code), lang);
327
328	}
329	protected Element processChangeUserEditMode(Element request)
330	{
331	// Create a new (empty) result message
332	Document result_doc = XMLConverter.newDOM();
333	Element result = result_doc.createElement(GSXML.RESPONSE_ELEM);
334
335	result.setAttribute(GSXML.FROM_ATT, CHANGE_USER_EDIT_MODE_SERVICE);
336	result.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
337
338	Element paramList = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
339	if (paramList == null)
340	{
341	logger.error("ChangeUserEditMode request has no param list!!");
342	return result;
343	}
344
345	HashMap<String, Serializable> params = GSXML.extractParams(paramList, true);
346
347	String username = (String) params.get(USERNAME);
348	String editMode = (String) params.get(ENABLED);
349
350	if (!editMode.toLowerCase().equals("true") && !editMode.toLowerCase().equals("false"))
351	{
352	editMode = "false";
353	}
354
355	DerbyWrapper dw = openDatabase();
356	dw.addUserData(username, "USER_EDIT_ENABLED", editMode);
357	dw.closeDatabase();
358
359	return result;
360	}
361
362	/**
363	* This method replaces the gliserver.pl code for authenticating a user against the derby database
364	* gliserver.pl needed to instantiate its own JVM to access the derby DB, but the GS3 already has
365	* the Derby DB open and 2 JVMs are not allowed concurrent access to an open embedded Derby DB.
366	* Gliserver.pl now goes through this method (via ServletRealmCheck.java), thereby using the same
367	* connection to the DerbyDB. This method reproduces the same behaviour as gliserver.pl used to,
368	* by returning the user_groups on successful authentication, else returns the specific
369	* "Authentication failed" messages that glisever.pl would produce.
370	* http://remote-host-name:8383/greenstone3/library?a=s&sa=authenticated-ping&excerptid=gs_content&un=admin&pw=<PW>&col=demo
371	*/
372	protected Element processRemoteAuthentication(Element request) {
373	//logger.info("*** Authentication::processRemoteAuthentication");
374
375	String message = "";
376
377	Element system = (Element) GSXML.getChildByTagName(request, GSXML.REQUEST_TYPE_SYSTEM);
378	String username = system.hasAttribute(USERNAME) ? system.getAttribute(USERNAME) : "";
379	String password = system.hasAttribute(PASSWORD) ? system.getAttribute(PASSWORD) : "";
380
381
382	// If we're not editing a collection then the user doesn't need to be in a particular group
383	String collection = system.hasAttribute("collection") ? system.getAttribute("collection") : "";
384
385
386	if(username.equals("") \|\| password.equals("")) {
387	message = "Authentication failed: no (username or) password specified.";
388	//logger.error("*** Remote login failed. No username or pwd provided");
389	}
390	else {
391	String storedPassword = retrieveDataForUser(username, PASSWORD);
392	if(storedPassword != null && (password.equals(storedPassword) \|\| hashPassword(password).equals(storedPassword))) {
393
394	// gliserver.pl used to return the groups when authentication succeeded
395	String groups = retrieveDataForUser(username, GROUPS); //comma-separated list
396
397	if(collection.equals("")) {
398	message = groups;
399	} else {
400
401	if(groups.indexOf("all-collections-editor") != -1) { // Does this user have access to all collections?
402	message = groups;
403	} else if(groups.indexOf("personal-collections-editor") != -1 && collection.startsWith(username+"-")) { // Does this user have access to personal collections, and is this one?
404	message = groups;
405	} else if(groups.indexOf(collection+"-collection-editor") != -1) { // Does this user have access to this collection?
406	message = groups;
407	}
408	else {
409	message = "Authentication failed: user is not in the required group.";
410	//logger.error("*** Remote login failed. Groups did not match for the collection specified");
411	}
412	}
413
414	} else {
415
416	if(storedPassword == null) {
417	message = "Authentication failed: no account for user '" + username + "'";
418	//logger.error("*** Remote login failed. User not found or password not set for user.");
419	} else {
420	message = "Authentication failed: incorrect password.";
421	//logger.error("*** Remote login failed. Password did not match for user");
422	}
423	}
424	}
425	Document result_doc = XMLConverter.newDOM();
426	Element result = result_doc.createElement(GSXML.RESPONSE_ELEM);
427	result.setAttribute(GSXML.FROM_ATT, REMOTE_AUTHENTICATION_SERVICE);
428	result.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
429	Element s = GSXML.createTextElement(result_doc, GSXML.STATUS_ELEM, message);
430	result.appendChild(s);
431	return result;
432	}
433
434	protected Element processGetUserInformation(Element request)
435	{
436	// Create a new (empty) result message
437	Document result_doc = XMLConverter.newDOM();
438	Element result = result_doc.createElement(GSXML.RESPONSE_ELEM);
439
440	result.setAttribute(GSXML.FROM_ATT, GET_USER_INFORMATION_SERVICE);
441	result.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
442
443	String lang = request.getAttribute(GSXML.LANG_ATT);
444	Element paramList = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
445	if (paramList == null)
446	{
447	logger.error("GetUserInformation request has no param list");
448	return result;
449	}
450
451	HashMap<String, Serializable> params = GSXML.extractParams(paramList, true);
452
453	String username = (String) params.get(USERNAME);
454
455	if (username == null)
456	{
457	GSXML.addError(result, getErrorTextString(ERROR_USERNAME_NOT_SPECIFIED, lang));
458	return result;
459	}
460
461	DerbyWrapper derbyWrapper = openDatabase();
462
463	UserQueryResult userQueryResult = derbyWrapper.findUser(username);
464	String editEnabled = derbyWrapper.getUserData(username, "USER_EDIT_ENABLED");
465
466	Vector<UserTermInfo> terms = userQueryResult.getUserTerms();
467
468	if (terms.size() == 0)
469	{
470	GSXML.addError(result, getErrorTextString(ERROR_USER_NOT_FOUND, lang));
471	return result;
472	}
473
474	UserTermInfo userInfo = terms.get(0);
475	Element userInfoList = result_doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
476	result.appendChild(userInfoList);
477
478	Element usernameField = GSXML.createParameter(result_doc, USERNAME, userInfo.username);
479	Element passwordField = GSXML.createParameter(result_doc, PASSWORD, userInfo.password);
480	Element groupsField = GSXML.createParameter(result_doc, GROUPS, userInfo.groups);
481	Element accountStatusField = GSXML.createParameter(result_doc, ACCOUNT_STATUS, userInfo.accountstatus);
482	Element commentField = GSXML.createParameter(result_doc, COMMENT, userInfo.comment);
483
484	if (editEnabled != null)
485	{
486	Element editEnabledElem = GSXML.createParameter(result_doc, EDIT_ENABLED, editEnabled);
487	userInfoList.appendChild(editEnabledElem);
488	}
489
490	userInfoList.appendChild(usernameField);
491	userInfoList.appendChild(passwordField);
492	userInfoList.appendChild(groupsField);
493	userInfoList.appendChild(accountStatusField);
494	userInfoList.appendChild(commentField);
495
496	derbyWrapper.closeDatabase();
497
498	return result;
499	}
500
501	protected Element processAuthentication(Element request)
502	{
503	checkAdminUserExists();
504
505	// Create a new (empty) result message
506	Document result_doc = XMLConverter.newDOM();
507	Element result = result_doc.createElement(GSXML.RESPONSE_ELEM);
508	result.setAttribute(GSXML.FROM_ATT, AUTHENTICATION_SERVICE);
509	result.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
510
511	// Create an Authentication node put into the result
512	Element authenNode = result_doc.createElement(GSXML.AUTHEN_NODE_ELEM);
513	result.appendChild(authenNode);
514	result.appendChild(getCollectList(result_doc, this.site_home + File.separatorChar + "collect"));
515
516	// Create a service node added into the Authentication node
517	Element serviceNode = result_doc.createElement(GSXML.SERVICE_ELEM);
518	authenNode.appendChild(serviceNode);
519
520	// Get the parameters of the request
521	String lang = request.getAttribute(GSXML.LANG_ATT);
522	Element param_list = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
523	if (param_list == null)
524	{
525	serviceNode.setAttribute(OPERATION, BLANK);
526	logger.error("Authentication request has no param list");
527	return result; // Return the empty result
528	}
529	HashMap<String, Serializable> paramMap = GSXML.extractParams(param_list, false);
530	String op = (String) paramMap.get("authpage");
531	serviceNode.setAttribute(OPERATION, op);
532
533	String username = null;
534	String groups = null;
535
536	Element userInformation = (Element) GSXML.getChildByTagName(request, GSXML.USER_INFORMATION_ELEM);
537	if (userInformation != null)
538	{
539	username = userInformation.getAttribute(GSXML.USERNAME_ATT);
540	groups = userInformation.getAttribute(GSXML.GROUPS_ATT);
541	}
542	logger.error("username="+username+", groups = "+groups);
543	if ((userInformation == null \|\| username == null) && _userOpList.contains(op))
544	{
545	// its an operation that requires the user to be logged on - direct them to login page
546	serviceNode.setAttribute(OPERATION, LOGIN);
547	if (_recaptchaOpList != null && _recaptchaOpList.contains(LOGIN)) {
548	serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey);
549	}
550	GSXML.addError(result, getErrorTextString(ERROR_NOT_LOGGED_IN, lang));
551	return result;
552	}
553
554	if (_adminOpList.contains(op) && (groups == null \|\| !groups.matches(".\\badministrator\\b.")))
555	{
556	// actually, the user needs to be an admin user and they are not
557	serviceNode.setAttribute(OPERATION, LOGIN);
558	if (_recaptchaOpList != null && _recaptchaOpList.contains(LOGIN)) {
559	serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey);
560	}
561	GSXML.addError(result, getErrorTextString(ERROR_ADMIN_NOT_LOGGED_IN, lang));
562	return result;
563	}
564
565	if (_recaptchaOpList != null && _recaptchaOpList.contains(op)) {
566	serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey);
567	}
568
569	if (op.equals(LIST_USERS))
570	{
571	int error = addUserInformationToNode(null, serviceNode);
572	if (error != NO_ERROR)
573	{
574	serviceNode.setAttribute(OPERATION, BLANK);
575	GSXML.addError(result, getErrorTextString(error, lang));
576	}
577	return result;
578
579	}
580
581	if (op.equals(PERFORM_ADD))
582	{
583	String newUsername = (String) paramMap.get(USERNAME);
584	String newPassword = (String) paramMap.get(PASSWORD);
585	String newGroups = (String) paramMap.get(GROUPS);
586	String newStatus = (String) paramMap.get(STATUS);
587	String newComment = (String) paramMap.get(COMMENT);
588	String newEmail = (String) paramMap.get(EMAIL);
589
590	if (_recaptchaOpList != null && _recaptchaOpList.contains(ADD_USER)) {
591	serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey);
592	}
593	//Check the given user name
594	int error;
595	if (checkUserExists(newUsername)) {
596	error = ERROR_USER_ALREADY_EXISTS;
597	} else {
598	error = checkUsername(newUsername);
599	}
600	if (error != NO_ERROR)
601	{
602	serviceNode.setAttribute(OPERATION, ADD_USER);
603	GSXML.addError(result, getErrorTextString(error, lang));
604	return result;
605	}
606
607	//Check the given password
608	if ((error = checkPassword(newPassword)) != NO_ERROR)
609	{
610	serviceNode.setAttribute(OPERATION, ADD_USER);
611	GSXML.addError(result, getErrorTextString(error, lang));
612	return result;
613	}
614
615	newPassword = hashPassword(newPassword);
616
617	error = addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail);
618	if (error != NO_ERROR)
619	{
620	serviceNode.setAttribute(OPERATION, ADD_USER);
621	GSXML.addError(result, getErrorTextString(error, lang));
622	}
623	else
624	{
625	addUserInformationToNode(null, serviceNode);
626	serviceNode.setAttribute(OPERATION, LIST_USERS);
627	}
628	return result;
629	}
630
631	if (op.equals(REGISTER)) {
632	// don't need any additional info
633	return result;
634	}
635	if (op.equals(PERFORM_REGISTER))
636	{
637	String newUsername = (String) paramMap.get(USERNAME);
638	String newPassword = (String) paramMap.get(PASSWORD);
639	String newEmail = (String) paramMap.get(EMAIL);
640
641	//Check the given details
642	int error;
643	if (checkUserExists(newUsername)) {
644	error = ERROR_USER_ALREADY_EXISTS;
645	} else {
646	error = checkUsername(newUsername);
647	}
648	if (error == NO_ERROR) {
649	if ((error = checkPassword(newPassword)) == NO_ERROR) {
650	newPassword = hashPassword(newPassword);
651	if (_recaptchaOpList != null && _recaptchaOpList.contains(REGISTER)) {
652	String user_response = (String) paramMap.get("g-recaptcha-response");
653	if ((error= verifyRecaptcha(_recaptchaSecretKey, user_response)) == NO_ERROR) {
654	error = addUser(newUsername, newPassword, "", "true", "", newEmail);
655	}
656	}
657	}
658	}
659
660	if (error != NO_ERROR)
661	{
662	serviceNode.setAttribute(OPERATION, REGISTER);
663	if (_recaptchaOpList != null && _recaptchaOpList.contains(REGISTER)) {
664	serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey);
665	}
666	GSXML.addError(result, getErrorTextString(error, lang));
667	}
668	// otherwise everything hunky dory and we return result
669	return result;
670	}
671
672	// PERFORM_EDIT is caled when admin is running EditUser, and PERFORM_ACCOUNT_EDIT is called when a user is running AccountSettings to change their own details
673	if (op.equals(PERFORM_EDIT) \|\| op.equals(PERFORM_ACCOUNT_EDIT)) {
674
675	String parent_op = EDIT_USER;
676	if (op.equals(PERFORM_ACCOUNT_EDIT)) {
677	parent_op = ACCOUNT_SETTINGS;
678	}
679	String previousUsername = (String) paramMap.get(PREV_USERNAME);
680	String newUsername = (String) paramMap.get(NEW_USERNAME);
681	int error;
682	// Has the user name been changed? Make sure it doesn't already exist and is a valid username
683	if (previousUsername == null) {
684	// we have ended up here by mistake (via s1.authpage which is no longer valid)
685	serviceNode.setAttribute(OPERATION, BLANK);
686	GSXML.addError(result, getErrorTextString(ERROR_SOMETHING_WRONG, lang));
687	return result;
688	}
689
690	if (!previousUsername.equals(newUsername)) {
691
692	error = NO_ERROR;
693	if (checkUserExists(newUsername)) {
694	error = ERROR_USER_ALREADY_EXISTS;
695	} else {
696	error = checkUsername(newUsername);
697	}
698	if (error != NO_ERROR) {
699	addUserInformationToNode(previousUsername, serviceNode);
700	serviceNode.setAttribute(OPERATION, parent_op);
701	GSXML.addError(result, getErrorTextString(error, lang));
702	return result;
703	}
704	}
705
706	// password checking
707	String newPassword;
708	if (op.equals(PERFORM_EDIT)) {
709	newPassword = (String) paramMap.get(PASSWORD);
710	} else {
711	newPassword = (String) paramMap.get(NEW_PASSWORD);
712	}
713	if (newPassword == null) {
714	// we are not changing the password
715	newPassword = retrieveDataForUser(previousUsername, PASSWORD);
716	} else {
717	// we need to check the old one
718	if (op.equals(PERFORM_ACCOUNT_EDIT)) {
719	// check that they entered their old password correctly
720	String prevPassword = retrieveDataForUser(previousUsername, PASSWORD);
721	String oldPassword = (String) paramMap.get(OLD_PASSWORD);
722	oldPassword = hashPassword(oldPassword);
723	if (oldPassword == null \|\| !oldPassword.equals(prevPassword)) {
724
725	addUserInformationToNode(previousUsername, serviceNode);
726	serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS);
727	GSXML.addError(result, getErrorTextString(ERROR_INCORRECT_PASSWORD, lang), "INCORRECT_PASSWORD");
728	return result;
729	}
730	}
731	// need to make sure the new password is a valid password
732	if ((error = checkPassword(newPassword)) != NO_ERROR) {
733
734	addUserInformationToNode(previousUsername, serviceNode);
735	serviceNode.setAttribute(OPERATION, parent_op);
736	GSXML.addError(result, getErrorTextString(error, lang));
737	return result;
738	}
739	newPassword = hashPassword(newPassword);
740
741	}
742
743	// are we using recaptcha for AccountSettings or EditUser?
744	if (_recaptchaOpList != null && _recaptchaOpList.contains(parent_op)) {
745	String user_response = (String) paramMap.get("g-recaptcha-response");
746	if ((error= verifyRecaptcha(_recaptchaSecretKey, user_response)) != NO_ERROR) {
747	addUserInformationToNode(previousUsername, serviceNode);
748	serviceNode.setAttribute(OPERATION, parent_op);
749	serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey);
750	GSXML.addError(result, getErrorTextString(error, lang));
751	return result;
752	}
753	}
754
755	groups = null;
756	String status = null;
757	String comment = null;
758	String email = (String) paramMap.get(NEW_EMAIL);
759	if (op.equals(PERFORM_EDIT)) {
760	groups = (String) paramMap.get(GROUPS);
761	status = (String) paramMap.get(STATUS);
762	comment = (String) paramMap.get(COMMENT);
763
764	} else {
765	groups = retrieveDataForUser(previousUsername, GROUPS);
766	status = retrieveDataForUser(previousUsername, STATUS);
767	comment = retrieveDataForUser(previousUsername, COMMENT);
768	}
769
770
771	error = removeUser(previousUsername);
772	if (error != NO_ERROR) {
773	addUserInformationToNode(previousUsername, serviceNode);
774	serviceNode.setAttribute(OPERATION, parent_op);
775	GSXML.addError(result, getErrorTextString(error, lang));
776	return result;
777	}
778
779	error = addUser(newUsername, newPassword, groups, status, comment, email);
780	if (error != NO_ERROR) {
781
782	// oh dear. we have removed previous data, but were unable to add new data. The user is now gone :-(
783	serviceNode.setAttribute(OPERATION, BLANK);
784	GSXML.addError(result, getErrorTextString(error, lang));
785	}
786	else {
787	if (op.equals(PERFORM_ACCOUNT_EDIT)) {
788	addUserInformationToNode(newUsername, serviceNode);
789	serviceNode.setAttribute(OPERATION, parent_op);
790	if (_recaptchaOpList != null && _recaptchaOpList.contains(parent_op)) {
791	serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey);
792	}
793	GSXML.addError(result, getTextString("auth.success.account_settings", lang));
794
795	} else {
796
797	addUserInformationToNode(null, serviceNode);
798	serviceNode.setAttribute(OPERATION, LIST_USERS);
799	String [] args = {newUsername};
800	GSXML.addError(result, getTextString("auth.success.edit_user", lang, args));
801	}
802
803	}
804	return result;
805	}
806	if (op.equals(PERFORM_RETRIEVE_PASSWORD))
807	{
808	return result;
809	}
810	if (op.equals(PERFORM_CHANGE_PASSWORD))
811	{
812	serviceNode.setAttribute(OPERATION, PERFORM_CHANGE_PASSWORD);
813	String user_name = (String) paramMap.get(USERNAME);
814	String oldPassword = (String) paramMap.get(OLD_PASSWORD);
815	String newPassword = (String) paramMap.get(NEW_PASSWORD);
816	if (user_name == null \|\| oldPassword == null \|\| newPassword == null)
817	{
818	GSXML.addError(result, getErrorTextString(ERROR_MISSING_PARAMS, lang));
819	return result;
820	}
821
822	String prevPassword = retrieveDataForUser(user_name, PASSWORD);
823	if (!hashPassword(oldPassword).equals(prevPassword))
824	{
825	addUserInformationToNode(user_name, serviceNode);
826	GSXML.addError(result, getErrorTextString(ERROR_INCORRECT_PASSWORD, lang), "INCORRECT_PASSWORD");
827	return result;
828	}
829
830	//Check the given password
831	int error;
832	if ((error = checkPassword(newPassword)) != NO_ERROR)
833	{
834	GSXML.addError(result, getErrorTextString(error, lang));
835	return result;
836	}
837
838	DerbyWrapper derbyWrapper = openDatabase();
839	String chpa_groups = retrieveDataForUser(user_name, GROUPS);
840	String chpa_comment = "password_changed_by_user";
841	String info = derbyWrapper.modifyUserInfo(user_name, hashPassword(newPassword), chpa_groups, null, chpa_comment, null);
842	derbyWrapper.closeDatabase();
843	if (info != "succeed")
844	{//see DerbyWrapper.modifyUserInfo
845	GSXML.addError(result, info);
846	return result;
847	}
848	return result;
849	}
850	if (op.equals(EDIT_USER))
851	{
852	String editUsername = (String) paramMap.get(USERNAME);
853	int error = addUserInformationToNode(editUsername, serviceNode);
854	if (error != NO_ERROR)
855	{
856	GSXML.addError(result, getErrorTextString(error, lang));
857	}
858	return result;
859	}
860	if (op.equals(ACCOUNT_SETTINGS))
861	{
862	String editUsername = (String) paramMap.get(USERNAME);
863
864	if (editUsername == null)
865	{
866	serviceNode.setAttribute(OPERATION, "");
867	GSXML.addError(result, getErrorTextString(ERROR_USERNAME_NOT_SPECIFIED, lang));
868	return result;
869	}
870
871	if (!editUsername.equals(username))
872	{
873	serviceNode.setAttribute(OPERATION, LOGIN);
874	GSXML.addError(result, getErrorTextString(ERROR_NOT_AUTHORISED, lang));
875	return result;
876	}
877	int error = addUserInformationToNode(editUsername, serviceNode);
878	if (error != NO_ERROR)
879	{
880	GSXML.addError(result, getErrorTextString(error, lang));
881	}
882	return result;
883	}
884	if (op.equals(PERFORM_RESET_PASSWORD))
885	{
886	String passwordResetUser = (String) paramMap.get(USERNAME);
887
888	String newPassword = UUID.randomUUID().toString();
889	newPassword = newPassword.substring(0, newPassword.indexOf("-"));
890
891	String email = retrieveDataForUser(passwordResetUser, EMAIL);
892	String from = "[email protected]";
893	String host = request.getAttribute("remoteAddress");
894
895	//TODO: FINISH THIS
896	return result;
897	}
898	if (op.equals(PERFORM_DELETE_USER))
899	{
900	String usernameToDelete = (String) paramMap.get(USERNAME);
901	int error = removeUser(usernameToDelete);
902	if (error != NO_ERROR)
903	{
904	GSXML.addError(result, getErrorTextString(error, lang));
905	}
906	addUserInformationToNode(null, serviceNode);
907	serviceNode.setAttribute(OPERATION, LIST_USERS);
908	String[] args = {usernameToDelete};
909	GSXML.addError(result, getTextString("auth.success.delete_user", lang, args));
910	return result;
911	}
912
913	return result; // or should we return null, as we haven't recognised the operation??
914	}
915
916	public int checkUsernameAndPassword(String username, String password)
917	{
918	int uResult = checkUsername(username);
919	int pResult = checkPassword(password);
920
921	return (uResult != NO_ERROR ? uResult : (pResult != NO_ERROR ? pResult : NO_ERROR));
922	}
923
924	public int checkUsername(String username)
925	{
926	//Check the given user name
927	if ((username == null) \|\| (username.length() < USERNAME_MIN_LENGTH) \|\| (username.length() > USERNAME_MAX_LENGTH) \|\| (!(Pattern.matches("[a-zA-Z0-9//_//.]+", username))))
928	{
929	return ERROR_INVALID_USERNAME;
930	}
931	return NO_ERROR;
932	}
933
934	public int checkPassword(String password)
935	{
936	//Check the given password
937	if (password == null)
938	{
939	return ERROR_PASSWORD_NOT_ENTERED;
940	}
941	else if (password.length() < PASSWORD_MIN_LENGTH)
942	{
943	return ERROR_PASSWORD_TOO_SHORT;
944	}
945	else if (password.length() > PASSWORD_MAX_LENGTH)
946	{
947	return ERROR_PASSWORD_TOO_LONG;
948	}
949	else if (!(Pattern.matches("[\\p{ASCII}]+", password)))
950	{
951	return ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS;
952	}
953	return NO_ERROR;
954	}
955
956	public static String hashPassword(String password)
957	{
958	return DigestUtils.sha1Hex(password);
959	}
960
961	public int verifyRecaptcha(String secret_key, String user_response) {
962
963	if (user_response == null \|\| user_response.length() == 0) {
964	return ERROR_CAPTCHA_MISSING;
965	}
966
967	try{
968
969	URL obj = new URL("https://www.google.com/recaptcha/api/siteverify");
970	HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
971
972	// add reuqest header
973	con.setRequestMethod("POST");
974	con.setRequestProperty("User-Agent", "Mozilla/5.0");
975	con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
976
977	String postParams = "secret=" + secret_key + "&response="
978	+ user_response;
979
980	// Send post request
981	con.setDoOutput(true);
982	DataOutputStream wr = new DataOutputStream(con.getOutputStream());
983	wr.writeBytes(postParams);
984	wr.flush();
985	wr.close();
986
987	int responseCode = con.getResponseCode();
988	//System.out.println("\nSending 'POST' request to URL : https://www.google.com/recaptcha/api/siteverify");// + url);
989	//System.out.println("Post parameters : " + postParams);
990	//System.out.println("Response Code : " + responseCode);
991
992	BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
993	String inputLine;
994	StringBuffer response = new StringBuffer();
995
996	while ((inputLine = in.readLine()) != null) {
997	response.append(inputLine);
998	}
999	in.close();
1000
1001	// print result
1002	//System.out.println(response.toString());
1003
1004	JSONObject json_obj = new JSONObject(response.toString());
1005	boolean res = json_obj.getBoolean("success");
1006	if (res) {
1007	return NO_ERROR;
1008	} else {
1009	return ERROR_CAPTCHA_FAILED;
1010	}
1011	}catch(Exception e){
1012	e.printStackTrace();
1013	return ERROR_CAPTCHA_FAILED;
1014	}
1015
1016	}
1017	// This method can also be used for printing out the password in hex (in case
1018	// the password used the UTF-8 Charset), or the hex values in any unicode string.
1019	// From http://stackoverflow.com/questions/923863/converting-a-string-to-hexadecimal-in-java
1020	public static String toHex(String arg)
1021	{
1022	try
1023	{
1024	return String.format("%x", new BigInteger(arg.getBytes("US-ASCII"))); // set to same charset as used by hashPassword
1025	}
1026	catch (Exception e)
1027	{ // UnsupportedEncodingException
1028	e.printStackTrace();
1029	}
1030	return "Unable to print";
1031	}
1032
1033	private void checkAdminUserExists()
1034	{
1035	DerbyWrapper derbyWrapper = openDatabase();
1036	UserQueryResult userQueryResult = derbyWrapper.findUser(null, null);
1037	derbyWrapper.closeDatabase();
1038
1039	if (userQueryResult != null)
1040	{
1041	Vector userInfo = userQueryResult.users;
1042
1043	boolean adminFound = false;
1044	for (int i = 0; i < userQueryResult.getSize(); i++)
1045	{
1046	if (((UserTermInfo) userInfo.get(i)).groups != null && ((UserTermInfo) userInfo.get(i)).groups.matches(".\\badministrator\\b."))
1047	{
1048	adminFound = true;
1049	}
1050	}
1051
1052	if (!adminFound)
1053	{
1054	addUser("admin", "admin", "administrator", "true", "Change the password for this account as soon as possible", "");
1055	}
1056	}
1057	}
1058
1059	private DerbyWrapper openDatabase()
1060	{
1061	// check the usersDb database, if it isn't existing, check the etc dir, create the etc dir if it isn't existing, then create the user database and add a "admin" user
1062	String usersDB_dir = GlobalProperties.getGSDL3Home() + File.separatorChar + "etc" + File.separatorChar + "usersDB";
1063	DerbyWrapper derbyWrapper = new DerbyWrapper(usersDB_dir);
1064	return derbyWrapper;
1065	}
1066
1067	private int addUserInformationToNode(String username, Element serviceNode)
1068	{
1069	DerbyWrapper derbyWrapper = openDatabase();
1070	UserQueryResult userQueryResult = derbyWrapper.findUser(username, null);
1071	derbyWrapper.closeDatabase();
1072
1073	if (userQueryResult != null)
1074	{
1075	Element user_node = getUserNodeList(serviceNode.getOwnerDocument(), userQueryResult);
1076	serviceNode.appendChild(user_node);
1077	return NO_ERROR;
1078	}
1079
1080	return ERROR_COULD_NOT_GET_USER_INFO;
1081	}
1082
1083	private int removeUser(String username)
1084	{
1085	if (username == null)
1086	{
1087	return ERROR_USERNAME_NOT_SPECIFIED;
1088	}
1089
1090	DerbyWrapper derbyWrapper = openDatabase();
1091	boolean success = derbyWrapper.deleteUser(username);
1092	derbyWrapper.closeDatabase();
1093
1094	if (success)
1095	{
1096	return NO_ERROR;
1097	}
1098
1099	return ERROR_REMOVING_USER;
1100	}
1101
1102	private int addUser(String newUsername, String newPassword, String newGroups, String newStatus, String newComment, String newEmail)
1103	{
1104	newGroups = newGroups.replaceAll(" ", "");
1105
1106	//Check if the user already exists
1107	DerbyWrapper derbyWrapper = openDatabase();
1108	UserQueryResult userQueryResult = derbyWrapper.findUser(newUsername, null);
1109
1110	if (userQueryResult != null)
1111	{
1112	derbyWrapper.closeDatabase();
1113	return ERROR_USER_ALREADY_EXISTS;
1114	}
1115	else
1116	{
1117	boolean success = derbyWrapper.addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail);
1118	derbyWrapper.closeDatabase();
1119
1120	if (!success)
1121	{
1122	return ERROR_ADDING_USER;
1123	}
1124	}
1125
1126	return NO_ERROR;
1127	}
1128
1129	private boolean checkUserExists(String username)
1130	{
1131	boolean check_status = false;
1132
1133	DerbyWrapper derbyWrapper = openDatabase();
1134	try
1135	{
1136	UserQueryResult result = derbyWrapper.findUser(username);
1137
1138	if (result != null)
1139	{
1140	check_status = true;
1141	}
1142
1143	}
1144	catch (Exception ex)
1145	{
1146	// some error occurred accessing the database
1147	ex.printStackTrace();
1148	}
1149	derbyWrapper.closeDatabase();
1150
1151	return check_status;
1152	}
1153
1154	private String retrieveDataForUser(String username, String dataType)
1155	{
1156	openDatabase();
1157
1158	String data = null;
1159
1160	try
1161	{
1162	DerbyWrapper derbyWrapper = openDatabase();
1163	UserQueryResult result = derbyWrapper.findUser(username);
1164	derbyWrapper.closeDatabase();
1165	Vector userInfo = result.users;
1166
1167	for (int i = 0; i < result.getSize(); i++)
1168	{
1169	if (dataType.equals(PASSWORD))
1170	{
1171	data = ((UserTermInfo) userInfo.get(i)).password;
1172	break;
1173	}
1174	else if (dataType.equals(GROUPS))
1175	{
1176	data = ((UserTermInfo) userInfo.get(i)).groups;
1177	break;
1178	}
1179	else if (dataType.equals(STATUS))
1180	{
1181	data = ((UserTermInfo) userInfo.get(i)).accountstatus;
1182	break;
1183	}
1184	else if (dataType.equals(COMMENT))
1185	{
1186	data = ((UserTermInfo) userInfo.get(i)).comment;
1187	break;
1188	}
1189	else if (dataType.equals(EMAIL))
1190	{
1191	data = ((UserTermInfo) userInfo.get(i)).email;
1192	break;
1193	}
1194	}
1195	}
1196	catch (Exception ex)
1197	{
1198	ex.printStackTrace();
1199	}
1200
1201	return data;
1202	}
1203
1204	private Element getUserNodeList(Document doc, UserQueryResult userQueryResult)
1205	{
1206	Element user_list_node = doc.createElement(GSXML.USER_NODE_ELEM + GSXML.LIST_MODIFIER);
1207
1208	Vector userInfo = userQueryResult.users;
1209
1210	for (int i = 0; i < userQueryResult.getSize(); i++)
1211	{
1212	Element user_node = doc.createElement(GSXML.USER_NODE_ELEM);
1213	String username = ((UserTermInfo) userInfo.get(i)).username;
1214	String groups = ((UserTermInfo) userInfo.get(i)).groups;
1215	String accountstatus = ((UserTermInfo) userInfo.get(i)).accountstatus;
1216	String comment = ((UserTermInfo) userInfo.get(i)).comment;
1217	String email = ((UserTermInfo) userInfo.get(i)).email;
1218	user_node.setAttribute(USERNAME, username);
1219	user_node.setAttribute(GROUPS, groups);
1220	user_node.setAttribute(STATUS, accountstatus);
1221	user_node.setAttribute(COMMENT, comment);
1222	user_node.setAttribute(EMAIL, email);
1223
1224	user_list_node.appendChild(user_node);
1225	}
1226	return user_list_node;
1227	}
1228
1229	private Element getCollectList(Document doc, String collect)
1230	{
1231	Element collect_list_node = doc.createElement(GSXML.COLLECTION_ELEM + GSXML.LIST_MODIFIER);
1232	File[] collect_dir = (new File(collect)).listFiles();
1233	if (collect_dir != null && collect_dir.length > 0)
1234	{
1235	for (int i = 0; i < collect_dir.length; i++)
1236	{
1237	if (collect_dir[i].isDirectory() && (!collect_dir[i].getName().startsWith(".svn")))
1238	{
1239	Element collect_node = doc.createElement(GSXML.COLLECTION_ELEM);
1240	collect_node.setAttribute(GSXML.NAME_ATT, collect_dir[i].getName());
1241	collect_list_node.appendChild(collect_node);
1242	}
1243	}
1244	}
1245	return collect_list_node;
1246	}
1247
1248
1249	// main() method - calls hashPassword() on any String argument, printing this to stdout
1250	// This main() is invoked by gliserver.pl perl code to encrypt passwords identically to Java code.
1251	public static void main(String[] args)
1252	{
1253	if (args.length < 1)
1254	{
1255	System.err.println("Usage: Authentication <string to encrypt>");
1256	System.exit(-1);
1257	}
1258	// just hash the first argument
1259	String hash = Authentication.hashPassword(args[0]);
1260	System.out.println(hash);
1261	}
1262	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: