- Timestamp:
- 2007-08-09T09:04:51+12:00 (17 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
greenstone3/trunk/src/java/org/greenstone/gsdl3/service/Authentication.java
r14347 r14349 175 175 Element service_node = this.doc.createElement(GSXML.SERVICE_ELEM); 176 176 authen_node.appendChild(service_node); 177 // add the authentication procedure to the service node178 177 service_node.setAttribute("aup",aup); 179 // the user recordes got from the users table178 // user's info 180 179 UserQueryResult userQueryResult=null; 181 180 182 // check the usersDb database, if it isn't existing, c reate one and add a "admin" user181 // check the usersDb database, if it isn't existing, check the etc dir, create the etc dir if it isn't existing, then create the user database and add a "admin" user 183 182 String usersDB_dir = this.site_home + File.separatorChar + "etc" + File.separatorChar + "usersDB"; 184 183 DerbyWrapper derbyWrapper=new DerbyWrapper(); … … 202 201 // Action: login 203 202 if (aup.equals("Login")){ 204 if (uan.equals("")){ 205 206 207 208 } 209 210 // if the current procedure requires authentication(uan=1),but the user hasn't been authenticated(asn=0),will ask the userto login first203 if (uan.equals("")){ //return a login page, if the user's name is not given 204 service_node.setAttribute("info","Login"); 205 derbyWrapper.closeDatabase(); 206 return result; 207 } 208 209 // if the authentication(uan=1) is required,but the user hasn't been authenticated(asn=0),the user is asked to login first 211 210 if ((uan.equals("1") && asn.equals("0"))) { 212 211 if ((un.length()==0) && (pw.length()==0)){ 213 212 service_node.setAttribute("asn","0"); 214 213 service_node.setAttribute("info","Login"); 215 214 derbyWrapper.closeDatabase(); 216 215 return result; 217 216 } … … 223 222 return result; 224 223 }else{ 225 userQueryResult=derbyWrapper.findUser(un,pw); 226 derbyWrapper.closeDatabase(); 224 userQueryResult=derbyWrapper.findUser(un,pw);//looking for the user from the users table 227 225 service_node.setAttribute(GSXML.NAME_ATT,"Authentication"); 228 229 226 service_node.setAttribute("un",un); 230 // service_node.setAttribute("asn",asn);231 227 if (userQueryResult==null){ 232 asn="0";//the user isn't a vaild user233 service_node.setAttribute("asn","0"); // either unsername or password is wrong234 service_node.setAttribute("err","un-pw-err"); 228 //the user isn't a vaild user 229 service_node.setAttribute("asn","0"); 230 service_node.setAttribute("err","un-pw-err");// either unsername or password is wrong 235 231 service_node.setAttribute("info","Login"); 236 232 derbyWrapper.closeDatabase(); … … 241 237 String groups=((UserTermInfo)userInfo.get(0)).groups_; 242 238 String accountstatus=((UserTermInfo)userInfo.get(0)).accountstatus_; 239 if (accountstatus.trim().equals("false")){ 240 service_node.setAttribute("asn","0"); 241 service_node.setAttribute("err","as-false");//the account status is false 242 service_node.setAttribute("info","Login"); 243 derbyWrapper.closeDatabase(); 244 return result; 245 } 243 246 String[] groups_array=groups.split(","); 244 247 for (int i=0; i<groups_array.length;i++){ 245 if ((groups_array[i].trim().toLowerCase()).equals("administrator")){ 246 if (accountstatus.trim().equals("true")){ 247 asn="1"; 248 service_node.setAttribute("asn","1"); 249 break; 250 } 248 if ((groups_array[i].trim().toLowerCase()).equals("administrator")){// check whether the user is in the administrator group 249 asn="1"; 250 service_node.setAttribute("asn","1"); 251 break; 251 252 } 252 253 } … … 258 259 } 259 260 } 260 //asn=0 couldn't find the user 261 if (asn.equals("0")){ 262 service_node.setAttribute("info","Login"); 263 service_node.setAttribute("err","not-authen"); 264 derbyWrapper.closeDatabase(); 265 return result; 266 } 261 267 262 //asn!=0 This is a valid user 268 263 if (!asn.equals("0")){ … … 283 278 } 284 279 285 //valid users can't list all users because they aren't in the administrator group(asn=2)280 //valid users but not in the administrator group(asn=2), they cannot list all users 286 281 if (asn.equals("2")){ 287 282 service_node.setAttribute("info","Login"); … … 292 287 return result; 293 288 } 294 //valid users are in the administrator group, they can list all users(asn=1)289 //valid users belong to the administrator group(asn=1), they can list all users 295 290 if (asn.equals("1")){ 296 291 userQueryResult=derbyWrapper.findUser(null,null); … … 316 311 //Action : adduder 317 312 if (aup.equals("AddUser")){ 313 if (asn.equals("") && un.equals("")){ 314 service_node.setAttribute("info","Login"); 315 derbyWrapper.closeDatabase(); 316 return result; 317 } 318 318 //valid users can't add a new user because they aren't in the administrator group(asn=2) 319 319 if (asn.equals("2")){ … … 541 541 } 542 542 543 544 545 546 547 548 543 if (!pw.equals(umpw) && umpw.length()>0){ 544 service_node.setAttribute("info","modify_interface"); 545 service_node.setAttribute("err","pw-umpw-nm-err");//if the original password is not match 546 derbyWrapper.closeDatabase(); 547 return result; 548 } 549 549 550 if ((umpw1.length()==0) || (umpw2.length()==0)){ 551 service_node.setAttribute("info","modify_interface"); 552 service_node.setAttribute("err","umpw1-umpw2-null-err");//if one of the password strings is none,return the err info back 553 derbyWrapper.closeDatabase(); 554 return result; 555 } 556 557 if(!umpw1.equals(umpw2)){ 558 service_node.setAttribute("info","modify_interface"); 559 service_node.setAttribute("err","umpw1-umpw2-nm-err");//if one of the password strings is none,return the err info back 560 derbyWrapper.closeDatabase(); 561 return result; 562 } 563 564 if (umpw.length()==0){ 565 service_node.setAttribute("info","modify_interface"); 566 service_node.setAttribute("err","umpw-null-err");//if one of the password strings is none,return the err info back 567 derbyWrapper.closeDatabase(); 568 return result; 569 } 570 //check the new password and the retyped password 571 if ((umpw1==null) || (umpw1.length()<3) || (umpw1.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw1)))){ 572 service_node.setAttribute("info","modify_interface"); 573 service_node.setAttribute("err","umpw1-err");// the new password is illegal 574 derbyWrapper.closeDatabase(); 575 return result; 550 if ((umpw1.length()==0) || (umpw2.length()==0)){ 551 service_node.setAttribute("info","modify_interface"); 552 service_node.setAttribute("err","umpw1-umpw2-null-err");//if one of the password strings is none,return the err info back 553 derbyWrapper.closeDatabase(); 554 return result; 555 } 556 557 if(!umpw1.equals(umpw2)){ 558 service_node.setAttribute("info","modify_interface"); 559 service_node.setAttribute("err","umpw1-umpw2-nm-err");//if one of the password strings is none,return the err info back 560 derbyWrapper.closeDatabase(); 561 return result; 562 } 563 564 if (umpw.length()==0){ 565 service_node.setAttribute("info","modify_interface"); 566 service_node.setAttribute("err","umpw-null-err");//if one of the password strings is none,return the err info back 567 derbyWrapper.closeDatabase(); 568 return result; 569 } 570 //check the new password and the retyped password 571 if ((umpw1==null) || (umpw1.length()<3) || (umpw1.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw1)))){ 572 service_node.setAttribute("info","modify_interface"); 573 service_node.setAttribute("err","umpw1-err");// the new password is illegal 574 derbyWrapper.closeDatabase(); 575 return result; 576 } 577 578 if ((umpw2==null) || (umpw2.length()<3) || (umpw2.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw2)))){ 579 service_node.setAttribute("info","modify_interface"); 580 service_node.setAttribute("err","umpw2-err"); // the retyped password is illegal 581 derbyWrapper.closeDatabase(); 582 return result; 576 583 } 577 578 if ((umpw2==null) || (umpw2.length()<3) || (umpw2.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw2)))){ 579 service_node.setAttribute("info","modify_interface"); 580 service_node.setAttribute("err","umpw2-err"); // the retyped password is illegal 581 derbyWrapper.closeDatabase(); 582 return result; 583 } 584 String modify_user_info=derbyWrapper.modifyUserInfo(un,umpw1,null,null,null); 585 if (modify_user_info.equals("succeed")){ 586 service_node.setAttribute("err","");// the passsword has been changed successfully 587 derbyWrapper.closeDatabase(); 588 return result; 589 }else{ 590 service_node.setAttribute("err",modify_user_info);// return the error message of the pasword couldn't be modified 591 derbyWrapper.closeDatabase(); 592 return result; 593 } 594 584 String modify_user_info=derbyWrapper.modifyUserInfo(un,umpw1,null,null,null); 585 if (modify_user_info.equals("succeed")){ 586 service_node.setAttribute("err","");// the passsword has been changed successfully 587 derbyWrapper.closeDatabase(); 588 return result; 589 }else{ 590 service_node.setAttribute("err",modify_user_info);// return the error message of the pasword couldn't be modified 591 derbyWrapper.closeDatabase(); 592 return result; 593 } 595 594 } 596 595
Note:
See TracChangeset
for help on using the changeset viewer.