public void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
String support = "support"; // valid username
HttpSession session = null;
session = req.getSession(false); // Get user's session object (no new one)
if (session == null) {
invalidUser(out); // Intruder - reject
return;
}
String userName = (String) session.getAttribute("user"); // get username
if (!userName.equals(support)) {
invalidUser(out); // Intruder - reject
return;
}
String action = "";
if (req.getParameter("todo") != null) action = req.getParameter("todo");
if (action.equals("update")) {
doUpdate(out);
return;
}
out.println("<p>Nothing to do.</p>todo=" + action);
}
public void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
String support = "support"; // valid username
HttpSession session = null;
session = req.getSession(false); // Get user's session object (no new one)
if (session == null) {
invalidUser(out); // Intruder - reject
return;
}
String userName = (String) session.getAttribute("user"); // get username
if (!userName.equals(support)) {
invalidUser(out); // Intruder - reject
return;
}
out.println("<HTML><HEAD><TITLE>Database Upgrade</TITLE></HEAD>");
out.println("<BODY><CENTER>");
out.println(
"<BR><BR><H3>This job will check all clubs' session logs for caller=clubster.</H3>");
out.println("<BR><BR>Click 'Continue' to start the job.");
out.println("<BR><BR> <A HREF=\"/v5/servlet/Support_main\">Return</A><BR><BR>");
out.println(
"<form method=post><input type=submit value=\"Continue\" onclick=\"return confirm('Are you sure?')\">");
out.println(" <input type=hidden value=\"update\" name=\"todo\"></form>");
/*
out.println("<form method=post><input type=submit value=\" Test \">");
out.println(" <input type=hidden value=\"test\" name=\"todo\"></form>");
*
*/
out.println("</CENTER></BODY></HTML>");
out.close();
}
/** @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
final String S_ProcName = "doGet";
ICFInternetSchemaObj schemaObj;
HttpSession sess = request.getSession(false);
if (sess == null) {
sess = request.getSession(true);
schemaObj = new CFInternetSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
} else {
schemaObj = (ICFInternetSchemaObj) sess.getAttribute("SchemaObj");
if (schemaObj == null) {
schemaObj = new CFInternetSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
}
}
ICFInternetSchema dbSchema = null;
try {
CFSecurityAuthorization auth = schemaObj.getAuthorization();
if (auth != null) {
response.sendRedirect("CFInternetSMWarSecurityMainHtml");
return;
}
dbSchema = (ICFInternetSchema) CFInternetSchemaPool.getSchemaPool().getInstance();
schemaObj.setBackingStore(dbSchema);
schemaObj.beginTransaction();
ICFSecuritySecUserObj systemUser =
schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system");
String passwordHash = systemUser.getRequiredPasswordHash();
if ((passwordHash == null)
|| (passwordHash.length() <= 0)
|| passwordHash.equals("bootstrap")) {
response.sendRedirect("CFInternetSMWarSetSystemPasswordHtml");
return;
}
ICFSecuritySysClusterObj sysCluster =
schemaObj.getSysClusterTableObj().readSysClusterByIdIdx(1, false);
if (sysCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, 0, "sysCluster");
}
ICFSecurityClusterObj resolvedCluster = sysCluster.getRequiredContainerCluster();
if (resolvedCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, "resolvedCluster");
}
String clusterDomainName = resolvedCluster.getRequiredFullDomainName();
String clusterDescription = resolvedCluster.getRequiredDescription();
String confirmationUUIDStr = (String) request.getParameter("ConfirmationUUID");
if ((confirmationUUIDStr == null) || (confirmationUUIDStr.length() <= 0)) {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFInternetSMWarConfirmEMailAddressHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">ERROR</H2>");
out.println("<p>");
out.println("<center>");
out.println("<p>");
out.println(
"The ConfirmationUUID parameter was missing in your request. Please use the link provided by your confirmation email.");
out.println("</BODY>");
out.println("</HTML>");
return;
}
UUID confirmationUUID = UUID.fromString(confirmationUUIDStr);
if (confirmationUUID == null) {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFInternetSMWarConfirmEMailAddressHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">ERROR</H2>");
out.println("<p>");
out.println("<center>");
out.println("<p>");
out.println(
"Invalid ConfirmationUUID \""
+ confirmationUUIDStr
+ "\". Please use the link provided by your confirmation email.");
out.println("</BODY>");
out.println("</HTML>");
return;
}
ICFSecuritySecUserObj confirmUser = null;
Iterator<ICFSecuritySecUserObj> secUserForUUID =
schemaObj.getSecUserTableObj().readSecUserByEMConfIdx(confirmationUUID).iterator();
if (secUserForUUID.hasNext()) {
confirmUser = secUserForUUID.next();
if (secUserForUUID.hasNext()) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Multiple SecUser instances found for ConfirmationUUID \""
+ confirmationUUIDStr
+ "\"");
}
} else {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFInternetSMWarConfirmEMailAddressHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">ERROR</H2>");
out.println("<p>");
out.println("<center>");
out.println("<p>");
out.println(
"Invalid ConfirmationUUID \""
+ confirmationUUIDStr
+ "\". Please use the link provided by your confirmation email.");
out.println("</BODY>");
out.println("</HTML>");
return;
}
ICFSecurityClusterObj systemCluster =
schemaObj.getClusterTableObj().readClusterByUDomainNameIdx("system");
ICFSecurityTenantObj systemTenant =
schemaObj
.getTenantTableObj()
.readTenantByUNameIdx(systemCluster.getRequiredId(), "system");
ICFSecuritySecSessionObj systemSession = schemaObj.getSecSessionTableObj().newInstance();
ICFSecuritySecSessionEditObj editSystemSession =
(ICFSecuritySecSessionEditObj) systemSession.beginEdit();
editSystemSession.setRequiredContainerSecUser(systemUser);
editSystemSession.setRequiredStart(Calendar.getInstance());
systemSession = editSystemSession.create();
editSystemSession.endEdit();
auth = new CFSecurityAuthorization();
auth.setSecCluster(systemCluster);
auth.setSecTenant(systemTenant);
auth.setSecSession(systemSession);
schemaObj.setAuthorization(auth);
ICFSecuritySecUserEditObj editConfirmUser = confirmUser.beginEdit();
editConfirmUser.setOptionalEMailConfirmationUuid(null);
editConfirmUser.update();
editConfirmUser.endEdit();
editSystemSession = (ICFSecuritySecSessionEditObj) systemSession.beginEdit();
editSystemSession.setOptionalFinish(Calendar.getInstance());
editSystemSession.update();
editSystemSession.endEdit();
schemaObj.commit();
schemaObj.setAuthorization(null);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFInternetSMWarConfirmEMailAddressHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">EMail Address Confirmed</H2>");
out.println("<p>");
out.println("<center>");
out.println("<table style=\"width:75%\">");
out.println(
"<tr><th style=\"text-align:left\">Confirmation UUID:</th><td><input type=\"text\" name=\"ConfirmationUUID\" value=\""
+ confirmationUUID.toString()
+ "\"/></td></tr>");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\">You may now <A HRef=\"CFInternetSMWarLoginHtml\">log in</A> to the "
+ clusterDescription
+ " Security Manager</td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
} catch (RuntimeException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e);
} finally {
if (dbSchema != null) {
try {
if (schemaObj.isTransactionOpen()) {
schemaObj.rollback();
}
} catch (RuntimeException e) {
}
schemaObj.setBackingStore(null);
CFInternetSchemaPool.getSchemaPool().releaseInstance(dbSchema);
}
}
}
/** @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
final String S_ProcName = "doGet";
ICFAsteriskSchemaObj schemaObj;
HttpSession sess = request.getSession(false);
if (sess == null) {
sess = request.getSession(true);
schemaObj = new CFAsteriskSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
} else {
schemaObj = (ICFAsteriskSchemaObj) sess.getAttribute("SchemaObj");
if (schemaObj == null) {
schemaObj = new CFAsteriskSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
}
}
ICFAsteriskSchema dbSchema = null;
try {
CFSecurityAuthorization auth = schemaObj.getAuthorization();
if (auth != null) {
response.sendRedirect("CFAsteriskSMWarSecurityMainHtml");
return;
}
dbSchema = (ICFAsteriskSchema) CFAsteriskSchemaPool.getSchemaPool().getInstance();
schemaObj.setBackingStore(dbSchema);
schemaObj.beginTransaction();
ICFSecuritySecUserObj systemUser =
schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system");
String passwordHash = systemUser.getRequiredPasswordHash();
if ((passwordHash == null)
|| (passwordHash.length() <= 0)
|| passwordHash.equals("bootstrap")) {
response.sendRedirect("CFAsteriskSMWarSetSystemPasswordHtml");
return;
}
ICFSecuritySysClusterObj sysCluster =
schemaObj.getSysClusterTableObj().readSysClusterByIdIdx(1, false);
if (sysCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, 0, "sysCluster");
}
ICFSecurityClusterObj resolvedCluster = sysCluster.getRequiredContainerCluster();
if (resolvedCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, "resolvedCluster");
}
String clusterDomainName = resolvedCluster.getRequiredFullDomainName();
String clusterDescription = resolvedCluster.getRequiredDescription();
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println(
"<H2 style=\"text-align:center\">Enter the login you'd like to request a password reset for.</H2>");
out.println("<p>");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>");
out.println(
"<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
} catch (RuntimeException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e);
} finally {
if (dbSchema != null) {
try {
if (schemaObj.isTransactionOpen()) {
schemaObj.rollback();
}
} catch (RuntimeException e) {
}
schemaObj.setBackingStore(null);
CFAsteriskSchemaPool.getSchemaPool().releaseInstance(dbSchema);
}
}
}
protected void sendPasswordResetEMail(
HttpServletRequest request, ICFSecuritySecUserObj resetUser, ICFSecurityClusterObj cluster)
throws AddressException, MessagingException, NamingException {
final String S_ProcName = "sendPasswordResetEMail";
Properties props = System.getProperties();
String clusterDescription = cluster.getRequiredDescription();
Context ctx = new InitialContext();
String smtpEmailFrom = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpEmailFrom");
if ((smtpEmailFrom == null) || (smtpEmailFrom.length() <= 0)) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(
getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpEmailFrom");
}
smtpUsername = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpUsername");
if ((smtpUsername == null) || (smtpUsername.length() <= 0)) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(
getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpUsername");
}
smtpPassword = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpPassword");
if ((smtpPassword == null) || (smtpPassword.length() <= 0)) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(
getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpPassword");
}
Session emailSess =
Session.getInstance(
props,
new Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(smtpUsername, smtpPassword);
}
});
String thisURI =
request.getScheme()
+ "://"
+ request.getServerName()
+ ":"
+ request.getServerPort()
+ request.getRequestURI().toString();
int lastSlash = thisURI.lastIndexOf('/');
String baseURI = thisURI.substring(0, lastSlash);
UUID resetUUID = resetUser.getOptionalPasswordResetUuid();
String msgBody =
"<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n"
+ "<HTML>\n"
+ "<BODY>\n"
+ "<p>\n"
+ "You requested a password reset for "
+ resetUser.getRequiredEMailAddress()
+ " used for accessing "
+ clusterDescription
+ ".\n"
+ "<p>"
+ "Please click on the following link to reset your password:<br>\n"
+ "<A HRef=\""
+ baseURI
+ "/CFAsteriskSMWarResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "\">"
+ baseURI
+ "/CFAsteriskSMWarResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "</A>\n"
+ "<p>"
+ "Or click on the following link to cancel the reset request:<br>\n"
+ "<A HRef=\""
+ baseURI
+ "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "\">"
+ baseURI
+ "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "</A>\n"
+ "</BODY>\n"
+ "</HTML>\n";
MimeMessage msg = new MimeMessage(emailSess);
msg.setFrom(new InternetAddress(smtpEmailFrom));
InternetAddress mailTo[] = InternetAddress.parse(resetUser.getRequiredEMailAddress(), false);
msg.setRecipient(Message.RecipientType.TO, mailTo[0]);
msg.setSubject(
"You requested a password reset for your account with " + clusterDescription + "?");
msg.setContent(msgBody, "text/html");
msg.setSentDate(new Date());
msg.saveChanges();
Transport.send(msg);
}
/** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
final String S_ProcName = "doPost";
ICFAsteriskSchemaObj schemaObj;
HttpSession sess = request.getSession(false);
if (sess == null) {
sess = request.getSession(true);
schemaObj = new CFAsteriskSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
} else {
schemaObj = (ICFAsteriskSchemaObj) sess.getAttribute("SchemaObj");
if (schemaObj == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, 0, "schemaObj");
}
}
ICFAsteriskSchema dbSchema = null;
try {
CFSecurityAuthorization auth = schemaObj.getAuthorization();
if (auth != null) {
response.sendRedirect("CFAsteriskSMWarSecurityMainHtml");
return;
}
dbSchema = (ICFAsteriskSchema) CFAsteriskSchemaPool.getSchemaPool().getInstance();
schemaObj.setBackingStore(dbSchema);
schemaObj.beginTransaction();
ICFSecuritySecUserObj systemUser =
schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system");
String passwordHash = systemUser.getRequiredPasswordHash();
if ((passwordHash == null)
|| (passwordHash.length() <= 0)
|| passwordHash.equals("bootstrap")) {
response.sendRedirect("CFAsteriskSMWarSetSystemPasswordHtml");
}
ICFSecurityClusterObj resolvedCluster;
ICFSecuritySysClusterObj sysCluster =
schemaObj.getSysClusterTableObj().readSysClusterByIdIdx(1, false);
if (sysCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, 0, "sysCluster");
}
resolvedCluster = sysCluster.getRequiredContainerCluster();
if (resolvedCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, "resolvedCluster");
}
String clusterDomainName = resolvedCluster.getRequiredFullDomainName();
String clusterDescription = resolvedCluster.getRequiredDescription();
String loginId = (String) request.getParameter("LoginId");
if ((loginId == null) || (loginId.length() <= 0)) {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println(
"<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">ERROR</H2>");
out.println("<p style=\"text-align:center\">");
out.println("You must specify a login id to reset.");
out.println("<p style=\"text-align:center\">");
out.println("Enter the login you'd like to request a password reset for.");
out.println("<p>");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>");
out.println(
"<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
return;
}
ICFSecuritySecUserObj authenticatingUser =
schemaObj.getSecUserTableObj().readSecUserByULoginIdx(loginId, true);
if (authenticatingUser == null) {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println(
"<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">ERROR</H2>");
out.println("<p style=\"text-align:center\">");
out.println("Login id not found.");
out.println("<p style=\"text-align:center\">");
out.println("Enter the login you'd like to request a password reset for.");
out.println("<p>");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>");
out.println(
"<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
return;
}
if (null != authenticatingUser.getOptionalPasswordResetUuid()) {
sendPasswordResetEMail(request, authenticatingUser, resolvedCluster);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println(
"<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">INFO</H2>");
out.println("<p style=\"text-align:center\">");
out.println("Password reset email resent.");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
}
ICFSecurityClusterObj systemCluster =
schemaObj.getClusterTableObj().readClusterByUDomainNameIdx("system");
ICFSecurityTenantObj systemTenant =
schemaObj
.getTenantTableObj()
.readTenantByUNameIdx(systemCluster.getRequiredId(), "system");
ICFSecuritySecSessionObj systemSession = schemaObj.getSecSessionTableObj().newInstance();
ICFSecuritySecSessionEditObj editSystemSession =
(ICFSecuritySecSessionEditObj) systemSession.beginEdit();
editSystemSession.setRequiredContainerSecUser(systemUser);
editSystemSession.setRequiredStart(Calendar.getInstance());
systemSession = editSystemSession.create();
editSystemSession.endEdit();
auth = new CFSecurityAuthorization();
auth.setSecCluster(systemCluster);
auth.setSecTenant(systemTenant);
auth.setSecSession(systemSession);
schemaObj.setAuthorization(auth);
ICFSecuritySecUserEditObj editAuthenticatingUser = authenticatingUser.beginEdit();
editAuthenticatingUser.setOptionalPasswordResetUuid(UUID.randomUUID());
editAuthenticatingUser.update();
editAuthenticatingUser.endEdit();
editSystemSession = (ICFSecuritySecSessionEditObj) systemSession.beginEdit();
editSystemSession.setOptionalFinish(Calendar.getInstance());
editSystemSession.update();
editSystemSession.endEdit();
schemaObj.setAuthorization(null);
schemaObj.commit();
sendPasswordResetEMail(request, authenticatingUser, resolvedCluster);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">INFO</H2>");
out.println("<p style=\"text-align:center\">");
out.println(
"Password reset email sent. Please use the links in the email to set a new password or to cancel the request.");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
} catch (MessagingException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught MessagingException -- " + e.getMessage(), e);
} catch (NamingException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught NamingException -- " + e.getMessage(), e);
} catch (RuntimeException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e);
} finally {
if (dbSchema != null) {
try {
if (schemaObj.isTransactionOpen()) {
schemaObj.rollback();
}
} catch (RuntimeException e) {
}
schemaObj.setBackingStore(null);
CFAsteriskSchemaPool.getSchemaPool().releaseInstance(dbSchema);
}
}
}
public void _jspService(HttpServletRequest request, HttpServletResponse response)
throws java.io.IOException, ServletException {
JspFactory _jspxFactory = null;
PageContext pageContext = null;
HttpSession session = null;
ServletContext application = null;
ServletConfig config = null;
JspWriter out = null;
Object page = this;
JspWriter _jspx_out = null;
PageContext _jspx_page_context = null;
try {
_jspxFactory = JspFactory.getDefaultFactory();
response.setContentType("text/html");
pageContext =
_jspxFactory.getPageContext(this, request, response, "error.jsp", true, 8192, true);
_jspx_page_context = pageContext;
application = pageContext.getServletContext();
config = pageContext.getServletConfig();
session = pageContext.getSession();
out = pageContext.getOut();
_jspx_out = out;
out.write("\n\n\n\n\n\n\n\n\n");
out.write('\n');
org.jivesoftware.util.WebManager webManager = null;
synchronized (_jspx_page_context) {
webManager =
(org.jivesoftware.util.WebManager)
_jspx_page_context.getAttribute("webManager", PageContext.PAGE_SCOPE);
if (webManager == null) {
webManager = new org.jivesoftware.util.WebManager();
_jspx_page_context.setAttribute("webManager", webManager, PageContext.PAGE_SCOPE);
}
}
out.write('\n');
webManager.init(request, response, session, application, out);
out.write('\n');
out.write('\n');
// Get paramters
boolean doTest = request.getParameter("test") != null;
boolean cancel = request.getParameter("cancel") != null;
boolean sent = ParamUtils.getBooleanParameter(request, "sent");
boolean success = ParamUtils.getBooleanParameter(request, "success");
String from = ParamUtils.getParameter(request, "from");
String to = ParamUtils.getParameter(request, "to");
String subject = ParamUtils.getParameter(request, "subject");
String body = ParamUtils.getParameter(request, "body");
// Cancel if requested
if (cancel) {
response.sendRedirect("system-email.jsp");
return;
}
// Variable to hold messaging exception, if one occurs
Exception mex = null;
// Validate input
Map<String, String> errors = new HashMap<String, String>();
if (doTest) {
if (from == null) {
errors.put("from", "");
}
if (to == null) {
errors.put("to", "");
}
if (subject == null) {
errors.put("subject", "");
}
if (body == null) {
errors.put("body", "");
}
EmailService service = EmailService.getInstance();
// Validate host - at a minimum, it needs to be set:
String host = service.getHost();
if (host == null) {
errors.put("host", "");
}
// if no errors, continue
if (errors.size() == 0) {
// Create a message
MimeMessage message = service.createMimeMessage();
// Set the date of the message to be the current date
SimpleDateFormat format =
new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss Z", java.util.Locale.US);
format.setTimeZone(JiveGlobals.getTimeZone());
message.setHeader("Date", format.format(new Date()));
// Set to and from.
message.setRecipient(Message.RecipientType.TO, new InternetAddress(to, null));
message.setFrom(new InternetAddress(from, null));
message.setSubject(subject);
message.setText(body);
// Send the message, wrap in a try/catch:
try {
service.sendMessagesImmediately(Collections.singletonList(message));
// success, so indicate this:
response.sendRedirect("system-emailtest.jsp?sent=true&success=true");
return;
} catch (MessagingException me) {
me.printStackTrace();
mex = me;
}
}
}
// Set var defaults
Collection<JID> jids = webManager.getXMPPServer().getAdmins();
User user = null;
if (!jids.isEmpty()) {
for (JID jid : jids) {
if (webManager.getXMPPServer().isLocal(jid)) {
user = webManager.getUserManager().getUser(jid.getNode());
if (user.getEmail() != null) {
break;
}
}
}
}
if (from == null) {
from = user.getEmail();
}
if (to == null) {
to = user.getEmail();
}
if (subject == null) {
subject = "Test email sent via Openfire";
}
if (body == null) {
body = "This is a test message.";
}
out.write("\n\n<html>\n <head>\n <title>");
if (_jspx_meth_fmt_message_0(_jspx_page_context)) return;
out.write(
"</title>\n <meta name=\"pageID\" content=\"system-email\"/>\n </head>\n <body>\n\n<script language=\"JavaScript\" type=\"text/javascript\">\nvar clicked = false;\nfunction checkClick(el) {\n if (!clicked) {\n clicked = true;\n return true;\n }\n return false;\n}\n</script>\n\n<p>\n");
if (_jspx_meth_fmt_message_1(_jspx_page_context)) return;
out.write("\n</p>\n\n");
if (JiveGlobals.getProperty("mail.smtp.host") == null) {
out.write(
"\n\n <div class=\"jive-error\">\n <table cellpadding=\"0\" cellspacing=\"0\" border=\"0\">\n <tbody>\n <tr>\n \t<td class=\"jive-icon\"><img src=\"images/error-16x16.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"\"></td>\n\t <td class=\"jive-icon-label\">\n\t\t ");
if (_jspx_meth_fmt_message_2(_jspx_page_context)) return;
out.write("\n\t </td>\n </tr>\n </tbody>\n </table>\n </div>\n\n");
}
out.write('\n');
out.write('\n');
if (doTest || sent) {
out.write("\n\n ");
if (success) {
out.write(
"\n\n <div class=\"jive-success\">\n <table cellpadding=\"0\" cellspacing=\"0\" border=\"0\">\n <tbody>\n <tr>\n \t<td class=\"jive-icon\"><img src=\"images/success-16x16.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"\"></td>\n \t<td class=\"jive-icon-label\">");
if (_jspx_meth_fmt_message_3(_jspx_page_context)) return;
out.write(
"</td>\n </tr>\n </tbody>\n </table>\n </div>\n\n ");
} else {
out.write(
"\n\n <div class=\"jive-error\">\n <table cellpadding=\"0\" cellspacing=\"0\" border=\"0\">\n <tbody>\n <tr><td class=\"jive-icon\"><img src=\"images/error-16x16.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"\"></td>\n <td class=\"jive-icon-label\">\n ");
if (_jspx_meth_fmt_message_4(_jspx_page_context)) return;
out.write("\n ");
if (mex != null) {
out.write("\n ");
if (mex instanceof AuthenticationFailedException) {
out.write("\n \t");
if (_jspx_meth_fmt_message_5(_jspx_page_context)) return;
out.write(" \n ");
} else {
out.write("\n (Message: ");
out.print(mex.getMessage());
out.write(")\n ");
}
out.write("\n ");
}
out.write(
"\n </td></tr>\n </tbody>\n </table>\n </div>\n\n ");
}
out.write("\n\n <br>\n\n");
}
out.write(
"\n\n<form action=\"system-emailtest.jsp\" method=\"post\" name=\"f\" onsubmit=\"return checkClick(this);\">\n\n<table cellpadding=\"3\" cellspacing=\"0\" border=\"0\">\n<tbody>\n <tr>\n <td>\n ");
if (_jspx_meth_fmt_message_6(_jspx_page_context)) return;
out.write(":\n </td>\n <td>\n ");
String host = JiveGlobals.getProperty("mail.smtp.host");
if (host == null) {
out.write("\n <i>");
if (_jspx_meth_fmt_message_7(_jspx_page_context)) return;
out.write("</i>\n ");
} else {
out.write("\n ");
out.print(host);
out.write(':');
out.print(JiveGlobals.getIntProperty("mail.smtp.port", 25));
out.write("\n\n ");
if (JiveGlobals.getBooleanProperty("mail.smtp.ssl", false)) {
out.write("\n\n (");
if (_jspx_meth_fmt_message_8(_jspx_page_context)) return;
out.write(")\n\n ");
}
out.write("\n ");
}
out.write("\n </td>\n </tr>\n <tr>\n <td>\n ");
if (_jspx_meth_fmt_message_9(_jspx_page_context)) return;
out.write(
":\n </td>\n <td>\n <input type=\"hidden\" name=\"from\" value=\"");
out.print(from);
out.write("\">\n ");
out.print(StringUtils.escapeHTMLTags(from));
out.write(
"\n <span class=\"jive-description\">\n (<a href=\"user-edit-form.jsp?username="******"\">Update Address</a>)\n </span>\n </td>\n </tr>\n <tr>\n <td>\n ");
if (_jspx_meth_fmt_message_10(_jspx_page_context)) return;
out.write(
":\n </td>\n <td>\n <input type=\"text\" name=\"to\" value=\"");
out.print(((to != null) ? to : ""));
out.write(
"\"\n size=\"40\" maxlength=\"100\">\n </td>\n </tr>\n <tr>\n <td>\n ");
if (_jspx_meth_fmt_message_11(_jspx_page_context)) return;
out.write(
":\n </td>\n <td>\n <input type=\"text\" name=\"subject\" value=\"");
out.print(((subject != null) ? subject : ""));
out.write(
"\"\n size=\"40\" maxlength=\"100\">\n </td>\n </tr>\n <tr valign=\"top\">\n <td>\n ");
if (_jspx_meth_fmt_message_12(_jspx_page_context)) return;
out.write(
":\n </td>\n <td>\n <textarea name=\"body\" cols=\"45\" rows=\"5\" wrap=\"virtual\">");
out.print(body);
out.write(
"</textarea>\n </td>\n </tr>\n <tr>\n <td colspan=\"2\">\n <br>\n <input type=\"submit\" name=\"test\" value=\"");
if (_jspx_meth_fmt_message_13(_jspx_page_context)) return;
out.write("\">\n <input type=\"submit\" name=\"cancel\" value=\"");
if (_jspx_meth_fmt_message_14(_jspx_page_context)) return;
out.write(
"\">\n </td>\n </tr>\n</tbody>\n</table>\n\n</form>\n\n </body>\n</html>");
} catch (Throwable t) {
if (!(t instanceof SkipPageException)) {
out = _jspx_out;
if (out != null && out.getBufferSize() != 0) out.clearBuffer();
if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);
}
} finally {
if (_jspxFactory != null) _jspxFactory.releasePageContext(_jspx_page_context);
}
}
public void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
String support = "support"; // valid username
HttpSession session = null;
session = req.getSession(false); // Get user's session object (no new one)
if (session == null) {
invalidUser(out); // Intruder - reject
return;
}
String userName = (String) session.getAttribute("user"); // get username
if (!userName.equals(support)) {
invalidUser(out); // Intruder - reject
return;
}
Connection con1 = null; // init DB objects
Connection con2 = null;
Statement stmt1 = null;
Statement stmt2 = null;
ResultSet rs1 = null;
ResultSet rs2 = null;
out.println("<HTML><HEAD><TITLE>Database Query</TITLE></HEAD>");
out.println("<BODY><H3>List Each Club With a Custom Style Sheet</H3>");
out.println(
"<table border=1><tr><td><b>Site</b></td><td><b>Club Name</b></td><td><b>Style Sheet</b></td></tr>");
out.flush();
String club = "";
String fullname = "";
String styles = "";
try {
con1 = Connect.getCon(rev); // connect to v5
} catch (Exception exc) {
// Error connecting to db....
out.println("<BR><BR>Unable to connect to the DB.");
out.println("<BR>Exception: " + exc.getMessage());
out.println("<BR><BR> <A HREF=\"/v5/servlet/Support_main\">Return</A>.");
out.println("</BODY></HTML>");
return;
}
//
// Get the club names from the 'clubs' table
//
// Process each club in the table
//
try {
stmt1 = con1.createStatement();
rs1 =
stmt1.executeQuery(
"SELECT clubname, fullname FROM v5.clubs WHERE inactive=0 ORDER BY clubname");
while (rs1.next()) {
club = rs1.getString(1); // get a club name
fullname = rs1.getString(2); // get club's full name
if (!club.startsWith("demo")) { // if NOT a demo site
con2 = Connect.getCon(club); // get a connection to this club's db
stmt2 = con2.createStatement(); // create a statement
try {
rs2 = stmt2.executeQuery("SELECT custom_styles FROM club5");
if (rs2.next()) {
styles = rs2.getString("custom_styles"); // get the custom styles name, if any
if (!styles.equals("")) {
out.println(
"<tr><td>"
+ club
+ "</td><td>"
+ fullname
+ "</td><td>"
+ styles
+ "</td></tr>");
}
}
} catch (Exception exc) {
out.println(club + " failed!!!!!!!!!!!!!!!!!!!! " + exc.toString());
}
stmt2.close();
con2.close();
}
} // end if WHILE clubs
out.println("</table>");
} catch (Exception exc) {
// Error connecting to db....
out.println("<BR><BR>Unable to connect to the DB.");
out.println("<BR>Exception: " + exc.getMessage());
out.println("<BR><BR> <A HREF=\"/v5/servlet/Support_main\">Return</A>.");
out.println("</BODY></HTML>");
return;
}
try {
stmt1.close();
con1.close();
} catch (Exception ignore) {
}
out.println("<BR><BR> <A HREF=\"/v5/servlet/Support_main\">Return</A>.");
out.println("</BODY></HTML>");
out.close();
}