/**
* Process the input from the CC license page
*
* @param context current DSpace context
* @param request current servlet request object
* @param response current servlet response object
* @param subInfo submission info object
* @return Status or error flag which will be processed by doPostProcessing() below! (if
* STATUS_COMPLETE or 0 is returned, no errors occurred!)
*/
protected int processCC(
Context context,
HttpServletRequest request,
HttpServletResponse response,
SubmissionInfo subInfo)
throws ServletException, IOException, SQLException, AuthorizeException {
String buttonPressed = Util.getSubmitButton(request, NEXT_BUTTON);
// RLR hack - need to distinguish between progress bar real submission
// (if cc_license_url exists, then users has accepted the CC License)
String ccLicenseUrl = request.getParameter("cc_license_url");
if (buttonPressed.equals("submit_no_cc")) {
// Skipping the CC license - remove any existing license selection
creativeCommonsService.removeLicense(context, subInfo.getSubmissionItem().getItem());
} else if ((ccLicenseUrl != null) && (ccLicenseUrl.length() > 0)) {
Item item = subInfo.getSubmissionItem().getItem();
// save the CC license
creativeCommonsService.setLicense(context, item, ccLicenseUrl);
}
// commit changes
context.dispatchEvents();
// completed without errors
return STATUS_COMPLETE;
}
/**
* Do any processing of the information input by the user, and/or perform step processing (if no
* user interaction required)
*
* <p>It is this method's job to save any data to the underlying database, as necessary, and
* return error messages (if any) which can then be processed by the appropriate user interface
* (JSP-UI or XML-UI)
*
* <p>NOTE: If this step is a non-interactive step (i.e. requires no UI), then it should perform
* *all* of its processing in this method!
*
* @param context current DSpace context
* @param request current servlet request object
* @param response current servlet response object
* @param subInfo submission info object
* @return Status or error flag which will be processed by doPostProcessing() below! (if
* STATUS_COMPLETE or 0 is returned, no errors occurred!)
*/
@Override
public int doProcessing(
Context context,
HttpServletRequest request,
HttpServletResponse response,
SubmissionInfo subInfo)
throws ServletException, IOException, SQLException, AuthorizeException, java.io.IOException {
HttpSession session = request.getSession();
session.setAttribute("inProgress", "TRUE");
// check what submit button was pressed in User Interface
String buttonPressed = Util.getSubmitButton(request, NEXT_BUTTON);
if ("submit_grant".equalsIgnoreCase(buttonPressed)
|| "submit_no_cc".equalsIgnoreCase(buttonPressed)) {
return processCC(context, request, response, subInfo);
}
String choiceButton = Util.getSubmitButton(request, SELECT_CHANGE);
Enumeration e = request.getParameterNames();
String isFieldRequired = "FALSE";
while (e.hasMoreElements()) {
String parameterName = (String) e.nextElement();
if (parameterName.equals("button_required")) {
isFieldRequired = "TRUE";
break;
}
}
session.setAttribute("isFieldRequired", isFieldRequired);
if (choiceButton.equals(SELECT_CHANGE)) {
Item item = subInfo.getSubmissionItem().getItem();
LicenseMetadataValue uriField = creativeCommonsService.getCCField("uri");
LicenseMetadataValue nameField = creativeCommonsService.getCCField("name");
String licenseUri = uriField.ccItemValue(item);
if (licenseUri != null)
// if (CreativeCommons.hasLicense(item, "dc", "rights", "uri", Item.ANY)
// && !CreativeCommons.getRightsURI(item, "dc", "rights", "uri", Item.ANY).equals(""))
{
// CreativeCommons.setItemMetadata(item, licenseURI, "dc", "rights", "uri",
// ConfigurationManager.getProperty("default.locale"));
uriField.removeItemValue(context, item, licenseUri);
if (ConfigurationManager.getBooleanProperty("cc.submit.setname")) {
String licenseName = nameField.keyedItemValue(item, licenseUri);
nameField.removeItemValue(context, item, licenseName);
// CreativeCommons.setItemMetadata(item, CreativeCommons.getRightsName(item, "dc",
// "rights", null, Item.ANY), "dc", "rights", null,
// ConfigurationManager.getProperty("default.locale"));
}
if (ConfigurationManager.getBooleanProperty("cc.submit.addBitstream")) {
creativeCommonsService.removeLicense(context, item);
}
removeRequiredAttributes(session);
itemService.update(context, item);
context.dispatchEvents();
}
return STATUS_COMPLETE;
} else if (buttonPressed.startsWith(PROGRESS_BAR_PREFIX)
|| buttonPressed.equals(PREVIOUS_BUTTON)) {
removeRequiredAttributes(session);
}
if (buttonPressed.equals(NEXT_BUTTON) || buttonPressed.equals(CANCEL_BUTTON)) {
return processCCWS(context, request, response, subInfo);
} else {
removeRequiredAttributes(session);
session.removeAttribute("inProgress");
return STATUS_COMPLETE;
}
}
/**
* Process the input from the CC license page using CC Web service
*
* @param context current DSpace context
* @param request current servlet request object
* @param response current servlet response object
* @param subInfo submission info object
* @return Status or error flag which will be processed by doPostProcessing() below! (if
* STATUS_COMPLETE or 0 is returned, no errors occurred!)
*/
protected int processCCWS(
Context context,
HttpServletRequest request,
HttpServletResponse response,
SubmissionInfo subInfo)
throws ServletException, IOException, SQLException, AuthorizeException {
HttpSession session = request.getSession();
Map<String, String> map = new HashMap<String, String>();
String licenseclass =
(request.getParameter("licenseclass_chooser") != null)
? request.getParameter("licenseclass_chooser")
: "";
String jurisdiction =
(ConfigurationManager.getProperty("cc.license.jurisdiction") != null)
? ConfigurationManager.getProperty("cc.license.jurisdiction")
: "";
if (licenseclass.equals("standard")) {
map.put("commercial", request.getParameter("commercial_chooser"));
map.put("derivatives", request.getParameter("derivatives_chooser"));
} else if (licenseclass.equals("recombo")) {
map.put("sampling", request.getParameter("sampling_chooser"));
}
map.put("jurisdiction", jurisdiction);
CCLookup ccLookup = new CCLookup();
LicenseMetadataValue uriField = creativeCommonsService.getCCField("uri");
LicenseMetadataValue nameField = creativeCommonsService.getCCField("name");
ccLookup.issue(licenseclass, map, ConfigurationManager.getProperty("cc.license.locale"));
Item item = subInfo.getSubmissionItem().getItem();
if (licenseclass.equals("xmlui.Submission.submit.CCLicenseStep.no_license")) {
// only remove any previous licenses
String licenseUri = uriField.ccItemValue(item);
if (licenseUri != null) {
uriField.removeItemValue(context, item, licenseUri);
if (ConfigurationManager.getBooleanProperty("cc.submit.setname")) {
String licenseName = nameField.keyedItemValue(item, licenseUri);
nameField.removeItemValue(context, item, licenseName);
}
if (ConfigurationManager.getBooleanProperty("cc.submit.addBitstream")) {
creativeCommonsService.removeLicense(context, item);
}
itemService.update(context, item);
context.dispatchEvents();
removeRequiredAttributes(session);
}
return STATUS_COMPLETE;
} else if (licenseclass.equals("xmlui.Submission.submit.CCLicenseStep.select_change")) {
removeRequiredAttributes(session);
return STATUS_COMPLETE;
} else if (ccLookup.isSuccess()) {
uriField.addItemValue(context, item, ccLookup.getLicenseUrl());
if (ConfigurationManager.getBooleanProperty("cc.submit.addbitstream")) {
creativeCommonsService.setLicenseRDF(context, item, ccLookup.getRdf());
}
if (ConfigurationManager.getBooleanProperty("cc.submit.setname")) {
nameField.addItemValue(context, item, ccLookup.getLicenseName());
}
itemService.update(context, item);
context.dispatchEvents();
removeRequiredAttributes(session);
session.removeAttribute("inProgress");
} else {
request.getSession().setAttribute("ccError", ccLookup.getErrorMessage());
String licenseUri = uriField.ccItemValue(item);
if (licenseUri != null) {
uriField.removeItemValue(context, item, licenseUri);
}
return STATUS_LICENSE_REJECTED;
}
return STATUS_COMPLETE;
}
/*
* Authenticate the given credentials.
* This is the heart of the authentication method: test the
* credentials for authenticity, and if accepted, attempt to match
* (or optionally, create) an <code>EPerson</code>. If an <code>EPerson</code> is found it is
* set in the <code>Context</code> that was passed.
*
* @param context
* DSpace context, will be modified (ePerson set) upon success.
*
* @param username
* Username (or email address) when method is explicit. Use null for
* implicit method.
*
* @param password
* Password for explicit auth, or null for implicit method.
*
* @param realm
* Realm is an extra parameter used by some authentication methods, leave null if
* not applicable.
*
* @param request
* The HTTP request that started this operation, or null if not applicable.
*
* @return One of:
* SUCCESS, BAD_CREDENTIALS, CERT_REQUIRED, NO_SUCH_USER, BAD_ARGS
* <p>Meaning:
* <br>SUCCESS - authenticated OK.
* <br>BAD_CREDENTIALS - user exists, but credentials (e.g. passwd) don't match
* <br>CERT_REQUIRED - not allowed to login this way without X.509 cert.
* <br>NO_SUCH_USER - user not found using this method.
* <br>BAD_ARGS - user/pw not appropriate for this method
*/
@Override
public int authenticate(
Context context, String netid, String password, String realm, HttpServletRequest request)
throws SQLException {
log.info(LogManager.getHeader(context, "auth", "attempting trivial auth of user="******"authentication-ldap", "search.anonymous");
String adminUser = ConfigurationManager.getProperty("authentication-ldap", "search.user");
String adminPassword =
ConfigurationManager.getProperty("authentication-ldap", "search.password");
String objectContext =
ConfigurationManager.getProperty("authentication-ldap", "object_context");
String idField = ConfigurationManager.getProperty("authentication-ldap", "id_field");
String dn = "";
// If adminUser is blank and anonymous search is not allowed, then we can't search so construct
// the DN instead of searching it
if ((StringUtils.isBlank(adminUser) || StringUtils.isBlank(adminPassword))
&& !anonymousSearch) {
dn = idField + "=" + netid + "," + objectContext;
} else {
dn = ldap.getDNOfUser(adminUser, adminPassword, context, netid);
}
// Check a DN was found
if ((dn == null) || (dn.trim().equals(""))) {
log.info(LogManager.getHeader(context, "failed_login", "no DN found for user " + netid));
return BAD_CREDENTIALS;
}
// if they entered a netid that matches an eperson
if (eperson != null) {
// e-mail address corresponds to active account
if (eperson.getRequireCertificate()) {
return CERT_REQUIRED;
} else if (!eperson.canLogIn()) {
return BAD_ARGS;
}
if (ldap.ldapAuthenticate(dn, password, context)) {
context.setCurrentUser(eperson);
// assign user to groups based on ldap dn
assignGroups(dn, ldap.ldapGroup, context);
log.info(LogManager.getHeader(context, "authenticate", "type=ldap"));
return SUCCESS;
} else {
return BAD_CREDENTIALS;
}
} else {
// the user does not already exist so try and authenticate them
// with ldap and create an eperson for them
if (ldap.ldapAuthenticate(dn, password, context)) {
// Register the new user automatically
log.info(LogManager.getHeader(context, "autoregister", "netid=" + netid));
String email = ldap.ldapEmail;
// Check if we were able to determine an email address from LDAP
if (StringUtils.isEmpty(email)) {
// If no email, check if we have a "netid_email_domain". If so, append it to the netid to
// create email
if (StringUtils.isNotEmpty(
ConfigurationManager.getProperty("authentication-ldap", "netid_email_domain"))) {
email =
netid
+ ConfigurationManager.getProperty("authentication-ldap", "netid_email_domain");
} else {
// We don't have a valid email address. We'll default it to 'netid' but log a warning
log.warn(
LogManager.getHeader(
context,
"autoregister",
"Unable to locate email address for account '"
+ netid
+ "', so it has been set to '"
+ netid
+ "'. "
+ "Please check the LDAP 'email_field' OR consider configuring 'netid_email_domain'."));
email = netid;
}
}
if (StringUtils.isNotEmpty(email)) {
try {
eperson = ePersonService.findByEmail(context, email);
if (eperson != null) {
log.info(
LogManager.getHeader(context, "type=ldap-login", "type=ldap_but_already_email"));
context.setIgnoreAuthorization(true);
eperson.setNetid(netid.toLowerCase());
ePersonService.update(context, eperson);
context.dispatchEvents();
context.setIgnoreAuthorization(false);
context.setCurrentUser(eperson);
// assign user to groups based on ldap dn
assignGroups(dn, ldap.ldapGroup, context);
return SUCCESS;
} else {
if (canSelfRegister(context, request, netid)) {
// TEMPORARILY turn off authorisation
try {
context.setIgnoreAuthorization(true);
eperson = ePersonService.create(context);
if (StringUtils.isNotEmpty(email)) {
eperson.setEmail(email);
}
if (StringUtils.isNotEmpty(ldap.ldapGivenName)) {
eperson.setFirstName(context, ldap.ldapGivenName);
}
if (StringUtils.isNotEmpty(ldap.ldapSurname)) {
eperson.setLastName(context, ldap.ldapSurname);
}
if (StringUtils.isNotEmpty(ldap.ldapPhone)) {
ePersonService.setMetadata(context, eperson, "phone", ldap.ldapPhone);
}
eperson.setNetid(netid.toLowerCase());
eperson.setCanLogIn(true);
authenticationService.initEPerson(context, request, eperson);
ePersonService.update(context, eperson);
context.dispatchEvents();
context.setCurrentUser(eperson);
// assign user to groups based on ldap dn
assignGroups(dn, ldap.ldapGroup, context);
} catch (AuthorizeException e) {
return NO_SUCH_USER;
} finally {
context.setIgnoreAuthorization(false);
}
log.info(
LogManager.getHeader(
context, "authenticate", "type=ldap-login, created ePerson"));
return SUCCESS;
} else {
// No auto-registration for valid certs
log.info(LogManager.getHeader(context, "failed_login", "type=ldap_but_no_record"));
return NO_SUCH_USER;
}
}
} catch (AuthorizeException e) {
eperson = null;
} finally {
context.setIgnoreAuthorization(false);
}
}
}
}
return BAD_ARGS;
}
