/** @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { final String S_ProcName = "doGet"; ICFSecuritySchemaObj schemaObj; HttpSession sess = request.getSession(false); if (sess == null) { sess = request.getSession(true); schemaObj = new CFSecuritySchemaPooledObj(); sess.setAttribute("SchemaObj", schemaObj); } else { schemaObj = (ICFSecuritySchemaObj) sess.getAttribute("SchemaObj"); if (schemaObj == null) { schemaObj = new CFSecuritySchemaPooledObj(); sess.setAttribute("SchemaObj", schemaObj); } } ICFSecuritySchema dbSchema = null; try { CFSecurityAuthorization auth = schemaObj.getAuthorization(); if (auth != null) { response.sendRedirect("CFSecuritySMWarSecurityMainHtml"); return; } dbSchema = (ICFSecuritySchema) CFSecuritySchemaPool.getSchemaPool().getInstance(); schemaObj.setBackingStore(dbSchema); schemaObj.beginTransaction(); ICFSecuritySecUserObj systemUser = schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system"); String passwordHash = systemUser.getRequiredPasswordHash(); if ((passwordHash == null) || (passwordHash.length() <= 0) || passwordHash.equals("bootstrap")) { response.sendRedirect("CFSecuritySMWarSetSystemPasswordHtml"); return; } ICFSecuritySysClusterObj sysCluster = schemaObj.getSysClusterTableObj().readSysClusterByIdIdx(1, false); if (sysCluster == null) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException(getClass(), S_ProcName, 0, "sysCluster"); } ICFSecurityClusterObj resolvedCluster = sysCluster.getRequiredContainerCluster(); if (resolvedCluster == null) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException(getClass(), S_ProcName, "resolvedCluster"); } String clusterDomainName = resolvedCluster.getRequiredFullDomainName(); String clusterDescription = resolvedCluster.getRequiredDescription(); String confirmationUUIDStr = (String) request.getParameter("ConfirmationUUID"); if ((confirmationUUIDStr == null) || (confirmationUUIDStr.length() <= 0)) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFSecuritySMWarConfirmEMailAddressHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">ERROR</H2>"); out.println("<p>"); out.println("<center>"); out.println("<p>"); out.println( "The ConfirmationUUID parameter was missing in your request. Please use the link provided by your confirmation email."); out.println("</BODY>"); out.println("</HTML>"); return; } UUID confirmationUUID = UUID.fromString(confirmationUUIDStr); if (confirmationUUID == null) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFSecuritySMWarConfirmEMailAddressHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">ERROR</H2>"); out.println("<p>"); out.println("<center>"); out.println("<p>"); out.println( "Invalid ConfirmationUUID \"" + confirmationUUIDStr + "\". Please use the link provided by your confirmation email."); out.println("</BODY>"); out.println("</HTML>"); return; } ICFSecuritySecUserObj cancelUser = null; Iterator<ICFSecuritySecUserObj> secUserForUUID = schemaObj.getSecUserTableObj().readSecUserByEMConfIdx(confirmationUUID).iterator(); if (secUserForUUID.hasNext()) { cancelUser = secUserForUUID.next(); if (secUserForUUID.hasNext()) { throw CFLib.getDefaultExceptionFactory() .newRuntimeException( getClass(), S_ProcName, "Multiple SecUser instances found for ConfirmationUUID \"" + confirmationUUIDStr + "\""); } } else { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFSecuritySMWarConfirmEMailAddressHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">ERROR</H2>"); out.println("<p>"); out.println("<center>"); out.println("<p>"); out.println( "Invalid ConfirmationUUID \"" + confirmationUUIDStr + "\". Please use the link provided by your confirmation email."); out.println("</BODY>"); out.println("</HTML>"); return; } ICFSecurityClusterObj systemCluster = schemaObj.getClusterTableObj().readClusterByUDomainNameIdx("system"); ICFSecurityTenantObj systemTenant = schemaObj .getTenantTableObj() .readTenantByUNameIdx(systemCluster.getRequiredId(), "system"); ICFSecuritySecSessionObj systemSession = schemaObj.getSecSessionTableObj().newInstance(); ICFSecuritySecSessionEditObj editSystemSession = (ICFSecuritySecSessionEditObj) systemSession.beginEdit(); editSystemSession.setRequiredContainerSecUser(systemUser); editSystemSession.setRequiredStart(Calendar.getInstance()); systemSession = editSystemSession.create(); editSystemSession.endEdit(); auth = new CFSecurityAuthorization(); auth.setSecCluster(systemCluster); auth.setSecTenant(systemTenant); auth.setSecSession(systemSession); schemaObj.setAuthorization(auth); ICFSecuritySecUserEditObj editCancelUser = cancelUser.beginEdit(); editCancelUser.delete(); editCancelUser.endEdit(); editSystemSession = (ICFSecuritySecSessionEditObj) systemSession.beginEdit(); editSystemSession.setOptionalFinish(Calendar.getInstance()); editSystemSession.update(); editSystemSession.endEdit(); schemaObj.commit(); schemaObj.setAuthorization(null); response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFSecuritySMWarConfirmEMailAddressHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println( "<H2 style=\"text-align:center\">Account creation for " + cancelUser.getRequiredEMailAddress() + " cancelled.</H2>"); out.println("<p>"); out.println("<center>"); out.println("<table style=\"width:75%\">"); out.println( "<tr><td colSpan=\"2\" style=\"text-align:center\">Take me to the " + clusterDescription + " Security Manager <A HRef=\"CFSecuritySMWarLoginHtml\">Log In</A> page.</td></tr>"); out.println("</table>"); out.println("</center>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); } catch (RuntimeException e) { throw CFLib.getDefaultExceptionFactory() .newRuntimeException( getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e); } finally { if (dbSchema != null) { try { if (schemaObj.isTransactionOpen()) { schemaObj.rollback(); } } catch (RuntimeException e) { } schemaObj.setBackingStore(null); CFSecuritySchemaPool.getSchemaPool().releaseInstance(dbSchema); } } }
protected void sendPasswordResetEMail( HttpServletRequest request, ICFSecuritySecUserObj resetUser, ICFSecurityClusterObj cluster) throws AddressException, MessagingException, NamingException { final String S_ProcName = "sendPasswordResetEMail"; Properties props = System.getProperties(); String clusterDescription = cluster.getRequiredDescription(); Context ctx = new InitialContext(); String smtpEmailFrom = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpEmailFrom"); if ((smtpEmailFrom == null) || (smtpEmailFrom.length() <= 0)) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException( getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpEmailFrom"); } smtpUsername = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpUsername"); if ((smtpUsername == null) || (smtpUsername.length() <= 0)) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException( getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpUsername"); } smtpPassword = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpPassword"); if ((smtpPassword == null) || (smtpPassword.length() <= 0)) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException( getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpPassword"); } Session emailSess = Session.getInstance( props, new Authenticator() { protected PasswordAuthentication getPasswordAuthentication() { return new PasswordAuthentication(smtpUsername, smtpPassword); } }); String thisURI = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI().toString(); int lastSlash = thisURI.lastIndexOf('/'); String baseURI = thisURI.substring(0, lastSlash); UUID resetUUID = resetUser.getOptionalPasswordResetUuid(); String msgBody = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n" + "<HTML>\n" + "<BODY>\n" + "<p>\n" + "You requested a password reset for " + resetUser.getRequiredEMailAddress() + " used for accessing " + clusterDescription + ".\n" + "<p>" + "Please click on the following link to reset your password:<br>\n" + "<A HRef=\"" + baseURI + "/CFAsteriskSMWarResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "\">" + baseURI + "/CFAsteriskSMWarResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "</A>\n" + "<p>" + "Or click on the following link to cancel the reset request:<br>\n" + "<A HRef=\"" + baseURI + "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "\">" + baseURI + "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "</A>\n" + "</BODY>\n" + "</HTML>\n"; MimeMessage msg = new MimeMessage(emailSess); msg.setFrom(new InternetAddress(smtpEmailFrom)); InternetAddress mailTo[] = InternetAddress.parse(resetUser.getRequiredEMailAddress(), false); msg.setRecipient(Message.RecipientType.TO, mailTo[0]); msg.setSubject( "You requested a password reset for your account with " + clusterDescription + "?"); msg.setContent(msgBody, "text/html"); msg.setSentDate(new Date()); msg.saveChanges(); Transport.send(msg); }