protected void sendPasswordResetEMail( HttpServletRequest request, ICFSecuritySecUserObj resetUser, ICFSecurityClusterObj cluster) throws AddressException, MessagingException, NamingException { final String S_ProcName = "sendPasswordResetEMail"; Properties props = System.getProperties(); String clusterDescription = cluster.getRequiredDescription(); Context ctx = new InitialContext(); String smtpEmailFrom = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpEmailFrom"); if ((smtpEmailFrom == null) || (smtpEmailFrom.length() <= 0)) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException( getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpEmailFrom"); } smtpUsername = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpUsername"); if ((smtpUsername == null) || (smtpUsername.length() <= 0)) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException( getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpUsername"); } smtpPassword = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpPassword"); if ((smtpPassword == null) || (smtpPassword.length() <= 0)) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException( getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpPassword"); } Session emailSess = Session.getInstance( props, new Authenticator() { protected PasswordAuthentication getPasswordAuthentication() { return new PasswordAuthentication(smtpUsername, smtpPassword); } }); String thisURI = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI().toString(); int lastSlash = thisURI.lastIndexOf('/'); String baseURI = thisURI.substring(0, lastSlash); UUID resetUUID = resetUser.getOptionalPasswordResetUuid(); String msgBody = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n" + "<HTML>\n" + "<BODY>\n" + "<p>\n" + "You requested a password reset for " + resetUser.getRequiredEMailAddress() + " used for accessing " + clusterDescription + ".\n" + "<p>" + "Please click on the following link to reset your password:<br>\n" + "<A HRef=\"" + baseURI + "/CFAsteriskSMWarResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "\">" + baseURI + "/CFAsteriskSMWarResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "</A>\n" + "<p>" + "Or click on the following link to cancel the reset request:<br>\n" + "<A HRef=\"" + baseURI + "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "\">" + baseURI + "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID=" + resetUUID.toString() + "</A>\n" + "</BODY>\n" + "</HTML>\n"; MimeMessage msg = new MimeMessage(emailSess); msg.setFrom(new InternetAddress(smtpEmailFrom)); InternetAddress mailTo[] = InternetAddress.parse(resetUser.getRequiredEMailAddress(), false); msg.setRecipient(Message.RecipientType.TO, mailTo[0]); msg.setSubject( "You requested a password reset for your account with " + clusterDescription + "?"); msg.setContent(msgBody, "text/html"); msg.setSentDate(new Date()); msg.saveChanges(); Transport.send(msg); }
/** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { final String S_ProcName = "doPost"; ICFAsteriskSchemaObj schemaObj; HttpSession sess = request.getSession(false); if (sess == null) { sess = request.getSession(true); schemaObj = new CFAsteriskSchemaPooledObj(); sess.setAttribute("SchemaObj", schemaObj); } else { schemaObj = (ICFAsteriskSchemaObj) sess.getAttribute("SchemaObj"); if (schemaObj == null) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException(getClass(), S_ProcName, 0, "schemaObj"); } } ICFAsteriskSchema dbSchema = null; try { CFSecurityAuthorization auth = schemaObj.getAuthorization(); if (auth != null) { response.sendRedirect("CFAsteriskSMWarSecurityMainHtml"); return; } dbSchema = (ICFAsteriskSchema) CFAsteriskSchemaPool.getSchemaPool().getInstance(); schemaObj.setBackingStore(dbSchema); schemaObj.beginTransaction(); ICFSecuritySecUserObj systemUser = schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system"); String passwordHash = systemUser.getRequiredPasswordHash(); if ((passwordHash == null) || (passwordHash.length() <= 0) || passwordHash.equals("bootstrap")) { response.sendRedirect("CFAsteriskSMWarSetSystemPasswordHtml"); } ICFSecurityClusterObj resolvedCluster; ICFSecuritySysClusterObj sysCluster = schemaObj.getSysClusterTableObj().readSysClusterByIdIdx(1, false); if (sysCluster == null) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException(getClass(), S_ProcName, 0, "sysCluster"); } resolvedCluster = sysCluster.getRequiredContainerCluster(); if (resolvedCluster == null) { throw CFLib.getDefaultExceptionFactory() .newNullArgumentException(getClass(), S_ProcName, "resolvedCluster"); } String clusterDomainName = resolvedCluster.getRequiredFullDomainName(); String clusterDescription = resolvedCluster.getRequiredDescription(); String loginId = (String) request.getParameter("LoginId"); if ((loginId == null) || (loginId.length() <= 0)) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println( "<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">ERROR</H2>"); out.println("<p style=\"text-align:center\">"); out.println("You must specify a login id to reset."); out.println("<p style=\"text-align:center\">"); out.println("Enter the login you'd like to request a password reset for."); out.println("<p>"); out.println("<center>"); out.println("<table style=\"width:60%\">"); out.println( "<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>"); out.println( "<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>"); out.println( "<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to " + clusterDescription + " Security Manager Login</A></td></tr>"); out.println("</table>"); out.println("</center>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); return; } ICFSecuritySecUserObj authenticatingUser = schemaObj.getSecUserTableObj().readSecUserByULoginIdx(loginId, true); if (authenticatingUser == null) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println( "<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">ERROR</H2>"); out.println("<p style=\"text-align:center\">"); out.println("Login id not found."); out.println("<p style=\"text-align:center\">"); out.println("Enter the login you'd like to request a password reset for."); out.println("<p>"); out.println("<center>"); out.println("<table style=\"width:60%\">"); out.println( "<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>"); out.println( "<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>"); out.println( "<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to " + clusterDescription + " Security Manager Login</A></td></tr>"); out.println("</table>"); out.println("</center>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); return; } if (null != authenticatingUser.getOptionalPasswordResetUuid()) { sendPasswordResetEMail(request, authenticatingUser, resolvedCluster); response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println( "<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">INFO</H2>"); out.println("<p style=\"text-align:center\">"); out.println("Password reset email resent."); out.println("<center>"); out.println("<table style=\"width:60%\">"); out.println( "<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to " + clusterDescription + " Security Manager Login</A></td></tr>"); out.println("</table>"); out.println("</center>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); } ICFSecurityClusterObj systemCluster = schemaObj.getClusterTableObj().readClusterByUDomainNameIdx("system"); ICFSecurityTenantObj systemTenant = schemaObj .getTenantTableObj() .readTenantByUNameIdx(systemCluster.getRequiredId(), "system"); ICFSecuritySecSessionObj systemSession = schemaObj.getSecSessionTableObj().newInstance(); ICFSecuritySecSessionEditObj editSystemSession = (ICFSecuritySecSessionEditObj) systemSession.beginEdit(); editSystemSession.setRequiredContainerSecUser(systemUser); editSystemSession.setRequiredStart(Calendar.getInstance()); systemSession = editSystemSession.create(); editSystemSession.endEdit(); auth = new CFSecurityAuthorization(); auth.setSecCluster(systemCluster); auth.setSecTenant(systemTenant); auth.setSecSession(systemSession); schemaObj.setAuthorization(auth); ICFSecuritySecUserEditObj editAuthenticatingUser = authenticatingUser.beginEdit(); editAuthenticatingUser.setOptionalPasswordResetUuid(UUID.randomUUID()); editAuthenticatingUser.update(); editAuthenticatingUser.endEdit(); editSystemSession = (ICFSecuritySecSessionEditObj) systemSession.beginEdit(); editSystemSession.setOptionalFinish(Calendar.getInstance()); editSystemSession.update(); editSystemSession.endEdit(); schemaObj.setAuthorization(null); schemaObj.commit(); sendPasswordResetEMail(request, authenticatingUser, resolvedCluster); response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">"); out.println( "<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">INFO</H2>"); out.println("<p style=\"text-align:center\">"); out.println( "Password reset email sent. Please use the links in the email to set a new password or to cancel the request."); out.println("<center>"); out.println("<table style=\"width:60%\">"); out.println( "<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to " + clusterDescription + " Security Manager Login</A></td></tr>"); out.println("</table>"); out.println("</center>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); } catch (MessagingException e) { throw CFLib.getDefaultExceptionFactory() .newRuntimeException( getClass(), S_ProcName, "Caught MessagingException -- " + e.getMessage(), e); } catch (NamingException e) { throw CFLib.getDefaultExceptionFactory() .newRuntimeException( getClass(), S_ProcName, "Caught NamingException -- " + e.getMessage(), e); } catch (RuntimeException e) { throw CFLib.getDefaultExceptionFactory() .newRuntimeException( getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e); } finally { if (dbSchema != null) { try { if (schemaObj.isTransactionOpen()) { schemaObj.rollback(); } } catch (RuntimeException e) { } schemaObj.setBackingStore(null); CFAsteriskSchemaPool.getSchemaPool().releaseInstance(dbSchema); } } }