protected void sendPasswordResetEMail(
HttpServletRequest request, ICFSecuritySecUserObj resetUser, ICFSecurityClusterObj cluster)
throws AddressException, MessagingException, NamingException {
final String S_ProcName = "sendPasswordResetEMail";
Properties props = System.getProperties();
String clusterDescription = cluster.getRequiredDescription();
Context ctx = new InitialContext();
String smtpEmailFrom = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpEmailFrom");
if ((smtpEmailFrom == null) || (smtpEmailFrom.length() <= 0)) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(
getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpEmailFrom");
}
smtpUsername = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpUsername");
if ((smtpUsername == null) || (smtpUsername.length() <= 0)) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(
getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpUsername");
}
smtpPassword = (String) ctx.lookup("java:comp/env/CFAsterisk26SmtpPassword");
if ((smtpPassword == null) || (smtpPassword.length() <= 0)) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(
getClass(), S_ProcName, 0, "JNDI lookup for CFAsterisk26SmtpPassword");
}
Session emailSess =
Session.getInstance(
props,
new Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(smtpUsername, smtpPassword);
}
});
String thisURI =
request.getScheme()
+ "://"
+ request.getServerName()
+ ":"
+ request.getServerPort()
+ request.getRequestURI().toString();
int lastSlash = thisURI.lastIndexOf('/');
String baseURI = thisURI.substring(0, lastSlash);
UUID resetUUID = resetUser.getOptionalPasswordResetUuid();
String msgBody =
"<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n"
+ "<HTML>\n"
+ "<BODY>\n"
+ "<p>\n"
+ "You requested a password reset for "
+ resetUser.getRequiredEMailAddress()
+ " used for accessing "
+ clusterDescription
+ ".\n"
+ "<p>"
+ "Please click on the following link to reset your password:<br>\n"
+ "<A HRef=\""
+ baseURI
+ "/CFAsteriskSMWarResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "\">"
+ baseURI
+ "/CFAsteriskSMWarResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "</A>\n"
+ "<p>"
+ "Or click on the following link to cancel the reset request:<br>\n"
+ "<A HRef=\""
+ baseURI
+ "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "\">"
+ baseURI
+ "/CFAsteriskSMWarCancelResetPasswordHtml?ResetUUID="
+ resetUUID.toString()
+ "</A>\n"
+ "</BODY>\n"
+ "</HTML>\n";
MimeMessage msg = new MimeMessage(emailSess);
msg.setFrom(new InternetAddress(smtpEmailFrom));
InternetAddress mailTo[] = InternetAddress.parse(resetUser.getRequiredEMailAddress(), false);
msg.setRecipient(Message.RecipientType.TO, mailTo[0]);
msg.setSubject(
"You requested a password reset for your account with " + clusterDescription + "?");
msg.setContent(msgBody, "text/html");
msg.setSentDate(new Date());
msg.saveChanges();
Transport.send(msg);
}
/** @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
final String S_ProcName = "doGet";
ICFAsteriskSchemaObj schemaObj;
HttpSession sess = request.getSession(false);
if (sess == null) {
sess = request.getSession(true);
schemaObj = new CFAsteriskSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
} else {
schemaObj = (ICFAsteriskSchemaObj) sess.getAttribute("SchemaObj");
if (schemaObj == null) {
schemaObj = new CFAsteriskSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
}
}
ICFAsteriskSchema dbSchema = null;
try {
CFSecurityAuthorization auth = schemaObj.getAuthorization();
if (auth != null) {
response.sendRedirect("CFAsteriskSMWarSecurityMainHtml");
return;
}
dbSchema = (ICFAsteriskSchema) CFAsteriskSchemaPool.getSchemaPool().getInstance();
schemaObj.setBackingStore(dbSchema);
schemaObj.beginTransaction();
ICFSecuritySecUserObj systemUser =
schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system");
String passwordHash = systemUser.getRequiredPasswordHash();
if ((passwordHash == null)
|| (passwordHash.length() <= 0)
|| passwordHash.equals("bootstrap")) {
response.sendRedirect("CFAsteriskSMWarSetSystemPasswordHtml");
return;
}
ICFSecuritySysClusterObj sysCluster =
schemaObj.getSysClusterTableObj().readSysClusterByIdIdx(1, false);
if (sysCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, 0, "sysCluster");
}
ICFSecurityClusterObj resolvedCluster = sysCluster.getRequiredContainerCluster();
if (resolvedCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, "resolvedCluster");
}
String clusterDomainName = resolvedCluster.getRequiredFullDomainName();
String clusterDescription = resolvedCluster.getRequiredDescription();
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println(
"<H2 style=\"text-align:center\">Enter the login you'd like to request a password reset for.</H2>");
out.println("<p>");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>");
out.println(
"<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
} catch (RuntimeException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e);
} finally {
if (dbSchema != null) {
try {
if (schemaObj.isTransactionOpen()) {
schemaObj.rollback();
}
} catch (RuntimeException e) {
}
schemaObj.setBackingStore(null);
CFAsteriskSchemaPool.getSchemaPool().releaseInstance(dbSchema);
}
}
}
/** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
final String S_ProcName = "doPost";
ICFAsteriskSchemaObj schemaObj;
HttpSession sess = request.getSession(false);
if (sess == null) {
sess = request.getSession(true);
schemaObj = new CFAsteriskSchemaPooledObj();
sess.setAttribute("SchemaObj", schemaObj);
} else {
schemaObj = (ICFAsteriskSchemaObj) sess.getAttribute("SchemaObj");
if (schemaObj == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, 0, "schemaObj");
}
}
ICFAsteriskSchema dbSchema = null;
try {
CFSecurityAuthorization auth = schemaObj.getAuthorization();
if (auth != null) {
response.sendRedirect("CFAsteriskSMWarSecurityMainHtml");
return;
}
dbSchema = (ICFAsteriskSchema) CFAsteriskSchemaPool.getSchemaPool().getInstance();
schemaObj.setBackingStore(dbSchema);
schemaObj.beginTransaction();
ICFSecuritySecUserObj systemUser =
schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system");
String passwordHash = systemUser.getRequiredPasswordHash();
if ((passwordHash == null)
|| (passwordHash.length() <= 0)
|| passwordHash.equals("bootstrap")) {
response.sendRedirect("CFAsteriskSMWarSetSystemPasswordHtml");
}
ICFSecurityClusterObj resolvedCluster;
ICFSecuritySysClusterObj sysCluster =
schemaObj.getSysClusterTableObj().readSysClusterByIdIdx(1, false);
if (sysCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, 0, "sysCluster");
}
resolvedCluster = sysCluster.getRequiredContainerCluster();
if (resolvedCluster == null) {
throw CFLib.getDefaultExceptionFactory()
.newNullArgumentException(getClass(), S_ProcName, "resolvedCluster");
}
String clusterDomainName = resolvedCluster.getRequiredFullDomainName();
String clusterDescription = resolvedCluster.getRequiredDescription();
String loginId = (String) request.getParameter("LoginId");
if ((loginId == null) || (loginId.length() <= 0)) {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println(
"<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">ERROR</H2>");
out.println("<p style=\"text-align:center\">");
out.println("You must specify a login id to reset.");
out.println("<p style=\"text-align:center\">");
out.println("Enter the login you'd like to request a password reset for.");
out.println("<p>");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>");
out.println(
"<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
return;
}
ICFSecuritySecUserObj authenticatingUser =
schemaObj.getSecUserTableObj().readSecUserByULoginIdx(loginId, true);
if (authenticatingUser == null) {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println(
"<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">ERROR</H2>");
out.println("<p style=\"text-align:center\">");
out.println("Login id not found.");
out.println("<p style=\"text-align:center\">");
out.println("Enter the login you'd like to request a password reset for.");
out.println("<p>");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><th style=\"text-align:left\">Login Id:</th><td><input type=\"text\" name=\"LoginId\"/></td></tr>");
out.println(
"<tr><td colspan=\"2\" style=\"text-align:center\"><button type=\"submit\" name=\"Ok, Request Password Reset\"\">Ok</button></td></tr>");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
return;
}
if (null != authenticatingUser.getOptionalPasswordResetUuid()) {
sendPasswordResetEMail(request, authenticatingUser, resolvedCluster);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println(
"<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">INFO</H2>");
out.println("<p style=\"text-align:center\">");
out.println("Password reset email resent.");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
}
ICFSecurityClusterObj systemCluster =
schemaObj.getClusterTableObj().readClusterByUDomainNameIdx("system");
ICFSecurityTenantObj systemTenant =
schemaObj
.getTenantTableObj()
.readTenantByUNameIdx(systemCluster.getRequiredId(), "system");
ICFSecuritySecSessionObj systemSession = schemaObj.getSecSessionTableObj().newInstance();
ICFSecuritySecSessionEditObj editSystemSession =
(ICFSecuritySecSessionEditObj) systemSession.beginEdit();
editSystemSession.setRequiredContainerSecUser(systemUser);
editSystemSession.setRequiredStart(Calendar.getInstance());
systemSession = editSystemSession.create();
editSystemSession.endEdit();
auth = new CFSecurityAuthorization();
auth.setSecCluster(systemCluster);
auth.setSecTenant(systemTenant);
auth.setSecSession(systemSession);
schemaObj.setAuthorization(auth);
ICFSecuritySecUserEditObj editAuthenticatingUser = authenticatingUser.beginEdit();
editAuthenticatingUser.setOptionalPasswordResetUuid(UUID.randomUUID());
editAuthenticatingUser.update();
editAuthenticatingUser.endEdit();
editSystemSession = (ICFSecuritySecSessionEditObj) systemSession.beginEdit();
editSystemSession.setOptionalFinish(Calendar.getInstance());
editSystemSession.update();
editSystemSession.endEdit();
schemaObj.setAuthorization(null);
schemaObj.commit();
sendPasswordResetEMail(request, authenticatingUser, resolvedCluster);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">");
out.println("<HTML>");
out.println("<BODY>");
out.println("<form method=\"post\" formaction=\"CFAsteriskSMWarRequestResetPasswordHtml\">");
out.println(
"<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>");
out.println("<H2 style=\"text-align:center\">INFO</H2>");
out.println("<p style=\"text-align:center\">");
out.println(
"Password reset email sent. Please use the links in the email to set a new password or to cancel the request.");
out.println("<center>");
out.println("<table style=\"width:60%\">");
out.println(
"<tr><td colSpan=\"2\" style=\"text-align:center\"><A HRef=\"CFAsteriskSMWarLoginHtml\">Back to "
+ clusterDescription
+ " Security Manager Login</A></td></tr>");
out.println("</table>");
out.println("</center>");
out.println("</form>");
out.println("</BODY>");
out.println("</HTML>");
} catch (MessagingException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught MessagingException -- " + e.getMessage(), e);
} catch (NamingException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught NamingException -- " + e.getMessage(), e);
} catch (RuntimeException e) {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e);
} finally {
if (dbSchema != null) {
try {
if (schemaObj.isTransactionOpen()) {
schemaObj.rollback();
}
} catch (RuntimeException e) {
}
schemaObj.setBackingStore(null);
CFAsteriskSchemaPool.getSchemaPool().releaseInstance(dbSchema);
}
}
}