Exemplo n.º 1
0
  /**
   * Process the input from the CC license page
   *
   * @param context current DSpace context
   * @param request current servlet request object
   * @param response current servlet response object
   * @param subInfo submission info object
   * @return Status or error flag which will be processed by doPostProcessing() below! (if
   *     STATUS_COMPLETE or 0 is returned, no errors occurred!)
   */
  protected int processCC(
      Context context,
      HttpServletRequest request,
      HttpServletResponse response,
      SubmissionInfo subInfo)
      throws ServletException, IOException, SQLException, AuthorizeException {
    String buttonPressed = Util.getSubmitButton(request, NEXT_BUTTON);

    // RLR hack - need to distinguish between progress bar real submission
    // (if cc_license_url exists, then users has accepted the CC License)
    String ccLicenseUrl = request.getParameter("cc_license_url");

    if (buttonPressed.equals("submit_no_cc")) {
      // Skipping the CC license - remove any existing license selection
      creativeCommonsService.removeLicense(context, subInfo.getSubmissionItem().getItem());
    } else if ((ccLicenseUrl != null) && (ccLicenseUrl.length() > 0)) {
      Item item = subInfo.getSubmissionItem().getItem();

      // save the CC license
      creativeCommonsService.setLicense(context, item, ccLicenseUrl);
    }

    // commit changes
    context.dispatchEvents();

    // completed without errors
    return STATUS_COMPLETE;
  }
Exemplo n.º 2
0
 /**
  * Do any processing of the information input by the user, and/or perform step processing (if no
  * user interaction required)
  *
  * <p>It is this method's job to save any data to the underlying database, as necessary, and
  * return error messages (if any) which can then be processed by the appropriate user interface
  * (JSP-UI or XML-UI)
  *
  * <p>NOTE: If this step is a non-interactive step (i.e. requires no UI), then it should perform
  * *all* of its processing in this method!
  *
  * @param context current DSpace context
  * @param request current servlet request object
  * @param response current servlet response object
  * @param subInfo submission info object
  * @return Status or error flag which will be processed by doPostProcessing() below! (if
  *     STATUS_COMPLETE or 0 is returned, no errors occurred!)
  */
 @Override
 public int doProcessing(
     Context context,
     HttpServletRequest request,
     HttpServletResponse response,
     SubmissionInfo subInfo)
     throws ServletException, IOException, SQLException, AuthorizeException, java.io.IOException {
   HttpSession session = request.getSession();
   session.setAttribute("inProgress", "TRUE");
   // check what submit button was pressed in User Interface
   String buttonPressed = Util.getSubmitButton(request, NEXT_BUTTON);
   if ("submit_grant".equalsIgnoreCase(buttonPressed)
       || "submit_no_cc".equalsIgnoreCase(buttonPressed)) {
     return processCC(context, request, response, subInfo);
   }
   String choiceButton = Util.getSubmitButton(request, SELECT_CHANGE);
   Enumeration e = request.getParameterNames();
   String isFieldRequired = "FALSE";
   while (e.hasMoreElements()) {
     String parameterName = (String) e.nextElement();
     if (parameterName.equals("button_required")) {
       isFieldRequired = "TRUE";
       break;
     }
   }
   session.setAttribute("isFieldRequired", isFieldRequired);
   if (choiceButton.equals(SELECT_CHANGE)) {
     Item item = subInfo.getSubmissionItem().getItem();
     LicenseMetadataValue uriField = creativeCommonsService.getCCField("uri");
     LicenseMetadataValue nameField = creativeCommonsService.getCCField("name");
     String licenseUri = uriField.ccItemValue(item);
     if (licenseUri != null)
     // if (CreativeCommons.hasLicense(item, "dc", "rights", "uri", Item.ANY)
     //	&& !CreativeCommons.getRightsURI(item, "dc", "rights", "uri", Item.ANY).equals(""))
     {
       // CreativeCommons.setItemMetadata(item, licenseURI, "dc", "rights", "uri",
       // ConfigurationManager.getProperty("default.locale"));
       uriField.removeItemValue(context, item, licenseUri);
       if (ConfigurationManager.getBooleanProperty("cc.submit.setname")) {
         String licenseName = nameField.keyedItemValue(item, licenseUri);
         nameField.removeItemValue(context, item, licenseName);
         // CreativeCommons.setItemMetadata(item, CreativeCommons.getRightsName(item, "dc",
         // "rights", null, Item.ANY), "dc", "rights", null,
         // ConfigurationManager.getProperty("default.locale"));
       }
       if (ConfigurationManager.getBooleanProperty("cc.submit.addBitstream")) {
         creativeCommonsService.removeLicense(context, item);
       }
       removeRequiredAttributes(session);
       itemService.update(context, item);
       context.dispatchEvents();
     }
     return STATUS_COMPLETE;
   } else if (buttonPressed.startsWith(PROGRESS_BAR_PREFIX)
       || buttonPressed.equals(PREVIOUS_BUTTON)) {
     removeRequiredAttributes(session);
   }
   if (buttonPressed.equals(NEXT_BUTTON) || buttonPressed.equals(CANCEL_BUTTON)) {
     return processCCWS(context, request, response, subInfo);
   } else {
     removeRequiredAttributes(session);
     session.removeAttribute("inProgress");
     return STATUS_COMPLETE;
   }
 }
Exemplo n.º 3
0
  /**
   * Process the input from the CC license page using CC Web service
   *
   * @param context current DSpace context
   * @param request current servlet request object
   * @param response current servlet response object
   * @param subInfo submission info object
   * @return Status or error flag which will be processed by doPostProcessing() below! (if
   *     STATUS_COMPLETE or 0 is returned, no errors occurred!)
   */
  protected int processCCWS(
      Context context,
      HttpServletRequest request,
      HttpServletResponse response,
      SubmissionInfo subInfo)
      throws ServletException, IOException, SQLException, AuthorizeException {

    HttpSession session = request.getSession();
    Map<String, String> map = new HashMap<String, String>();
    String licenseclass =
        (request.getParameter("licenseclass_chooser") != null)
            ? request.getParameter("licenseclass_chooser")
            : "";
    String jurisdiction =
        (ConfigurationManager.getProperty("cc.license.jurisdiction") != null)
            ? ConfigurationManager.getProperty("cc.license.jurisdiction")
            : "";
    if (licenseclass.equals("standard")) {
      map.put("commercial", request.getParameter("commercial_chooser"));
      map.put("derivatives", request.getParameter("derivatives_chooser"));
    } else if (licenseclass.equals("recombo")) {
      map.put("sampling", request.getParameter("sampling_chooser"));
    }
    map.put("jurisdiction", jurisdiction);
    CCLookup ccLookup = new CCLookup();
    LicenseMetadataValue uriField = creativeCommonsService.getCCField("uri");
    LicenseMetadataValue nameField = creativeCommonsService.getCCField("name");
    ccLookup.issue(licenseclass, map, ConfigurationManager.getProperty("cc.license.locale"));
    Item item = subInfo.getSubmissionItem().getItem();
    if (licenseclass.equals("xmlui.Submission.submit.CCLicenseStep.no_license")) {
      // only remove any previous licenses
      String licenseUri = uriField.ccItemValue(item);
      if (licenseUri != null) {
        uriField.removeItemValue(context, item, licenseUri);
        if (ConfigurationManager.getBooleanProperty("cc.submit.setname")) {
          String licenseName = nameField.keyedItemValue(item, licenseUri);
          nameField.removeItemValue(context, item, licenseName);
        }
        if (ConfigurationManager.getBooleanProperty("cc.submit.addBitstream")) {
          creativeCommonsService.removeLicense(context, item);
        }
        itemService.update(context, item);
        context.dispatchEvents();
        removeRequiredAttributes(session);
      }
      return STATUS_COMPLETE;
    } else if (licenseclass.equals("xmlui.Submission.submit.CCLicenseStep.select_change")) {
      removeRequiredAttributes(session);
      return STATUS_COMPLETE;
    } else if (ccLookup.isSuccess()) {
      uriField.addItemValue(context, item, ccLookup.getLicenseUrl());
      if (ConfigurationManager.getBooleanProperty("cc.submit.addbitstream")) {
        creativeCommonsService.setLicenseRDF(context, item, ccLookup.getRdf());
      }
      if (ConfigurationManager.getBooleanProperty("cc.submit.setname")) {
        nameField.addItemValue(context, item, ccLookup.getLicenseName());
      }
      itemService.update(context, item);
      context.dispatchEvents();
      removeRequiredAttributes(session);
      session.removeAttribute("inProgress");
    } else {
      request.getSession().setAttribute("ccError", ccLookup.getErrorMessage());
      String licenseUri = uriField.ccItemValue(item);
      if (licenseUri != null) {
        uriField.removeItemValue(context, item, licenseUri);
      }
      return STATUS_LICENSE_REJECTED;
    }
    return STATUS_COMPLETE;
  }
  /*
   * Authenticate the given credentials.
   * This is the heart of the authentication method: test the
   * credentials for authenticity, and if accepted, attempt to match
   * (or optionally, create) an <code>EPerson</code>.  If an <code>EPerson</code> is found it is
   * set in the <code>Context</code> that was passed.
   *
   * @param context
   *  DSpace context, will be modified (ePerson set) upon success.
   *
   * @param username
   *  Username (or email address) when method is explicit. Use null for
   *  implicit method.
   *
   * @param password
   *  Password for explicit auth, or null for implicit method.
   *
   * @param realm
   *  Realm is an extra parameter used by some authentication methods, leave null if
   *  not applicable.
   *
   * @param request
   *  The HTTP request that started this operation, or null if not applicable.
   *
   * @return One of:
   *   SUCCESS, BAD_CREDENTIALS, CERT_REQUIRED, NO_SUCH_USER, BAD_ARGS
   * <p>Meaning:
   * <br>SUCCESS         - authenticated OK.
   * <br>BAD_CREDENTIALS - user exists, but credentials (e.g. passwd) don't match
   * <br>CERT_REQUIRED   - not allowed to login this way without X.509 cert.
   * <br>NO_SUCH_USER    - user not found using this method.
   * <br>BAD_ARGS        - user/pw not appropriate for this method
   */
  @Override
  public int authenticate(
      Context context, String netid, String password, String realm, HttpServletRequest request)
      throws SQLException {
    log.info(LogManager.getHeader(context, "auth", "attempting trivial auth of user="******"authentication-ldap", "search.anonymous");
    String adminUser = ConfigurationManager.getProperty("authentication-ldap", "search.user");
    String adminPassword =
        ConfigurationManager.getProperty("authentication-ldap", "search.password");
    String objectContext =
        ConfigurationManager.getProperty("authentication-ldap", "object_context");
    String idField = ConfigurationManager.getProperty("authentication-ldap", "id_field");
    String dn = "";

    // If adminUser is blank and anonymous search is not allowed, then we can't search so construct
    // the DN instead of searching it
    if ((StringUtils.isBlank(adminUser) || StringUtils.isBlank(adminPassword))
        && !anonymousSearch) {
      dn = idField + "=" + netid + "," + objectContext;
    } else {
      dn = ldap.getDNOfUser(adminUser, adminPassword, context, netid);
    }

    // Check a DN was found
    if ((dn == null) || (dn.trim().equals(""))) {
      log.info(LogManager.getHeader(context, "failed_login", "no DN found for user " + netid));
      return BAD_CREDENTIALS;
    }

    // if they entered a netid that matches an eperson
    if (eperson != null) {
      // e-mail address corresponds to active account
      if (eperson.getRequireCertificate()) {
        return CERT_REQUIRED;
      } else if (!eperson.canLogIn()) {
        return BAD_ARGS;
      }

      if (ldap.ldapAuthenticate(dn, password, context)) {
        context.setCurrentUser(eperson);

        // assign user to groups based on ldap dn
        assignGroups(dn, ldap.ldapGroup, context);

        log.info(LogManager.getHeader(context, "authenticate", "type=ldap"));
        return SUCCESS;
      } else {
        return BAD_CREDENTIALS;
      }
    } else {
      // the user does not already exist so try and authenticate them
      // with ldap and create an eperson for them

      if (ldap.ldapAuthenticate(dn, password, context)) {
        // Register the new user automatically
        log.info(LogManager.getHeader(context, "autoregister", "netid=" + netid));

        String email = ldap.ldapEmail;

        // Check if we were able to determine an email address from LDAP
        if (StringUtils.isEmpty(email)) {
          // If no email, check if we have a "netid_email_domain". If so, append it to the netid to
          // create email
          if (StringUtils.isNotEmpty(
              ConfigurationManager.getProperty("authentication-ldap", "netid_email_domain"))) {
            email =
                netid
                    + ConfigurationManager.getProperty("authentication-ldap", "netid_email_domain");
          } else {
            // We don't have a valid email address. We'll default it to 'netid' but log a warning
            log.warn(
                LogManager.getHeader(
                    context,
                    "autoregister",
                    "Unable to locate email address for account '"
                        + netid
                        + "', so it has been set to '"
                        + netid
                        + "'. "
                        + "Please check the LDAP 'email_field' OR consider configuring 'netid_email_domain'."));
            email = netid;
          }
        }

        if (StringUtils.isNotEmpty(email)) {
          try {
            eperson = ePersonService.findByEmail(context, email);
            if (eperson != null) {
              log.info(
                  LogManager.getHeader(context, "type=ldap-login", "type=ldap_but_already_email"));
              context.setIgnoreAuthorization(true);
              eperson.setNetid(netid.toLowerCase());
              ePersonService.update(context, eperson);
              context.dispatchEvents();
              context.setIgnoreAuthorization(false);
              context.setCurrentUser(eperson);

              // assign user to groups based on ldap dn
              assignGroups(dn, ldap.ldapGroup, context);

              return SUCCESS;
            } else {
              if (canSelfRegister(context, request, netid)) {
                // TEMPORARILY turn off authorisation
                try {
                  context.setIgnoreAuthorization(true);
                  eperson = ePersonService.create(context);
                  if (StringUtils.isNotEmpty(email)) {
                    eperson.setEmail(email);
                  }
                  if (StringUtils.isNotEmpty(ldap.ldapGivenName)) {
                    eperson.setFirstName(context, ldap.ldapGivenName);
                  }
                  if (StringUtils.isNotEmpty(ldap.ldapSurname)) {
                    eperson.setLastName(context, ldap.ldapSurname);
                  }
                  if (StringUtils.isNotEmpty(ldap.ldapPhone)) {
                    ePersonService.setMetadata(context, eperson, "phone", ldap.ldapPhone);
                  }
                  eperson.setNetid(netid.toLowerCase());
                  eperson.setCanLogIn(true);
                  authenticationService.initEPerson(context, request, eperson);
                  ePersonService.update(context, eperson);
                  context.dispatchEvents();
                  context.setCurrentUser(eperson);

                  // assign user to groups based on ldap dn
                  assignGroups(dn, ldap.ldapGroup, context);
                } catch (AuthorizeException e) {
                  return NO_SUCH_USER;
                } finally {
                  context.setIgnoreAuthorization(false);
                }

                log.info(
                    LogManager.getHeader(
                        context, "authenticate", "type=ldap-login, created ePerson"));
                return SUCCESS;
              } else {
                // No auto-registration for valid certs
                log.info(LogManager.getHeader(context, "failed_login", "type=ldap_but_no_record"));
                return NO_SUCH_USER;
              }
            }
          } catch (AuthorizeException e) {
            eperson = null;
          } finally {
            context.setIgnoreAuthorization(false);
          }
        }
      }
    }
    return BAD_ARGS;
  }