public SystemUser update(
SystemUserVO systemUserVO,
String oldPassword,
String[] roleNames,
String[] groupNames,
Database db)
throws ConstraintException, SystemException, Exception {
logger.info("systemUserVO:" + systemUserVO.getUserName());
logger.info("oldPassword:"******"newPassword:"******"roleNames:" + roleNames);
logger.info("groupNames:" + groupNames);
if (CmsPropertyHandler.getUsePasswordEncryption()) {
String password = systemUserVO.getPassword();
try {
byte[] encryptedPassRaw = DigestUtils.sha(password);
String encryptedPass = new String(new Base64().encode(encryptedPassRaw), "ASCII");
password = encryptedPass;
systemUserVO.setPassword(password);
byte[] encryptedOldPasswordRaw = DigestUtils.sha(oldPassword);
String encryptedOldPassword =
new String(new Base64().encode(encryptedOldPasswordRaw), "ASCII");
oldPassword = encryptedOldPassword;
} catch (Exception e) {
logger.error("Error generating password:"******"Wrong user or password.");
systemUserVO.setUserName(systemUser.getUserName());
if (roleNames != null) {
systemUser.getRoles().clear();
for (int i = 0; i < roleNames.length; i++) {
Role role = RoleController.getController().getRoleWithName(roleNames[i], db);
systemUser.getRoles().add(role);
role.getSystemUsers().add(systemUser);
}
}
if (groupNames != null) {
systemUser.getGroups().clear();
for (int i = 0; i < groupNames.length; i++) {
Group group = GroupController.getController().getGroupWithName(groupNames[i], db);
systemUser.getGroups().add(group);
group.getSystemUsers().add(systemUser);
}
}
// systemUserVO.setPassword(systemUser.getPassword());
systemUser.setValueObject(systemUserVO);
return systemUser;
}
public SystemUser update(
SystemUserVO systemUserVO, String[] roleNames, String[] groupNames, Database db)
throws ConstraintException, SystemException {
SystemUser systemUser = getSystemUserWithName(systemUserVO.getUserName(), db);
systemUserVO.setUserName(systemUser.getUserName());
if (roleNames != null) {
systemUser.getRoles().clear();
for (int i = 0; i < roleNames.length; i++) {
Role role = RoleController.getController().getRoleWithName(roleNames[i], db);
systemUser.getRoles().add(role);
role.getSystemUsers().add(systemUser);
}
}
if (groupNames != null) {
systemUser.getGroups().clear();
for (int i = 0; i < groupNames.length; i++) {
Group group = GroupController.getController().getGroupWithName(groupNames[i], db);
systemUser.getGroups().add(group);
group.getSystemUsers().add(systemUser);
}
}
systemUserVO.setPassword(systemUser.getPassword());
systemUser.setValueObject(systemUserVO);
return systemUser;
}
/** This method handles all of the logic for checking how to handle a login. */
public String authenticateUser(
HttpServletRequest request, HttpServletResponse response, FilterChain fc) throws Exception {
String authenticatedUserName = null;
try {
String j_userName = request.getParameter("j_username");
String j_password = request.getParameter("j_password");
logger.info("userName:"******"=" + j_password);
String allowedDirectLoginNames = CmsPropertyHandler.getAllowedDirectLoginNames();
logger.info("allowedDirectLoginNames:" + allowedDirectLoginNames);
String[] allowedDirectLoginNamesArray = allowedDirectLoginNames.split(",");
for (String allowedUserName : allowedDirectLoginNamesArray) {
logger.info("allowedUserName:"******"Was allowed - let's try to authenticate:" + allowedUserName);
SystemUserVO systemUserVO =
SystemUserController.getController().getSystemUserVO(allowedUserName, j_password);
logger.info("Was it found:" + systemUserVO);
if (systemUserVO != null) return systemUserVO.getUserName();
}
}
} catch (Exception e) {
logger.error(
"Could not check if the user was allowed to log in with url parameters:" + e.getMessage(),
e);
}
String ticket = request.getParameter("ticket");
logger.info("ticket:" + ticket);
// no ticket? abort request processing and redirect
if (ticket == null || ticket.equals("")) {
if (loginUrl == null) {
throw new ServletException(
"When InfoGlueFilter protects pages that do not receive a 'userName' "
+ "parameter, it needs a org.infoglue.cms.security.loginUrl "
+ "filter parameter");
}
String requestURI = request.getRequestURI();
String queryString = "" + request.getQueryString();
logger.info("requestURI:" + requestURI);
String redirectUrl = "";
if (CmsPropertyHandler.getApplicationName() == null
|| CmsPropertyHandler.getApplicationName().equalsIgnoreCase("deliver")
|| requestURI.indexOf("ViewCMSTool.action") > -1
|| requestURI.indexOf("Admin.action") > -1
|| requestURI.toLowerCase().indexOf("standalone") > -1
|| requestURI.indexOf("workflows") > -1
|| requestURI.indexOf("ViewDigitalAsset") > -1
|| requestURI.indexOf("Editor") > -1
|| requestURI.indexOf("ViewCommonAjaxServices") > -1
|| requestURI.indexOf("binding") > -1
|| queryString.indexOf("directView") > -1) {
if (requestURI.indexOf("?") > 0)
redirectUrl =
loginUrl
+ "&service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals("")) ? "&renew=" + casRenew : "");
else
redirectUrl =
loginUrl
+ "?service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals("")) ? "&renew=" + casRenew : "");
logger.info("redirectUrl 1:" + redirectUrl);
response.sendRedirect(redirectUrl);
} else {
logger.info("redirectUrl 2:" + "index-cms.html");
response.sendRedirect("index-cms.html");
}
return null;
}
authenticatedUserName = authenticate(ticket);
logger.info("authenticatedUserName:"******"requestURI:" + requestURI);
String redirectUrl = "";
if (requestURI.indexOf("?") > 0)
redirectUrl =
loginUrl
+ "&service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals("")) ? "&renew=" + casRenew : "");
else
redirectUrl =
loginUrl
+ "?service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals("")) ? "&renew=" + casRenew : "");
logger.error("redirectUrl 2:" + redirectUrl);
response.sendRedirect(redirectUrl);
return null;
}
// request.getSession().setAttribute("ticket", ticket);
// fc.doFilter(request, response);
return authenticatedUserName;
}
/** This method handles all of the logic for checking how to handle a login. */
private String getAuthenticatedUserName(
HttpServletRequest request, HttpServletResponse response, Map status) throws Exception {
String authenticatedUserName = null;
String ticket = request.getParameter("ticket");
String gateway = (String) request.getAttribute("gateway");
logger.info("ticket:" + ticket);
logger.info("gateway:" + gateway);
String j_userName = (String) request.getParameter("j_username");
String j_password = (String) request.getParameter("j_password");
if (j_userName != null && j_password != null) {
String userName = CmsPropertyHandler.getAdministratorUserName();
// String password = CmsPropertyHandler.getAdministratorPassword();
boolean matchesRootPassword = CmsPropertyHandler.getMatchesAdministratorPassword(j_password);
if (j_userName.equals(userName) && matchesRootPassword) return j_userName;
/*
if(j_userName.equals(userName) && j_password.equals(password))
return j_userName;
*/
String anonymousUserName = CmsPropertyHandler.getAnonymousUser();
String anonymousPassword = CmsPropertyHandler.getAnonymousPassword();
if (j_userName.equals(anonymousUserName) && j_password.equals(anonymousPassword))
return j_userName;
try {
logger.info("userName:"******"=" + j_password);
String allowedDirectLoginNames = CmsPropertyHandler.getAllowedDirectLoginNames();
logger.info("allowedDirectLoginNames:" + allowedDirectLoginNames);
String[] allowedDirectLoginNamesArray = allowedDirectLoginNames.split(",");
for (String allowedUserName : allowedDirectLoginNamesArray) {
logger.info("allowedUserName:"******"Was allowed - let's try to authenticate:" + allowedUserName);
SystemUserVO systemUserVO =
SystemUserController.getController().getSystemUserVO(allowedUserName, j_password);
logger.info("Was it found:" + systemUserVO);
if (systemUserVO != null) return systemUserVO.getUserName();
}
}
} catch (Exception e) {
logger.error(
"Could not check if the user was allowed to log in with url parameters:"
+ e.getMessage(),
e);
}
}
// no ticket? abort request processing and redirect
if (ticket == null || ticket.equals("")) {
if (loginUrl == null) {
throw new ServletException(
"When InfoGlueFilter protects pages that do not receive a 'userName' "
+ "parameter, it needs a org.infoglue.cms.security.loginUrl "
+ "filter parameter");
}
String requestURI = request.getRequestURI();
logger.info("requestURI:" + requestURI);
String redirectUrl = "";
if (requestURI.indexOf("?") > 0)
redirectUrl =
loginUrl
+ "&service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals("")) ? "&renew=" + casRenew : "")
+ ((gateway != null && !gateway.equals("")) ? "&gateway=" + gateway : "");
else
redirectUrl =
loginUrl
+ "?service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals("")) ? "&renew=" + casRenew : "")
+ ((gateway != null && !gateway.equals("")) ? "&gateway=" + gateway : "");
logger.info("redirectUrl 6:" + redirectUrl);
response.sendRedirect(redirectUrl);
status.put("redirected", new Boolean(true));
return null;
}
authenticatedUserName = authenticate(ticket);
logger.info("authenticatedUserName:"******"requestURI:" + requestURI);
String redirectUrl = "";
if (requestURI.indexOf("?") > 0)
redirectUrl =
loginUrl
+ "&service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals(""))
? "&renew=" + casRenew
: "" + ((gateway != null && !gateway.equals("")) ? "&gateway=" + gateway : ""));
else
redirectUrl =
loginUrl
+ "?service="
+ getService(request)
+ ((casRenew != null && !casRenew.equals(""))
? "&renew=" + casRenew
: "" + ((gateway != null && !gateway.equals("")) ? "&gateway=" + gateway : ""));
logger.info("redirectUrl 7:" + redirectUrl);
response.sendRedirect(redirectUrl);
status.put("redirected", new Boolean(true));
return null;
}
return authenticatedUserName;
}
/** This method handles all of the logic for checking how to handle a login. */
public String authenticateUser(Map request) throws Exception {
String authenticatedUserName = null;
String j_userName = (String) request.get("j_username");
String j_password = (String) request.get("j_password");
if (j_userName != null && j_password != null) {
String userName = CmsPropertyHandler.getAdministratorUserName();
// String password = CmsPropertyHandler.getAdministratorPassword();
boolean matchesRootPassword = CmsPropertyHandler.getMatchesAdministratorPassword(j_password);
if (j_userName.equals(userName) && matchesRootPassword) return j_userName;
/*
if(j_userName.equals(userName) && j_password.equals(password))
return j_userName;
*/
String anonymousUserName = CmsPropertyHandler.getAnonymousUser();
String anonymousPassword = CmsPropertyHandler.getAnonymousPassword();
if (j_userName.equals(anonymousUserName) && j_password.equals(anonymousPassword))
return j_userName;
try {
logger.info("userName:"******"=" + j_password);
String allowedDirectLoginNames = CmsPropertyHandler.getAllowedDirectLoginNames();
logger.info("allowedDirectLoginNames:" + allowedDirectLoginNames);
String[] allowedDirectLoginNamesArray = allowedDirectLoginNames.split(",");
for (String allowedUserName : allowedDirectLoginNamesArray) {
logger.info("allowedUserName:"******"Was allowed - let's try to authenticate:" + allowedUserName);
SystemUserVO systemUserVO =
SystemUserController.getController().getSystemUserVO(allowedUserName, j_password);
logger.info("Was it found:" + systemUserVO);
if (systemUserVO != null) return systemUserVO.getUserName();
}
}
} catch (Exception e) {
logger.error(
"Could not check if the user was allowed to log in with url parameters:"
+ e.getMessage(),
e);
}
}
String ticket = (String) request.get("ticket");
logger.info("ticket:" + ticket);
// no ticket? abort request processing and redirect
if (ticket == null || ticket.equals("")) {
return null;
}
authenticatedUserName = authenticate(ticket);
if (logger.isInfoEnabled()) {
logger.info("authenticatedUserName:"******"CAS was called from authenticateUser:"******"DEBUG:" + e.getMessage(), e);
}
}
return authenticatedUserName;
}