Example 1 with PasswordRequirementsDao
use of org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao in project OpenClinica by OpenClinica.
the class ConfigurePasswordRequirementsServlet method processRequest.
@Override
protected void processRequest() throws Exception {
FormProcessor fp = new FormProcessor(request);
ConfigurationDao configurationDao = SpringServletAccess.getApplicationContext(context).getBean(ConfigurationDao.class);
PasswordRequirementsDao passwordRequirementsDao = new PasswordRequirementsDao(configurationDao);
if (!fp.isSubmitted()) {
setPresetValues(new HashMap<String, Object>(passwordRequirementsDao.configs()));
forwardPage(Page.CONFIGURATION_PASSWORD_REQUIREMENTS);
} else {
Validator v = new Validator(request);
for (String key : passwordRequirementsDao.intConfigKeys()) {
v.addValidation(key, Validator.IS_AN_INTEGER);
}
HashMap<?, ?> errors = v.validate();
int minChars = fp.getInt("pwd.chars.min");
int maxChars = fp.getInt("pwd.chars.max");
if (minChars > 0 && maxChars > 0 && maxChars < minChars) {
Validator.addError(errors, "pwd.chars.min", resexception.getString("pwd_min_greater_than_max"));
}
if (errors.isEmpty()) {
passwordRequirementsDao.setHasLower(Boolean.valueOf(fp.getString("pwd.chars.case.lower")));
passwordRequirementsDao.setHasUpper(Boolean.valueOf(fp.getString("pwd.chars.case.upper")));
passwordRequirementsDao.setHasDigits(Boolean.valueOf(fp.getString("pwd.chars.digits")));
passwordRequirementsDao.setHasSpecials(Boolean.valueOf(fp.getString("pwd.chars.specials")));
passwordRequirementsDao.setMinLength(fp.getInt("pwd.chars.min"));
passwordRequirementsDao.setMaxLength(fp.getInt("pwd.chars.max"));
passwordRequirementsDao.setExpirationDays(fp.getInt("pwd.expiration.days"));
passwordRequirementsDao.setChangeRequired(fp.getInt("pwd.change.required"));
addPageMessage(respage.getString("password_req_changes_have_been_saved"));
forwardPage(Page.LIST_USER_ACCOUNTS_SERVLET);
} else {
setPresetValues(submittedValues(passwordRequirementsDao, fp));
setInputMessages(errors);
forwardPage(Page.CONFIGURATION_PASSWORD_REQUIREMENTS);
}
}
}
Also used :
ConfigurationDao(org.akaza.openclinica.dao.hibernate.ConfigurationDao)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
PasswordRequirementsDao(org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao)
Validator(org.akaza.openclinica.control.form.Validator)
Example 2 with PasswordRequirementsDao
use of org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao in project OpenClinica by OpenClinica.
the class ResetPasswordServlet method processRequest.
/**
* Tasks include:
* <ol>
* <li>Validation:
* <ol>
* <li>1. old password match database record
* <li>2. new password is follows requirements
* <li>4. two times entered passwords are same
* <li>5. all required fields are filled
* </ol>
* <li>Update ub - UserAccountBean - in session and database
* </ol>
*/
@Override
public void processRequest() throws Exception {
logger.info("Change expired password");
UserAccountDAO udao = new UserAccountDAO(sm.getDataSource());
Validator v = new Validator(request);
errors.clear();
FormProcessor fp = new FormProcessor(request);
String mustChangePwd = request.getParameter("mustChangePwd");
String newPwd = fp.getString("passwd").trim();
String passwdChallengeQ = fp.getString("passwdChallengeQ");
String passwdChallengeA = fp.getString("passwdChallengeA");
if ("yes".equalsIgnoreCase(mustChangePwd)) {
addPageMessage(respage.getString("your_password_has_expired_must_change"));
} else {
addPageMessage(respage.getString("password_expired") + " " + respage.getString("if_you_do_not_want_change_leave_blank"));
}
request.setAttribute("mustChangePass", mustChangePwd);
String oldPwd = fp.getString("oldPasswd").trim();
// user bean from web
UserAccountBean ubForm = new UserAccountBean();
// form
ubForm.setPasswd(oldPwd);
ubForm.setPasswdChallengeQuestion(passwdChallengeQ);
ubForm.setPasswdChallengeAnswer(passwdChallengeA);
request.setAttribute("userBean1", ubForm);
SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
if (!sm.isPasswordValid(ub.getPasswd(), oldPwd, getUserDetails())) {
Validator.addError(errors, "oldPasswd", resexception.getString("wrong_old_password"));
request.setAttribute("formMessages", errors);
forwardPage(Page.RESET_PASSWORD);
} else {
if (mustChangePwd.equalsIgnoreCase("yes")) {
v.addValidation("passwd", Validator.NO_BLANKS);
v.addValidation("passwd1", Validator.NO_BLANKS);
v.addValidation("passwdChallengeQ", Validator.NO_BLANKS);
v.addValidation("passwdChallengeA", Validator.NO_BLANKS);
v.addValidation("passwd", Validator.CHECK_DIFFERENT, "oldPasswd");
}
String newDigestPass = sm.encrytPassword(newPwd, getUserDetails());
List<String> pwdErrors = new ArrayList<String>();
if (!StringUtils.isEmpty(newPwd)) {
v.addValidation("passwd", Validator.IS_A_PASSWORD);
v.addValidation("passwd1", Validator.CHECK_SAME, "passwd");
ConfigurationDao configurationDao = SpringServletAccess.getApplicationContext(context).getBean(ConfigurationDao.class);
PasswordRequirementsDao passwordRequirementsDao = new PasswordRequirementsDao(configurationDao);
Locale locale = LocaleResolver.getLocale(request);
ResourceBundle resexception = ResourceBundleProvider.getExceptionsBundle(locale);
pwdErrors = PasswordValidator.validatePassword(passwordRequirementsDao, udao, ub.getId(), newPwd, newDigestPass, resexception);
}
errors = v.validate();
for (String err : pwdErrors) {
v.addError(errors, "passwd", err);
}
if (!errors.isEmpty()) {
logger.info("ResetPassword page has validation errors");
request.setAttribute("formMessages", errors);
forwardPage(Page.RESET_PASSWORD);
} else {
logger.info("ResetPassword page has no errors");
if (!StringUtils.isBlank(newPwd)) {
ub.setPasswd(newDigestPass);
ub.setPasswdTimestamp(new Date());
} else if ("no".equalsIgnoreCase(mustChangePwd)) {
ub.setPasswdTimestamp(new Date());
}
ub.setOwner(ub);
// when update ub, updator id is required
ub.setUpdater(ub);
ub.setPasswdChallengeQuestion(passwdChallengeQ);
ub.setPasswdChallengeAnswer(passwdChallengeA);
udao.update(ub);
ArrayList<String> pageMessages = new ArrayList<String>();
request.setAttribute(PAGE_MESSAGE, pageMessages);
addPageMessage(respage.getString("your_expired_password_reset_successfully"));
ub.incNumVisitsToMainMenu();
forwardPage(Page.MENU_SERVLET);
}
}
}
Also used :
Locale(java.util.Locale)
ConfigurationDao(org.akaza.openclinica.dao.hibernate.ConfigurationDao)
SecurityManager(org.akaza.openclinica.core.SecurityManager)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
ArrayList(java.util.ArrayList)
UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO)
Date(java.util.Date)
UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean)
ResourceBundle(java.util.ResourceBundle)
PasswordRequirementsDao(org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao)
Validator(org.akaza.openclinica.control.form.Validator)
Example 3 with PasswordRequirementsDao
use of org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao in project OpenClinica by OpenClinica.
the class UpdateProfileServlet method confirmProfile.
private void confirmProfile(UserAccountBean userBean1, UserAccountDAO udao) throws Exception {
Validator v = new Validator(request);
FormProcessor fp = new FormProcessor(request);
v.addValidation("firstName", Validator.NO_BLANKS);
v.addValidation("lastName", Validator.NO_BLANKS);
v.addValidation("email", Validator.IS_A_EMAIL);
if (!userBean1.isLdapUser()) {
v.addValidation("passwdChallengeQuestion", Validator.NO_BLANKS);
v.addValidation("passwdChallengeAnswer", Validator.NO_BLANKS);
// old password
v.addValidation("oldPasswd", Validator.NO_BLANKS);
String password = fp.getString("passwd").trim();
ConfigurationDao configurationDao = SpringServletAccess.getApplicationContext(context).getBean(ConfigurationDao.class);
org.akaza.openclinica.core.SecurityManager sm = (org.akaza.openclinica.core.SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager");
String newDigestPass = sm.encrytPassword(password, getUserDetails());
List<String> pwdErrors = new ArrayList<String>();
if (!StringUtils.isBlank(password)) {
// new password
v.addValidation("passwd", Validator.IS_A_PASSWORD);
// confirm
v.addValidation("passwd1", Validator.CHECK_SAME, "passwd");
// password
PasswordRequirementsDao passwordRequirementsDao = new PasswordRequirementsDao(configurationDao);
Locale locale = LocaleResolver.getLocale(request);
ResourceBundle resexception = ResourceBundleProvider.getExceptionsBundle(locale);
pwdErrors = PasswordValidator.validatePassword(passwordRequirementsDao, udao, userBean1.getId(), password, newDigestPass, resexception);
}
v.addValidation("phone", Validator.NO_BLANKS);
errors = v.validate();
for (String err : pwdErrors) {
v.addError(errors, "passwd", err);
}
userBean1.setFirstName(fp.getString("firstName"));
userBean1.setLastName(fp.getString("lastName"));
userBean1.setEmail(fp.getString("email"));
userBean1.setInstitutionalAffiliation(fp.getString("institutionalAffiliation"));
userBean1.setPasswdChallengeQuestion(fp.getString("passwdChallengeQuestion"));
userBean1.setPasswdChallengeAnswer(fp.getString("passwdChallengeAnswer"));
userBean1.setPhone(fp.getString("phone"));
userBean1.setActiveStudyId(fp.getInt("activeStudyId"));
StudyDAO sdao = new StudyDAO(this.sm.getDataSource());
StudyBean newActiveStudy = (StudyBean) sdao.findByPK(userBean1.getActiveStudyId());
request.setAttribute("newActiveStudy", newActiveStudy);
if (errors.isEmpty()) {
logger.info("no errors");
session.setAttribute("userBean1", userBean1);
String oldPass = fp.getString("oldPasswd").trim();
if (!userBean1.isLdapUser() && !sm.isPasswordValid(ub.getPasswd(), oldPass, getUserDetails())) {
Validator.addError(errors, "oldPasswd", resexception.getString("wrong_old_password"));
request.setAttribute("formMessages", errors);
// addPageMessage("Wrong old password. Please try again.");
forwardPage(Page.UPDATE_PROFILE);
} else {
if (!StringUtils.isBlank(fp.getString("passwd"))) {
userBean1.setPasswd(newDigestPass);
userBean1.setPasswdTimestamp(new Date());
}
session.setAttribute("userBean1", userBean1);
forwardPage(Page.UPDATE_PROFILE_CONFIRM);
}
} else {
logger.info("has validation errors");
session.setAttribute("userBean1", userBean1);
request.setAttribute("formMessages", errors);
forwardPage(Page.UPDATE_PROFILE);
}
}
}
Also used :
Locale(java.util.Locale)
ConfigurationDao(org.akaza.openclinica.dao.hibernate.ConfigurationDao)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean)
ArrayList(java.util.ArrayList)
Date(java.util.Date)
ResourceBundle(java.util.ResourceBundle)
PasswordRequirementsDao(org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao)
StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO)
Validator(org.akaza.openclinica.control.form.Validator)
Aggregations
FormProcessor (org.akaza.openclinica.control.form.FormProcessor)3
Validator (org.akaza.openclinica.control.form.Validator)3
ConfigurationDao (org.akaza.openclinica.dao.hibernate.ConfigurationDao)3
PasswordRequirementsDao (org.akaza.openclinica.dao.hibernate.PasswordRequirementsDao)3
ArrayList (java.util.ArrayList)2
Date (java.util.Date)2
Locale (java.util.Locale)2
ResourceBundle (java.util.ResourceBundle)2
UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)1
StudyBean (org.akaza.openclinica.bean.managestudy.StudyBean)1
SecurityManager (org.akaza.openclinica.core.SecurityManager)1
UserAccountDAO (org.akaza.openclinica.dao.login.UserAccountDAO)1
StudyDAO (org.akaza.openclinica.dao.managestudy.StudyDAO)1
