/** * {@inheritDoc} */ @Override @SuppressWarnings("unchecked") public boolean execute(IActionHandler actionHandler, Map<String, Object> context) { Map<String, Object> actionParam = (Map<String, Object>) context .get(ActionContextConstants.ACTION_PARAM); char[] typedPasswd = (char[]) actionParam.get(PASSWD_TYPED); char[] retypedPasswd = (char[]) actionParam.get(PASSWD_RETYPED); if (!Arrays.equals(typedPasswd, retypedPasswd)) { throw new ActionBusinessException( "Typed and retyped passwords are different.", "password.typed.retyped.different"); } UserPrincipal principal = getApplicationSession(context).getPrincipal(); if (changePassword(principal, (char[]) actionParam.get(PASSWD_CURRENT), typedPasswd)) { context.put(ActionContextConstants.ACTION_PARAM, getTranslationProvider( context) .getTranslation("password.change.success", getLocale(context))); return super.execute(actionHandler, context); } return false; }
/** * {@inheritDoc} */ @Override public boolean execute(IActionHandler actionHandler, Map<String, Object> context) { Map<String, Object> actionParam = getModelConnector(context).getConnectorValue(); String typedPasswd = (String) actionParam.get(PASSWD_TYPED); String retypedPasswd = (String) actionParam.get(PASSWD_RETYPED); if (!ObjectUtils.equals(typedPasswd, retypedPasswd)) { throw new ActionBusinessException("Typed and retyped passwords are different.", "password.typed.retyped.different"); } checkPasswordValidity(typedPasswd, context); UserPrincipal principal = getApplicationSession(context).getPrincipal(); if (changePassword(principal, (String) actionParam.get(PASSWD_CURRENT), typedPasswd)) { setActionParameter(getTranslationProvider(context).getTranslation("password.change.success", getLocale(context)), context); return super.execute(actionHandler, context); } return false; }
/** * Gives the opportunity to check the new password validity against some * business rule. Buy default, it only checks that the password is not empty * if {@code allowEmptyPassword} is {@code false}. * * @param typedPasswd the password to check. * @param context the context */ protected void checkPasswordValidity(String typedPasswd, Map<String, Object> context) { if (!isAllowEmptyPasswords() && (typedPasswd == null || typedPasswd.length() == 0)) { throw new ActionBusinessException("Empty passwords are not allowed.", "password.empty.disallowed"); } if (!isAllowLoginPasswords() && ObjectUtils.equals(typedPasswd, getApplicationSession(context).getUsername())) { throw new ActionBusinessException("Passwords which are identical to username are not allowed.", "password.login.disallowed"); } if (getPasswordRegex() != null && !Pattern.matches(getPasswordRegex(), typedPasswd)) { throw new ActionBusinessException("Password does not match enforcing rules.", "password.regex.failed", getPasswordRegexSample()); } }