/** * This method checks if a new password follows the rules for * new passwords, which are defined by a Class implementing the * <code>{@link org.opencms.security.I_CmsPasswordHandler}</code> * interface and configured in the opencms.properties file.<p> * * If this method throws no exception the password is valid.<p> * * @param password the new password that has to be checked * * @throws CmsSecurityException if the password is not valid */ public void validatePassword(String password) throws CmsSecurityException { OpenCms.getPasswordHandler().validatePassword(password); }
/** * This method checks if a new password follows the rules for * new passwords, which are defined by a Class implementing the * <code>{@link org.opencms.security.I_CmsPasswordHandler}</code> * interface and configured in the opencms.properties file.<p> * * If this method throws no exception the password is valid.<p> * * @param password the new password that has to be checked * * @throws CmsSecurityException if the password is not valid */ public void validatePassword(String password) throws CmsSecurityException { OpenCms.getPasswordHandler().validatePassword(password); }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map userInfo, List userGroups) throws CmsImportExportException { boolean convert = false; Map config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = Boolean.valueOf((String)config.get(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)).booleanValue(); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map userInfo, List userGroups) throws CmsImportExportException { boolean convert = false; Map config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = Boolean.valueOf((String)config.get(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)).booleanValue(); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map userInfo, List userGroups) throws CmsImportExportException { boolean convert = false; Map config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = Boolean.valueOf((String)config.get(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)).booleanValue(); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map userInfo, List userGroups) throws CmsImportExportException { boolean convert = false; Map config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = Boolean.valueOf((String)config.get(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)).booleanValue(); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * Sets the password of this user.<p> * * @param value the password to set */ public void setPassword(String value) { try { OpenCms.getPasswordHandler().validatePassword(value); } catch (CmsSecurityException e) { throw new CmsIllegalArgumentException(e.getMessageContainer()); } m_password = value; }
/** * Sets the password of this user.<p> * * @param value the password to set */ public void setPassword(String value) { try { OpenCms.getPasswordHandler().validatePassword(value); } catch (CmsSecurityException e) { throw new CmsIllegalArgumentException(e.getMessageContainer()); } m_password = value; }
/** * @see org.opencms.db.I_CmsUserDriver#readUser(org.opencms.db.CmsDbContext, java.lang.String, java.lang.String, String) */ public CmsUser readUser(CmsDbContext dbc, String userFqn, String password, String remoteAddress) throws CmsDataAccessException, CmsPasswordEncryptionException { CmsUser user = readUser(dbc, userFqn); if (OpenCms.getPasswordHandler().checkPassword(password, user.getPassword(), true)) { return user; } else { CmsMessageContainer message = org.opencms.db.Messages.get().container( org.opencms.db.Messages.ERR_UNKNOWN_USER_1, userFqn); if (LOG.isDebugEnabled()) { LOG.debug(message.key()); } throw new CmsDbEntryNotFoundException(message); } }
/** * Sets the new password.<p> * * @param newPwd the new password to set */ public void setNewPwd(String newPwd) { // leave password unchanged, if the new password is empty if (CmsStringUtil.isEmpty(newPwd)) { return; } try { OpenCms.getPasswordHandler().validatePassword(newPwd); } catch (CmsSecurityException e) { throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_INVALID_NEWPWD_0), e); } m_newPwd = newPwd; }
/** * Sets the new password.<p> * * @param newPwd the new password to set */ public void setNewPwd(String newPwd) { // leave password unchanged, if the new password is empty if (CmsStringUtil.isEmpty(newPwd)) { return; } try { OpenCms.getPasswordHandler().validatePassword(newPwd); } catch (CmsSecurityException e) { throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_INVALID_NEWPWD_0), e); } m_newPwd = newPwd; }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map<String, Object> userInfo, List<String> userGroups) throws CmsImportExportException { boolean convert = false; CmsParameterConfiguration config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = config.getBoolean(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING, false); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * @see org.opencms.db.I_CmsUserDriver#writePassword(org.opencms.db.CmsDbContext, java.lang.String, java.lang.String, java.lang.String) */ public void writePassword(CmsDbContext dbc, String userFqn, String oldPassword, String newPassword) throws CmsDataAccessException, CmsPasswordEncryptionException { // check if the old password is valid if (oldPassword != null) { readUser(dbc, userFqn, oldPassword, ""); } String pwd = newPassword; if (dbc.getRequestContext().getAttribute(REQ_ATTR_DONT_DIGEST_PASSWORD) == null) { pwd = OpenCms.getPasswordHandler().digest(newPassword); } try { Query q = m_sqlManager.createQuery(dbc, C_USERS_SET_PWD_3); q.setParameter(1, CmsOrganizationalUnit.getSimpleName(userFqn)); q.setParameter(2, CmsOrganizationalUnit.SEPARATOR + CmsOrganizationalUnit.getParentFqn(userFqn)); List<CmsDAOUsers> res = q.getResultList(); for (CmsDAOUsers u : res) { u.setUserPassword(pwd); } } catch (PersistenceException e) { throw new CmsDataAccessException(Messages.get().container(Messages.ERR_JPA_PERSITENCE_1, e), e); } }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map<String, Object> userInfo, List<String> userGroups) throws CmsImportExportException { boolean convert = false; CmsParameterConfiguration config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = config.getBoolean(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING, false); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map<String, Object> userInfo, List<String> userGroups) throws CmsImportExportException { boolean convert = false; CmsParameterConfiguration config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = config.getBoolean(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING, false); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * @see org.opencms.importexport.A_CmsImport#importUser(String, String, String, String, String, String, long, Map, List) */ @Override protected void importUser( String name, String flags, String password, String firstname, String lastname, String email, long dateCreated, Map<String, Object> userInfo, List<String> userGroups) throws CmsImportExportException { boolean convert = false; CmsParameterConfiguration config = OpenCms.getPasswordHandler().getConfiguration(); if ((config != null) && config.containsKey(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING)) { convert = config.getBoolean(I_CmsPasswordHandler.CONVERT_DIGEST_ENCODING, false); } if (convert) { password = convertDigestEncoding(password); } super.importUser(name, flags, password, firstname, lastname, email, dateCreated, userInfo, userGroups); }
/** * @see org.opencms.db.I_CmsUserDriver#writePassword(org.opencms.db.CmsDbContext, java.lang.String, java.lang.String, java.lang.String) */ public void writePassword(CmsDbContext dbc, String userFqn, String oldPassword, String newPassword) throws CmsDataAccessException, CmsPasswordEncryptionException { PreparedStatement stmt = null; Connection conn = null; // check if the old password is valid if (oldPassword != null) { readUser(dbc, userFqn, oldPassword, ""); } String pwd = newPassword; if (dbc.getRequestContext().getAttribute(REQ_ATTR_DONT_DIGEST_PASSWORD) == null) { pwd = OpenCms.getPasswordHandler().digest(newPassword); } try { conn = getSqlManager().getConnection(dbc); stmt = m_sqlManager.getPreparedStatement(conn, "C_USERS_SET_PWD_3"); stmt.setString(1, pwd); stmt.setString(2, CmsOrganizationalUnit.getSimpleName(userFqn)); stmt.setString(3, CmsOrganizationalUnit.SEPARATOR + CmsOrganizationalUnit.getParentFqn(userFqn)); stmt.executeUpdate(); } catch (SQLException e) { throw new CmsDbSqlException(Messages.get().container( Messages.ERR_GENERIC_SQL_1, CmsDbSqlException.getErrorQuery(stmt)), e); } finally { m_sqlManager.closeAll(dbc, conn, stmt, null); } }
/** * Validates the passwords, checking if they match and fulfill the requirements of the password handler.<p> * Will show the appropriate errors if necessary.<p> * * @param password1 password 1 * @param password2 password 2 * * @return <code>true</code> if valid */ boolean validatePasswords(String password1, String password2) { if (!password1.equals(password2)) { showPasswordMatchError(true); return false; } showPasswordMatchError(false); try { OpenCms.getPasswordHandler().validatePassword(password1); m_form.getPassword1Field().setComponentError(null); return true; } catch (CmsException e) { m_form.setErrorPassword1(new UserError(e.getLocalizedMessage(m_locale)), OpenCmsTheme.SECURITY_INVALID); return false; } } }
/** * @see org.opencms.db.I_CmsUserDriver#writePassword(org.opencms.db.CmsDbContext, java.lang.String, java.lang.String, java.lang.String) */ public void writePassword(CmsDbContext dbc, String userFqn, String oldPassword, String newPassword) throws CmsDataAccessException, CmsPasswordEncryptionException { PreparedStatement stmt = null; Connection conn = null; // check if the old password is valid if (oldPassword != null) { readUser(dbc, userFqn, oldPassword, ""); } String pwd = newPassword; if (dbc.getRequestContext().getAttribute(REQ_ATTR_DONT_DIGEST_PASSWORD) == null) { pwd = OpenCms.getPasswordHandler().digest(newPassword); } try { conn = getSqlManager().getConnection(dbc); stmt = m_sqlManager.getPreparedStatement(conn, "C_USERS_SET_PWD_3"); stmt.setString(1, pwd); stmt.setString(2, CmsOrganizationalUnit.getSimpleName(userFqn)); stmt.setString(3, CmsOrganizationalUnit.SEPARATOR + CmsOrganizationalUnit.getParentFqn(userFqn)); stmt.executeUpdate(); } catch (SQLException e) { throw new CmsDbSqlException( Messages.get().container(Messages.ERR_GENERIC_SQL_1, CmsDbSqlException.getErrorQuery(stmt)), e); } finally { m_sqlManager.closeAll(dbc, conn, stmt, null); } }
/** * Checks the security level of the given password.<p> * * @param password the password */ void checkSecurity(String password) { I_CmsPasswordHandler handler = OpenCms.getPasswordHandler(); try { handler.validatePassword(password); if (handler instanceof I_CmsPasswordSecurityEvaluator) { SecurityLevel level = ((I_CmsPasswordSecurityEvaluator)handler).evaluatePasswordSecurity(password); m_form.setErrorPassword1(null, OpenCmsTheme.SECURITY + "-" + level.name()); } else { m_form.setErrorPassword1(null, OpenCmsTheme.SECURITY_STRONG); } } catch (CmsSecurityException e) { m_form.setErrorPassword1(new UserError(e.getLocalizedMessage(m_locale)), OpenCmsTheme.SECURITY_INVALID); } if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(m_form.getPassword2())) { showPasswordMatchError(!password.equals(m_form.getPassword2())); } }