litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-768 provide a "cancel" link from the forced password change.

Browse source
This commit is contained in:
jeb228 2010-07-15 14:54:36 +00:00
parent f4da2cc28d
commit fad9cb6ddb
4 changed files with 70 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
View file

@ -13,6 +13,7 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
@ -53,6 +54,9 @@ public class Authenticate extends FreeMarkerHttpServlet {
/** The confirm password field on the password change form. */ /** The confirm password field on the password change form. */
private static final String PARAMETER_CONFIRM_PASSWORD = "confirmPassword"; private static final String PARAMETER_CONFIRM_PASSWORD = "confirmPassword";
/** If this parameter is "true" (ignoring case), cancel the login. */
private static final String PARAMETER_CANCEL = "cancel";
/** If they are logging in, show them this form. */ /** If they are logging in, show them this form. */
public static final String TEMPLATE_LOGIN = "login-form.ftl"; public static final String TEMPLATE_LOGIN = "login-form.ftl";
@ -92,9 +96,13 @@ public class Authenticate extends FreeMarkerHttpServlet {
} }
break; break;
case FORCED_PASSWORD_CHANGE: case FORCED_PASSWORD_CHANGE:
user = checkChangeProgress(vreq); if (checkCancel(vreq)) {
if (user != null) { recordLoginCancelled(vreq);
recordSuccessfulPasswordChange(vreq, user); } else {
user = checkChangeProgress(vreq);
if (user != null) {
recordSuccessfulPasswordChange(vreq, user);
}
} }
break; break;
default: default:
@ -109,6 +117,9 @@ public class Authenticate extends FreeMarkerHttpServlet {
case LOGGED_IN: case LOGGED_IN:
redirectLoggedInUser(vreq, response); redirectLoggedInUser(vreq, response);
break; break;
case CANCELLED:
redirectCancellingUser(vreq, response);
break;
default: default:
showLoginScreen(vreq, response); showLoginScreen(vreq, response);
break; break;
@ -176,6 +187,23 @@ public class Authenticate extends FreeMarkerHttpServlet {
} }
} }
/**
* Are they cancelling the login (cancelling the first-time password
* change)? They are if the cancel parameter is "true" (ignoring case).
*/
private boolean checkCancel(HttpServletRequest request) {
String cancel = request.getParameter(PARAMETER_CANCEL);
log.trace("cancel=" + cancel);
return Boolean.valueOf(cancel);
}
/**
* If they want to cancel the login, let them.
*/
private void recordLoginCancelled(HttpServletRequest request) {
getLoginProcessBean(request).setState(State.CANCELLED);
}
/** /**
* They are changing password. Are they successful? * They are changing password. Are they successful?
*/ */
@ -301,6 +329,20 @@ public class Authenticate extends FreeMarkerHttpServlet {
return; return;
} }
/**
* User cancelled the login. Forget that they were logging in, and send them
* to the home page.
*/
private void redirectCancellingUser(HttpServletRequest request,
HttpServletResponse response) throws IOException {
// Remove the login process info from the session.
request.getSession()
.removeAttribute(LoginProcessBean.SESSION_ATTRIBUTE);
log.debug("User cancelled the login. Redirect to site admin page.");
response.sendRedirect(getHomeUrl(request));
}
/** /**
* User is logged in. They might go to: * User is logged in. They might go to:
* <ul> * <ul>
@ -462,6 +504,11 @@ public class Authenticate extends FreeMarkerHttpServlet {
return contextPath + Controllers.SITE_ADMIN + urlParams; return contextPath + Controllers.SITE_ADMIN + urlParams;
} }
/** What's the URL for the home page? */
private String getHomeUrl(HttpServletRequest request) {
return request.getContextPath();
}
/** /**
* What portal are we currently in? * What portal are we currently in?
*/ */
@ -551,4 +598,10 @@ public class Authenticate extends FreeMarkerHttpServlet {
jenaOntModel.getBaseModel().notifyEvent(event); jenaOntModel.getBaseModel().notifyEvent(event);
} }
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
doPost(request, response);
}
} }

2
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginProcessBean.java
View file

@ -16,7 +16,7 @@ public class LoginProcessBean {
.getName(); .getName();
public enum State { public enum State {
NOWHERE, LOGGING_IN, FORCED_PASSWORD_CHANGE, LOGGED_IN NOWHERE, LOGGING_IN, FORCED_PASSWORD_CHANGE, CANCELLED, LOGGED_IN
} }
private enum MLevel { private enum MLevel {

12
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/login/LoginTemplateHelper.java
View file

@ -43,6 +43,7 @@ public class LoginTemplateHelper extends LoginTemplateHelperBase {
public static final String BODY_INFO_MESSAGE = "infoMessage"; public static final String BODY_INFO_MESSAGE = "infoMessage";
public static final String BODY_ERROR_MESSAGE = "errorMessage"; public static final String BODY_ERROR_MESSAGE = "errorMessage";
public static final String BODY_ALERT_ICON_URL = "alertImageUrl"; public static final String BODY_ALERT_ICON_URL = "alertImageUrl";
public static final String BODY_CANCEL_URL = "cancelUrl";
/** Use this icon for an info message. */ /** Use this icon for an info message. */
public static final String URL_INFO_ICON = "/images/iconAlert.png"; public static final String URL_INFO_ICON = "/images/iconAlert.png";
@ -108,7 +109,7 @@ public class LoginTemplateHelper extends LoginTemplateHelperBase {
/** /**
* The user has given the correct password, but now they are required to * The user has given the correct password, but now they are required to
* change it. * change it (unless they cancel out).
*/ */
private TemplateResponseValues showPasswordChangeScreen(VitroRequest vreq) { private TemplateResponseValues showPasswordChangeScreen(VitroRequest vreq) {
LoginProcessBean bean = getLoginProcessBean(vreq); LoginProcessBean bean = getLoginProcessBean(vreq);
@ -118,6 +119,7 @@ public class LoginTemplateHelper extends LoginTemplateHelperBase {
TemplateResponseValues trv = new TemplateResponseValues( TemplateResponseValues trv = new TemplateResponseValues(
TEMPLATE_FORCE_PASSWORD_CHANGE); TEMPLATE_FORCE_PASSWORD_CHANGE);
trv.put(BODY_FORM_ACTION, getAuthenticateUrl(vreq)); trv.put(BODY_FORM_ACTION, getAuthenticateUrl(vreq));
trv.put(BODY_CANCEL_URL, getCancelUrl(vreq));
String errorMessage = bean.getErrorMessage(); String errorMessage = bean.getErrorMessage();
if (!errorMessage.isEmpty()) { if (!errorMessage.isEmpty()) {
@ -186,6 +188,14 @@ public class LoginTemplateHelper extends LoginTemplateHelperBase {
return contextPath + "/authenticate" + urlParams; return contextPath + "/authenticate" + urlParams;
} }
/** What's the URL for this servlet, with the cancel parameter added? */
private String getCancelUrl(HttpServletRequest request) {
String contextPath = request.getContextPath();
String urlParams = "?home=" + getPortalIdString(request)
+ "&login=block&cancel=true";
return contextPath + "/authenticate" + urlParams;
}
/** /**
* What portal are we currently in? * What portal are we currently in?
*/ */

1
webapp/web/templates/freemarker/body/login/login-forcedPasswordChange.ftl
View file

@ -22,5 +22,6 @@ ${stylesheets.addFromTheme("/login.css")}
<input id="confirmPassword" type="password" name="confirmPassword" /> <input id="confirmPassword" type="password" name="confirmPassword" />
<input name="passwordChangeForm" type="submit" class="submit" value="Save Changes"/> <input name="passwordChangeForm" type="submit" class="submit" value="Save Changes"/>
</form> </form>
<a href="${cancelUrl}">Cancel</a>
</div> </div>