several fixes

This commit is contained in:
Peter Hormanns 2019-08-30 20:19:30 +02:00
parent 2e5e7d21ee
commit d9ee90ce36
8 changed files with 42 additions and 31 deletions

View File

@ -88,7 +88,7 @@
<artifactId>maven-war-plugin</artifactId>
<version>3.2.3</version>
<configuration>
<archiveClasses>true</archiveClasses>
<archiveClasses>false</archiveClasses>
</configuration>
</plugin>
<plugin>

View File

@ -22,6 +22,7 @@ public class LDAPConfig {
private String smtpFromAddress;
private String smtpHost;
private String smtpPort;
private String tempDir;
private LDAPConfig() {
ldapProviderUrl = "ldap://localhost:10389/dc=domain,dc=example,dc=com";
@ -35,6 +36,7 @@ public class LDAPConfig {
smtpHost = "localhost";
smtpPort = "25";
smtpFromAddress = "nobody@example.com";
tempDir = System.getProperty("java.io.tmpdir");
try {
final Properties props = loadConfig();
ldapProviderUrl = props.getProperty("provider.url", ldapProviderUrl);
@ -44,6 +46,7 @@ public class LDAPConfig {
smtpHost = props.getProperty("smtp.host", smtpHost);
smtpPort = props.getProperty("smtp.port", smtpPort);
smtpFromAddress = props.getProperty("smtp.from", smtpFromAddress);
tempDir = props.getProperty("temp.dir", tempDir);
final LDAPUriParser uriParser = new LDAPUriParser(ldapProviderUrl);
ldapDistinguishedName = uriParser.getDn();
ldapHost = uriParser.getHost();
@ -105,6 +108,11 @@ public class LDAPConfig {
return smtpFromAddress;
}
public String getTempDir() {
return tempDir;
}
private Properties loadConfig() throws IOException {
final InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("config.properties");
Properties config = new Properties();

View File

@ -35,6 +35,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
private String smtpHost;
private String smtpPort;
private String smtpFrom;
private String tempDir;
@Override
public void init() throws ServletException {
@ -42,6 +43,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
smtpHost = config.getSmtpHost();
smtpPort = config.getSmtpPort();
smtpFrom = config.getSmtpFromAddress();
tempDir = config.getTempDir();
}
@Override
@ -51,7 +53,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
cleanSession(httpSession);
final String token = req.getParameter("token");
if (token != null && !token.isEmpty()) {
final File passwdResetFile = new File("/tmp/passwd" + token + ".tmp");
final File passwdResetFile = new File(tempDir + "/passwd" + token + ".tmp");
if (passwdResetFile.exists() && passwdResetFile.canRead()) {
try (final BufferedReader reader = new BufferedReader(new FileReader(passwdResetFile))) {
final String[] uidAndEMail = reader.readLine().split(":");
@ -114,7 +116,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
}
}
final String loginOrEMail = req.getParameter("loginoremail");
final File tempFile = File.createTempFile("passwd", ".tmp", new File("/tmp"));
final File tempFile = File.createTempFile("passwd", ".tmp", new File(tempDir));
try (final PrintStream printStream = new PrintStream(tempFile)) {
String email = "";
String login = "";
@ -144,6 +146,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
return;
}
printStream.println(login + ":" + email);
printStream.close();
}
final StringBuffer messageText = new StringBuffer(messages.getString("ResetPasswordServlet.email_greeting"));
messageText.append(salutation);

View File

@ -111,28 +111,30 @@ public class UserServlet extends AbstractLDAPServlet {
}
}
usr.setGroups(memberships);
try {
validatePhone(messages, "phone", phone);
validatePhone(messages, "mobile", mobile);
validateEMail(messages, email);
validateLastName(messages, lastname);
if (password != null && !password.isEmpty()) {
if (password2 == null || !password2.equals(password)) {
throw new ValidationException("password2", messages.getString("UserServlet.passwords_donot_match"));
} else {
usr.setAndValidatePassword(password);
if (!"delete".equals(operation)) {
try {
validatePhone(messages, "phone", phone);
validatePhone(messages, "mobile", mobile);
validateEMail(messages, email);
validateLastName(messages, lastname);
if (password != null && !password.isEmpty()) {
if (password2 == null || !password2.equals(password)) {
throw new ValidationException("password2", messages.getString("UserServlet.passwords_donot_match"));
} else {
usr.setAndValidatePassword(password);
}
}
} catch (SimplePasswordException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.simple_password"));
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
} catch (ValidationException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("UserServlet.input_field") + " \"" + e.getFieldname() + "\" " + e.getCondition());
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
}
} catch (SimplePasswordException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.simple_password"));
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
} catch (ValidationException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("UserServlet.input_field") + " \"" + e.getFieldname() + "\" " + e.getCondition());
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
}
final GroupsDAO groupsDAO = new GroupsDAO(ldapSession);
try {

View File

@ -11,7 +11,7 @@
<url-pattern>*.js</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>/contact.jsp</welcome-file>
<welcome-file>/index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>403</error-code>
@ -28,14 +28,15 @@
<security-constraint>
<web-resource-collection>
<web-resource-name>Public access</web-resource-name>
<url-pattern>/</url-pattern>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>*.css</url-pattern>
<url-pattern>*.js</url-pattern>
<url-pattern>/css/*</url-pattern>
<url-pattern>/webjars/*</url-pattern>
<url-pattern>/logout</url-pattern>
<url-pattern>/access-denied.jsp</url-pattern>
<url-pattern>/contact.jsp</url-pattern>
<url-pattern>/passwordreset</url-pattern>
<url-pattern>/access-denied.jsp</url-pattern>
<url-pattern>/servlet-exception.jsp</url-pattern>
</web-resource-collection>
</security-constraint>

View File

@ -1,4 +1,4 @@
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<script type="text/javascript" src="<%= request.getContextPath() %>/webjars/jquery/3.4.1/jquery.min.js" ></script>
<script type="text/javascript" src="<%= request.getContextPath() %>/webjars/jquery/1.11.1/jquery.min.js" ></script>
<script type="text/javascript" src="<%= request.getContextPath() %>/webjars/bootstrap/3.4.1/js/bootstrap.min.js" ></script>

View File

@ -11,7 +11,7 @@
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="<c:url value="/contact.jsp"/>"><fmt:message key="navbar.title"/></a>
<a class="navbar-brand" href="<c:url value="/index.jsp"/>"><fmt:message key="navbar.title"/></a>
</div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
@ -24,9 +24,6 @@
<li>
<a href="<c:url value="/profile"/>"><fmt:message key="navbar.item.profile"/></a>
</li>
<li>
<a href="<c:url value="/contact.jsp"/>"><fmt:message key="navbar.item.contact"/></a>
</li>
</ul>
</div>
</div>