From d9ee90ce366579b7e31172236914c31740b5d1ba Mon Sep 17 00:00:00 2001 From: Peter Hormanns Date: Fri, 30 Aug 2019 20:19:30 +0200 Subject: [PATCH] several fixes --- pom.xml | 2 +- .../de/jalin/ldapadmin/ldap/LDAPConfig.java | 8 ++++ .../ldapadmin/web/ResetPasswordServlet.java | 7 +++- .../de/jalin/ldapadmin/web/UserServlet.java | 42 ++++++++++--------- src/main/webapp/WEB-INF/web.xml | 7 ++-- src/main/webapp/{contact.jsp => index.jsp} | 0 src/main/webapp/template/footer.jsp | 2 +- src/main/webapp/template/navbar.jsp | 5 +-- 8 files changed, 42 insertions(+), 31 deletions(-) rename src/main/webapp/{contact.jsp => index.jsp} (100%) diff --git a/pom.xml b/pom.xml index 6c198e6..11695dc 100644 --- a/pom.xml +++ b/pom.xml @@ -88,7 +88,7 @@ maven-war-plugin 3.2.3 - true + false diff --git a/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java b/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java index ebe0833..ce5ddb4 100644 --- a/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java +++ b/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java @@ -22,6 +22,7 @@ public class LDAPConfig { private String smtpFromAddress; private String smtpHost; private String smtpPort; + private String tempDir; private LDAPConfig() { ldapProviderUrl = "ldap://localhost:10389/dc=domain,dc=example,dc=com"; @@ -35,6 +36,7 @@ public class LDAPConfig { smtpHost = "localhost"; smtpPort = "25"; smtpFromAddress = "nobody@example.com"; + tempDir = System.getProperty("java.io.tmpdir"); try { final Properties props = loadConfig(); ldapProviderUrl = props.getProperty("provider.url", ldapProviderUrl); @@ -44,6 +46,7 @@ public class LDAPConfig { smtpHost = props.getProperty("smtp.host", smtpHost); smtpPort = props.getProperty("smtp.port", smtpPort); smtpFromAddress = props.getProperty("smtp.from", smtpFromAddress); + tempDir = props.getProperty("temp.dir", tempDir); final LDAPUriParser uriParser = new LDAPUriParser(ldapProviderUrl); ldapDistinguishedName = uriParser.getDn(); ldapHost = uriParser.getHost(); @@ -105,6 +108,11 @@ public class LDAPConfig { return smtpFromAddress; } + public String getTempDir() { + return tempDir; + } + + private Properties loadConfig() throws IOException { final InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("config.properties"); Properties config = new Properties(); diff --git a/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java b/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java index 53a1264..2029e86 100644 --- a/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java +++ b/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java @@ -35,6 +35,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet { private String smtpHost; private String smtpPort; private String smtpFrom; + private String tempDir; @Override public void init() throws ServletException { @@ -42,6 +43,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet { smtpHost = config.getSmtpHost(); smtpPort = config.getSmtpPort(); smtpFrom = config.getSmtpFromAddress(); + tempDir = config.getTempDir(); } @Override @@ -51,7 +53,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet { cleanSession(httpSession); final String token = req.getParameter("token"); if (token != null && !token.isEmpty()) { - final File passwdResetFile = new File("/tmp/passwd" + token + ".tmp"); + final File passwdResetFile = new File(tempDir + "/passwd" + token + ".tmp"); if (passwdResetFile.exists() && passwdResetFile.canRead()) { try (final BufferedReader reader = new BufferedReader(new FileReader(passwdResetFile))) { final String[] uidAndEMail = reader.readLine().split(":"); @@ -114,7 +116,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet { } } final String loginOrEMail = req.getParameter("loginoremail"); - final File tempFile = File.createTempFile("passwd", ".tmp", new File("/tmp")); + final File tempFile = File.createTempFile("passwd", ".tmp", new File(tempDir)); try (final PrintStream printStream = new PrintStream(tempFile)) { String email = ""; String login = ""; @@ -144,6 +146,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet { return; } printStream.println(login + ":" + email); + printStream.close(); } final StringBuffer messageText = new StringBuffer(messages.getString("ResetPasswordServlet.email_greeting")); messageText.append(salutation); diff --git a/src/main/java/de/jalin/ldapadmin/web/UserServlet.java b/src/main/java/de/jalin/ldapadmin/web/UserServlet.java index 06a1694..ca9cb5c 100644 --- a/src/main/java/de/jalin/ldapadmin/web/UserServlet.java +++ b/src/main/java/de/jalin/ldapadmin/web/UserServlet.java @@ -111,28 +111,30 @@ public class UserServlet extends AbstractLDAPServlet { } } usr.setGroups(memberships); - try { - validatePhone(messages, "phone", phone); - validatePhone(messages, "mobile", mobile); - validateEMail(messages, email); - validateLastName(messages, lastname); - if (password != null && !password.isEmpty()) { - if (password2 == null || !password2.equals(password)) { - throw new ValidationException("password2", messages.getString("UserServlet.passwords_donot_match")); - } else { - usr.setAndValidatePassword(password); + if (!"delete".equals(operation)) { + try { + validatePhone(messages, "phone", phone); + validatePhone(messages, "mobile", mobile); + validateEMail(messages, email); + validateLastName(messages, lastname); + if (password != null && !password.isEmpty()) { + if (password2 == null || !password2.equals(password)) { + throw new ValidationException("password2", messages.getString("UserServlet.passwords_donot_match")); + } else { + usr.setAndValidatePassword(password); + } } + } catch (SimplePasswordException e) { + httpSession.setAttribute("user", usr); + httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.simple_password")); + req.getRequestDispatcher("/user.jsp").forward(req, resp); + return; + } catch (ValidationException e) { + httpSession.setAttribute("user", usr); + httpSession.setAttribute("errormessage", messages.getString("UserServlet.input_field") + " \"" + e.getFieldname() + "\" " + e.getCondition()); + req.getRequestDispatcher("/user.jsp").forward(req, resp); + return; } - } catch (SimplePasswordException e) { - httpSession.setAttribute("user", usr); - httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.simple_password")); - req.getRequestDispatcher("/user.jsp").forward(req, resp); - return; - } catch (ValidationException e) { - httpSession.setAttribute("user", usr); - httpSession.setAttribute("errormessage", messages.getString("UserServlet.input_field") + " \"" + e.getFieldname() + "\" " + e.getCondition()); - req.getRequestDispatcher("/user.jsp").forward(req, resp); - return; } final GroupsDAO groupsDAO = new GroupsDAO(ldapSession); try { diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml index 2fb1240..4d4ef93 100644 --- a/src/main/webapp/WEB-INF/web.xml +++ b/src/main/webapp/WEB-INF/web.xml @@ -11,7 +11,7 @@ *.js - /contact.jsp + /index.jsp 403 @@ -28,14 +28,15 @@ Public access + / + /index.jsp *.css *.js /css/* /webjars/* /logout - /access-denied.jsp - /contact.jsp /passwordreset + /access-denied.jsp /servlet-exception.jsp diff --git a/src/main/webapp/contact.jsp b/src/main/webapp/index.jsp similarity index 100% rename from src/main/webapp/contact.jsp rename to src/main/webapp/index.jsp diff --git a/src/main/webapp/template/footer.jsp b/src/main/webapp/template/footer.jsp index 2e40a81..0b4b54a 100644 --- a/src/main/webapp/template/footer.jsp +++ b/src/main/webapp/template/footer.jsp @@ -1,4 +1,4 @@ <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> - + diff --git a/src/main/webapp/template/navbar.jsp b/src/main/webapp/template/navbar.jsp index 1194ab0..69e6c76 100644 --- a/src/main/webapp/template/navbar.jsp +++ b/src/main/webapp/template/navbar.jsp @@ -11,7 +11,7 @@ - "> + ">