several fixes

This commit is contained in:
Peter Hormanns 2019-08-30 20:19:30 +02:00
parent 2e5e7d21ee
commit d9ee90ce36
8 changed files with 42 additions and 31 deletions

View File

@ -88,7 +88,7 @@
<artifactId>maven-war-plugin</artifactId> <artifactId>maven-war-plugin</artifactId>
<version>3.2.3</version> <version>3.2.3</version>
<configuration> <configuration>
<archiveClasses>true</archiveClasses> <archiveClasses>false</archiveClasses>
</configuration> </configuration>
</plugin> </plugin>
<plugin> <plugin>

View File

@ -22,6 +22,7 @@ public class LDAPConfig {
private String smtpFromAddress; private String smtpFromAddress;
private String smtpHost; private String smtpHost;
private String smtpPort; private String smtpPort;
private String tempDir;
private LDAPConfig() { private LDAPConfig() {
ldapProviderUrl = "ldap://localhost:10389/dc=domain,dc=example,dc=com"; ldapProviderUrl = "ldap://localhost:10389/dc=domain,dc=example,dc=com";
@ -35,6 +36,7 @@ public class LDAPConfig {
smtpHost = "localhost"; smtpHost = "localhost";
smtpPort = "25"; smtpPort = "25";
smtpFromAddress = "nobody@example.com"; smtpFromAddress = "nobody@example.com";
tempDir = System.getProperty("java.io.tmpdir");
try { try {
final Properties props = loadConfig(); final Properties props = loadConfig();
ldapProviderUrl = props.getProperty("provider.url", ldapProviderUrl); ldapProviderUrl = props.getProperty("provider.url", ldapProviderUrl);
@ -44,6 +46,7 @@ public class LDAPConfig {
smtpHost = props.getProperty("smtp.host", smtpHost); smtpHost = props.getProperty("smtp.host", smtpHost);
smtpPort = props.getProperty("smtp.port", smtpPort); smtpPort = props.getProperty("smtp.port", smtpPort);
smtpFromAddress = props.getProperty("smtp.from", smtpFromAddress); smtpFromAddress = props.getProperty("smtp.from", smtpFromAddress);
tempDir = props.getProperty("temp.dir", tempDir);
final LDAPUriParser uriParser = new LDAPUriParser(ldapProviderUrl); final LDAPUriParser uriParser = new LDAPUriParser(ldapProviderUrl);
ldapDistinguishedName = uriParser.getDn(); ldapDistinguishedName = uriParser.getDn();
ldapHost = uriParser.getHost(); ldapHost = uriParser.getHost();
@ -105,6 +108,11 @@ public class LDAPConfig {
return smtpFromAddress; return smtpFromAddress;
} }
public String getTempDir() {
return tempDir;
}
private Properties loadConfig() throws IOException { private Properties loadConfig() throws IOException {
final InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("config.properties"); final InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("config.properties");
Properties config = new Properties(); Properties config = new Properties();

View File

@ -35,6 +35,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
private String smtpHost; private String smtpHost;
private String smtpPort; private String smtpPort;
private String smtpFrom; private String smtpFrom;
private String tempDir;
@Override @Override
public void init() throws ServletException { public void init() throws ServletException {
@ -42,6 +43,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
smtpHost = config.getSmtpHost(); smtpHost = config.getSmtpHost();
smtpPort = config.getSmtpPort(); smtpPort = config.getSmtpPort();
smtpFrom = config.getSmtpFromAddress(); smtpFrom = config.getSmtpFromAddress();
tempDir = config.getTempDir();
} }
@Override @Override
@ -51,7 +53,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
cleanSession(httpSession); cleanSession(httpSession);
final String token = req.getParameter("token"); final String token = req.getParameter("token");
if (token != null && !token.isEmpty()) { if (token != null && !token.isEmpty()) {
final File passwdResetFile = new File("/tmp/passwd" + token + ".tmp"); final File passwdResetFile = new File(tempDir + "/passwd" + token + ".tmp");
if (passwdResetFile.exists() && passwdResetFile.canRead()) { if (passwdResetFile.exists() && passwdResetFile.canRead()) {
try (final BufferedReader reader = new BufferedReader(new FileReader(passwdResetFile))) { try (final BufferedReader reader = new BufferedReader(new FileReader(passwdResetFile))) {
final String[] uidAndEMail = reader.readLine().split(":"); final String[] uidAndEMail = reader.readLine().split(":");
@ -114,7 +116,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
} }
} }
final String loginOrEMail = req.getParameter("loginoremail"); final String loginOrEMail = req.getParameter("loginoremail");
final File tempFile = File.createTempFile("passwd", ".tmp", new File("/tmp")); final File tempFile = File.createTempFile("passwd", ".tmp", new File(tempDir));
try (final PrintStream printStream = new PrintStream(tempFile)) { try (final PrintStream printStream = new PrintStream(tempFile)) {
String email = ""; String email = "";
String login = ""; String login = "";
@ -144,6 +146,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
return; return;
} }
printStream.println(login + ":" + email); printStream.println(login + ":" + email);
printStream.close();
} }
final StringBuffer messageText = new StringBuffer(messages.getString("ResetPasswordServlet.email_greeting")); final StringBuffer messageText = new StringBuffer(messages.getString("ResetPasswordServlet.email_greeting"));
messageText.append(salutation); messageText.append(salutation);

View File

@ -111,28 +111,30 @@ public class UserServlet extends AbstractLDAPServlet {
} }
} }
usr.setGroups(memberships); usr.setGroups(memberships);
try { if (!"delete".equals(operation)) {
validatePhone(messages, "phone", phone); try {
validatePhone(messages, "mobile", mobile); validatePhone(messages, "phone", phone);
validateEMail(messages, email); validatePhone(messages, "mobile", mobile);
validateLastName(messages, lastname); validateEMail(messages, email);
if (password != null && !password.isEmpty()) { validateLastName(messages, lastname);
if (password2 == null || !password2.equals(password)) { if (password != null && !password.isEmpty()) {
throw new ValidationException("password2", messages.getString("UserServlet.passwords_donot_match")); if (password2 == null || !password2.equals(password)) {
} else { throw new ValidationException("password2", messages.getString("UserServlet.passwords_donot_match"));
usr.setAndValidatePassword(password); } else {
usr.setAndValidatePassword(password);
}
} }
} catch (SimplePasswordException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.simple_password"));
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
} catch (ValidationException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("UserServlet.input_field") + " \"" + e.getFieldname() + "\" " + e.getCondition());
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
} }
} catch (SimplePasswordException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.simple_password"));
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
} catch (ValidationException e) {
httpSession.setAttribute("user", usr);
httpSession.setAttribute("errormessage", messages.getString("UserServlet.input_field") + " \"" + e.getFieldname() + "\" " + e.getCondition());
req.getRequestDispatcher("/user.jsp").forward(req, resp);
return;
} }
final GroupsDAO groupsDAO = new GroupsDAO(ldapSession); final GroupsDAO groupsDAO = new GroupsDAO(ldapSession);
try { try {

View File

@ -11,7 +11,7 @@
<url-pattern>*.js</url-pattern> <url-pattern>*.js</url-pattern>
</servlet-mapping> </servlet-mapping>
<welcome-file-list> <welcome-file-list>
<welcome-file>/contact.jsp</welcome-file> <welcome-file>/index.jsp</welcome-file>
</welcome-file-list> </welcome-file-list>
<error-page> <error-page>
<error-code>403</error-code> <error-code>403</error-code>
@ -28,14 +28,15 @@
<security-constraint> <security-constraint>
<web-resource-collection> <web-resource-collection>
<web-resource-name>Public access</web-resource-name> <web-resource-name>Public access</web-resource-name>
<url-pattern>/</url-pattern>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>*.css</url-pattern> <url-pattern>*.css</url-pattern>
<url-pattern>*.js</url-pattern> <url-pattern>*.js</url-pattern>
<url-pattern>/css/*</url-pattern> <url-pattern>/css/*</url-pattern>
<url-pattern>/webjars/*</url-pattern> <url-pattern>/webjars/*</url-pattern>
<url-pattern>/logout</url-pattern> <url-pattern>/logout</url-pattern>
<url-pattern>/access-denied.jsp</url-pattern>
<url-pattern>/contact.jsp</url-pattern>
<url-pattern>/passwordreset</url-pattern> <url-pattern>/passwordreset</url-pattern>
<url-pattern>/access-denied.jsp</url-pattern>
<url-pattern>/servlet-exception.jsp</url-pattern> <url-pattern>/servlet-exception.jsp</url-pattern>
</web-resource-collection> </web-resource-collection>
</security-constraint> </security-constraint>

View File

@ -1,4 +1,4 @@
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<script type="text/javascript" src="<%= request.getContextPath() %>/webjars/jquery/3.4.1/jquery.min.js" ></script> <script type="text/javascript" src="<%= request.getContextPath() %>/webjars/jquery/1.11.1/jquery.min.js" ></script>
<script type="text/javascript" src="<%= request.getContextPath() %>/webjars/bootstrap/3.4.1/js/bootstrap.min.js" ></script> <script type="text/javascript" src="<%= request.getContextPath() %>/webjars/bootstrap/3.4.1/js/bootstrap.min.js" ></script>

View File

@ -11,7 +11,7 @@
<span class="icon-bar"></span> <span class="icon-bar"></span>
<span class="icon-bar"></span> <span class="icon-bar"></span>
</button> </button>
<a class="navbar-brand" href="<c:url value="/contact.jsp"/>"><fmt:message key="navbar.title"/></a> <a class="navbar-brand" href="<c:url value="/index.jsp"/>"><fmt:message key="navbar.title"/></a>
</div> </div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"> <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
@ -24,9 +24,6 @@
<li> <li>
<a href="<c:url value="/profile"/>"><fmt:message key="navbar.item.profile"/></a> <a href="<c:url value="/profile"/>"><fmt:message key="navbar.item.profile"/></a>
</li> </li>
<li>
<a href="<c:url value="/contact.jsp"/>"><fmt:message key="navbar.item.contact"/></a>
</li>
</ul> </ul>
</div> </div>
</div> </div>