added password change

This commit is contained in:
Kohsuke Kawaguchi 2011-01-08 17:22:30 -08:00
parent c56da70dd3
commit e4694c49e3
5 changed files with 69 additions and 21 deletions

4
.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
*.iml
*.ipr
*.iws
target

View File

@ -44,12 +44,12 @@ public class Application {
@QueryParameter String password2
) throws Exception {
final Attributes attrs = new BasicAttributes();
if (!password1.equals(password2))
throw new Error("Password mismatch");
attrs.put("objectClass", "inerOrgPerson");
Attributes attrs = new BasicAttributes();
attrs.put("objectClass", "inetOrgPerson");
attrs.put("givenName", firstName);
attrs.put("sn", lastName);
attrs.put("mail", email);
@ -65,11 +65,11 @@ public class Application {
return new HttpRedirect("done");
}
private LdapContext connect() throws NamingException {
public LdapContext connect() throws NamingException {
return connect(params.managerDN(), params.managerPassword());
}
private LdapContext connect(String dn, String password) throws NamingException {
public LdapContext connect(String dn, String password) throws NamingException {
Hashtable<String,String> env = new Hashtable<String,String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, params.server());
@ -84,8 +84,13 @@ public class Application {
) throws Exception {
String dn = "cn=" + userid + "," + params.newUserBaseDN();
Stapler.getCurrentRequest().getSession().setAttribute(Myself.class.getName(),
new Myself(dn,new ConnectionFactory(params.server(),dn,password)));
LdapContext context = connect(dn, password); // make sure the password is valid
try {
Stapler.getCurrentRequest().getSession().setAttribute(Myself.class.getName(),
new Myself(this,dn, context.getAttributes(dn)));
} finally {
context.close();
}
return new HttpRedirect("myself/");
}
@ -95,6 +100,6 @@ public class Application {
}
public Myself getMyself() {
return (Myself)Stapler.getCurrentRequest().getSession().getAttribute(Myself.class.getName());
return (Myself) Stapler.getCurrentRequest().getSession().getAttribute(Myself.class.getName());
}
}

View File

@ -15,24 +15,18 @@ import javax.naming.ldap.LdapContext;
* @author Kohsuke Kawaguchi
*/
public class Myself {
private final Application parent;
private final String dn;
private final ConnectionFactory factory;
public String firstName, lastName, email, userId;
public Myself(String dn, ConnectionFactory factory) throws NamingException {
public Myself(Application parent, String dn, Attributes attributes) throws NamingException {
this.parent = parent;
this.dn = dn;
this.factory = factory;
LdapContext context = factory.connect();
try {
Attributes attributes = context.getAttributes(dn);
firstName = getAttribute(attributes,"givenName");
lastName = getAttribute(attributes,"sn");
email = getAttribute(attributes,"mail");
userId = getAttribute(attributes,"cn");
} finally {
context.close();
}
firstName = getAttribute(attributes,"givenName");
lastName = getAttribute(attributes,"sn");
email = getAttribute(attributes,"mail");
userId = getAttribute(attributes,"cn");
}
private String getAttribute(Attributes attributes, String name) throws NamingException {
@ -52,7 +46,7 @@ public class Myself {
attrs.put("sn", lastName);
attrs.put("mail", email);
LdapContext context = factory.connect();
LdapContext context = parent.connect();
try {
context.modifyAttributes(dn,DirContext.REPLACE_ATTRIBUTE,attrs);
} finally {
@ -65,4 +59,30 @@ public class Myself {
return new HttpRedirect("done");
}
public HttpResponse doChangePassword(
@QueryParameter String password,
@QueryParameter String newPassword1,
@QueryParameter String newPassword2
) throws Exception {
if (!newPassword1.equals(newPassword2))
throw new Error("Password mismatch");
// verify the current password
parent.connect(dn,password).close();
// then update
Attributes attrs = new BasicAttributes();
attrs.put("userPassword", PasswordUtil.hashPassword(newPassword1));
LdapContext context = parent.connect();
try {
context.modifyAttributes(dn,DirContext.REPLACE_ATTRIBUTE,attrs);
} finally {
context.close();
}
return new HttpRedirect("done");
}
}

View File

@ -0,0 +1,5 @@
<html>
<body>
<h1>Done!</h1>
</body>
</html>

View File

@ -29,6 +29,20 @@
<input type="submit" style="margin-top:2em; display:block"/>
</form>
<h1>Change Password</h1>
<form method="post" action="changePassword">
<h5>Current Password</h5>
<input type="password" name="password" value="" class="text"/>
<h5>New Password</h5>
<input type="password" name="newPassword1" class="text"/>
<h5>Confirm New Password</h5>
<input type="password" name="newPassword2" class="text"/>
<input type="submit" style="margin-top:2em; display:block"/>
</form>
</body>
</html>
</j:jelly>