📄 updateprivatekeypassphrasedispatchaction.java
字号:
/*
* SSL-Explorer
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.sslexplorer.security.actions;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.Globals;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import com.sslexplorer.core.CoreAttributeConstants;
import com.sslexplorer.core.CoreEvent;
import com.sslexplorer.core.CoreEventConstants;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.core.CoreUtil;
import com.sslexplorer.core.actions.AuthenticatedDispatchAction;
import com.sslexplorer.security.PublicKeyStore;
import com.sslexplorer.security.SessionInfo;
import com.sslexplorer.security.UpdatePrivateKeyPassphraseException;
import com.sslexplorer.security.forms.UpdatePrivateKeyPassphraseForm;
/**
* Implementation of
* {@link com.sslexplorer.core.actions.AuthenticatedDispatchAction} that is used
* when the passphrase of the users private must be changed.
* <p>
* This may happen for example if the key was created using their account
* password which has since changed.
*
* @author Brett Smith <a href="mailto: brett@3sp.com"><brett@3sp.com></a>
* @version $Revision: 1.5 $
* @see com.sslexplorer.security.forms.UpdatePrivateKeyPassphraseForm
*/
public class UpdatePrivateKeyPassphraseDispatchAction extends AuthenticatedDispatchAction {
final static Log log = LogFactory.getLog(SetPasswordAction.class);
/**
* Constructor.
*/
public UpdatePrivateKeyPassphraseDispatchAction() {
super();
}
/*
* (non-Javadoc)
*
* @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
* org.apache.struts.action.ActionForm,
* javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception {
UpdatePrivateKeyPassphraseForm f = (UpdatePrivateKeyPassphraseForm) form;
return mapping.findForward("display");
}
/**
* Commit the passphrase change.
*
* @param mapping mappng
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception
*/
public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
UpdatePrivateKeyPassphraseForm f = (UpdatePrivateKeyPassphraseForm) form;
Properties p = getSessionInfo().getUser().getAttributes();
synchronized (p) {
/*
* First we need to verify using the old password so the
* confidential user attributes can be decrypted
*/
try {
PublicKeyStore.getInstance().verifyPrivateKey(getSessionInfo().getUser(), f.getOldPassphrase().toCharArray());
} catch (UpdatePrivateKeyPassphraseException upkpe) {
// incorrect passphrase
ActionErrors errs = new ActionErrors();
errs.add(Globals.ERROR_KEY, new ActionMessage("updatePrivateKeyPassphrase.error.incorrectPassphrase"));
saveErrors(request.getSession(), errs);
return mapping.getInputForward();
}
/*
* Reload the users attributes now that the key is initialised so
* that confidential attributes are loaded
*/
CoreServlet.getServlet().getUserDatabase().loadAttributes(getSessionInfo().getUser());
/*
* Now change the passphrase
*/
PublicKeyStore.getInstance().changePrivateKeyPassphrase(
getSessionInfo().getUser(),
f.getOldPassphrase(),
new String(CoreServlet.getServlet().getLogonController().getPasswordFromCredentials(
getSessionInfo().getCredentials())));
CoreUtil.removePageInterceptListener(request.getSession(), "updatePrivateKeyPassphrase");
/*
* And update the user attributes and fire the logon event
*/
CoreServlet.getServlet().getUserDatabase().updateAttributes(getSessionInfo().getUser().getPrincipalName(), p);
CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this, CoreEventConstants.LOGON, getSessionInfo().getCredentials(), getSessionInfo()).addAttribute(
CoreAttributeConstants.EVENT_ATTR_IP_ADDRESS, request.getRemoteAddr()).addAttribute(
CoreAttributeConstants.EVENT_ATTR_HOST, request.getRemoteHost()));
}
return mapping.findForward("success");
}
/**
* Cancel and logout.
*
* @param mapping mappng
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception
*/
public ActionForward cancel(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
return mapping.findForward("cancel");
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.core.actions.CoreAction#getNavigationContext(org.apache.struts.action.ActionMapping,
* org.apache.struts.action.ActionForm,
* javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
return SessionInfo.USER_CONSOLE_CONTEXT | SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -