changepasswordformcontroller.java

来自「Java的框架」· Java 代码 · 共 222 行

package mcaps.core.user.webapp.controller;

import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Locale;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import mcap.core.base.webapp.controller.BaseFormController;
import mcap.core.config.Config;
import mcap.core.user.model.PasswordControl;
import mcap.core.user.model.User;
import mcap.core.user.service.PasswordControlManager;
import mcap.core.user.util.NameConstants;
import mcap.core.util.PasswordUtil;
import mcaps.core.user.webapp.command.UserPassword;

import org.springframework.validation.BindException;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;

/**
 * Implementation of BaseFormController that interacts with the UserManager to
 * handle request to change User's password.
 * @author bstan
 * @date 16-Jan-2006
 * @version 1.0.1.0
 */
public class ChangePasswordFormController extends BaseFormController {

	private PasswordControlManager passwordControlManager;
	
	/**
	 * Returns the passwordControlManager.
	 * @return PasswordControlManager
	 */
	public PasswordControlManager getPasswordControlManager () {
		return passwordControlManager;
	}

	/**
	 * Sets the passwordControlManager.
	 * @param passwordControlManager The passwordControlManager to set.
	 */
	public void setPasswordControlManager (
			PasswordControlManager passwordControlManager) {
		this.passwordControlManager = passwordControlManager;
	}

	/**
	 * Sets the rememberMeServices.
	 * @param rememberMeServices The rememberMeServices to set.
	 */
	//public void setRememberMeServices (RememberMeServices rememberMeServices) {
	//	this.rememberMeServices = rememberMeServices;
	//}

	/**
	 * Returns the userCache.
	 * @return UserCache
	 */
	//public UserCache getUserCache () {
	//	return userCache;
	//}

	/**
	 * Sets the userCache.
	 * @param userCache The userCache to set.
	 */
	//public void setUserCache (UserCache userCache) {
	//	this.userCache = userCache;
	//}

	/**
	 * Returns the authenticationManager.
	 * @return AuthenticationManager
	 */
	//public AuthenticationManager getAuthenticationManager () {
	//	return authenticationManager;
	//}

	/**
	 * Sets the authenticationManager.
	 * @param authenticationManager The authenticationManager to set.
	 */
	//public void setAuthenticationManager (
	//		AuthenticationManager authenticationManager) {
	//	this.authenticationManager = authenticationManager;
	//}

	/**
	 * Retrieve a backing object for the current form from the given request.
	 */
	protected Object formBackingObject (HttpServletRequest request)
			throws Exception {
		return new UserPassword ();
	}

	/**
	 * Next to be called if processFormSubmission method called the
	 * super.processFormSubmission
	 */
	public ModelAndView onSubmit (HttpServletRequest request,
			HttpServletResponse response, Object command, BindException errors)
			throws Exception {

		UserPassword userPassword = (UserPassword) command;
		Locale locale = request.getLocale ();
		Config config = Config.getInstance();
		
		// retrieve user information.
		User user = this.getUserManager ().getUser (userPassword.getUsername ());

		// if password need to be encrypted.
		if ("true".equals (request.getParameter ("encryptPass"))) {
			String algorithm = config.getValue (NameConstants.ENC_ALGORITHM);

			Integer keySize = new Integer (config.getValue(NameConstants.ENC_KEY_SIZE));

			if (algorithm == null) { // should only happen for test case
				algorithm = "SHA";
			}

			user.setPassword (PasswordUtil.encodePassword (userPassword
					.getPassword (), userPassword.getUsername (), algorithm, keySize));

		}

		// check if password is valid. Not recycled.
		if (!this.passwordControlManager.isPasswordValid (user.getUsername (), user
				.getPassword ())) {
			errors.rejectValue ("password", "errors.password.recycle");
			return showForm (request, response, errors);
		}

		// try saving the user information.
		this.getUserManager ().saveUser (user);

		// Need to update Acegi of the changes
		// change the cache
		//this.getUserCache ().removeUserFromCache (user.getUsername ());

		//org.acegisecurity.Authentication newUser = new UsernamePasswordAuthenticationToken (
		//		user.getUsername (), userPassword.getPassword ());

		//((UsernamePasswordAuthenticationToken) newUser)
		//		.setDetails (new WebAuthenticationDetails (request));

		// reauthenticate the user.
		//try {
		//	newUser = this.getAuthenticationManager ().authenticate (newUser);
		//}
		//catch (AuthenticationException e) {
			// ignore error.... i think may need to handle this.
		//}

		//SecureContextImpl newSecureContext = new SecureContextImpl ();
		//newSecureContext.setAuthentication (newUser);
		//ContextHolder.setContext (newSecureContext);

		// need to change the remember me cookie if
		// check if remember me service is activated.
		//if (useRememberMe (request)) {
		//	HttpServletRequest newRequest = null;
		//	if (parameter != null && parameter.length () > 0) {
		//		HashMap map = new HashMap ();
		//		map.put (parameter, "true");
		//		newRequest = new ParameterHttpServletRequest (request, map, true);
		//	}
		//	else {
		//		newRequest = request;
		//	}
		//	rememberMeServices.loginSuccess (newRequest, response, newUser);
		//}

		request.getSession ().setAttribute (NameConstants.USER_KEY, user);

		// update password control.
		if (this.passwordControlManager != null) {
			PasswordControl control = this.passwordControlManager
					.getPasswordControl (user.getUsername ());

			List passwordHistory = null;
			if (control == null) {
				control = new PasswordControl ();
				control.setUsername (user.getUsername ());
				passwordHistory = new ArrayList ();
				control.setPasswordHistory (passwordHistory);
			}
			else {
				passwordHistory = control.getPasswordHistory ();
			}

			control.setLastModifiedDate (new Date ());
			control.setNeedPasswordChange (false);
			passwordHistory.add (user.getPassword ());
			this.passwordControlManager.savePasswordControl (control);

		}

		// set flag to skip password change check
		request.getSession ().setAttribute ("needToChange", Boolean.FALSE);

		saveMessage (request, getText ("user.password.saved", user.getFullName (),
				locale));

		return new ModelAndView (new RedirectView ("mainPage.action"));
	}

//	private boolean useRememberMe (HttpServletRequest request) {
//
//		AuthenticationTrustResolver resolver = new AuthenticationTrustResolverImpl ();
//		SecurityContext ctx = SecurityContextHolder.getContext ();
//
//		Authentication auth = ctx.getAuthentication ();
//
//		return resolver.isRememberMe (auth);
//	}
}