1 package org.ultramonkey.l7.view;
3 import java.io.IOException;
4 import java.util.Enumeration;
5 import java.util.regex.Matcher;
6 import java.util.regex.Pattern;
8 import javax.servlet.ServletException;
9 import javax.servlet.http.HttpServletRequest;
10 import javax.servlet.http.HttpServletResponse;
11 import javax.servlet.http.HttpSession;
13 import org.apache.log4j.Logger;
14 import org.ultramonkey.l7.model.*;
19 * class PwChangeServlet
22 * Copyright(c) NTT COMWARE 2008
28 public class UserModServlet extends org.ultramonkey.l7.view.L7guiServletBase {
29 static final long serialVersionUID = 1L;
31 private Logger logger = Logger.getLogger(LogCategorySet.GUI_IO);
36 * @see javax.servlet.http.HttpServlet#HttpServlet()
38 public UserModServlet() {
40 // --- debug log (constructor) ---
41 if (logger.isDebugEnabled()) {
42 logger.debug("11414 class UserModServlet created.");
44 // --- debug log (constructor) ---
50 * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest request,
51 * HttpServletResponse response)
53 protected void doGet(HttpServletRequest request,
54 HttpServletResponse response) throws ServletException, IOException {
55 // --- debug log (in method) ---
56 if (logger.isDebugEnabled()) {
57 StringBuffer buf = new StringBuffer();
58 buf.append("UserModServlet::doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException in ");
59 buf.append("request=(" + request + "), ");
60 buf.append("response=(" + response + ")");
61 logger.debug("11415 " + buf.toString());
62 request.setCharacterEncoding("UTF-8");
63 logger.debug("11416 QueryString=\"" + request.getQueryString() + "\"");
65 // --- debug log (in method) ---
67 response.sendRedirect(RedirectPages.LOGIN);
69 // --- debug log (out method) ---
70 if (logger.isDebugEnabled()) {
71 logger.debug("11417 UserModServlet::doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
73 // --- debug log (out method) ---
80 * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest request,
81 * HttpServletResponse response)
83 protected void doPost(HttpServletRequest request,
84 HttpServletResponse response) throws ServletException, IOException {
85 // --- debug log (in method) ---
86 if (logger.isDebugEnabled()) {
87 StringBuffer buf = new StringBuffer();
88 buf.append("UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException in ");
89 buf.append("request=(" + request + "), ");
90 buf.append("response=(" + response + ")");
91 logger.debug("11418 " + buf.toString());
92 request.setCharacterEncoding("UTF-8");
93 Enumeration keys = request.getParameterNames();
95 while (keys.hasMoreElements()) {
96 if (post.length() != 0)
98 String key = (String) keys.nextElement();
99 post += key + "=" + request.getParameter(key);
101 logger.debug("11419 PostData=\"" + post + "\"");
103 // --- debug log (in method) ---
105 // check login session
106 super.doPost(request, response);
108 HttpSession session = request.getSession(false);
109 if (login == false || session == null) {
110 if (session != null) {
111 MessageView error = new MessageView(41184, LogCategorySet.GUI_USER_AUTHENTICATION,
112 Message.INVALID_SESSSION);
113 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
115 response.sendRedirect(RedirectPages.LOGIN);
116 // --- debug log (out method) ---
117 if (logger.isDebugEnabled()) {
118 logger.debug("11420 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
120 // --- debug log (out method) ---
124 UserData currentUser = (UserData) session
125 .getAttribute(SessionKeys.LOGIN_SESSION);
126 if (currentUser == null) {
127 MessageView error = new MessageView(41185, LogCategorySet.GUI_USER_AUTHENTICATION,
128 Message.UNEXPECTED_ERROR);
129 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
130 response.sendRedirect(RedirectPages.LOGIN);
131 // --- debug log (out method) ---
132 if (logger.isDebugEnabled()) {
133 logger.debug("11421 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
135 // --- debug log (out method) ---
140 request.setCharacterEncoding("UTF-8");
141 String description = request.getParameter("description");
142 String curPass = request.getParameter("password");
143 String newPass1 = request.getParameter("new1_passwd");
144 String newPass2 = request.getParameter("new2_passwd");
145 String button_mode = request.getParameter("button");
146 if ((description == null) || (curPass == null) || (newPass1 == null)
147 || (newPass2 == null) || (button_mode == null)
148 || (button_mode.equals(ButtonMode.CHANGE) == false)) {
149 MessageView error = new MessageView(41186, LogCategorySet.GUI_USER_MANAGE,
150 Message.UNEXPECTED_ERROR);
151 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
152 response.sendRedirect(RedirectPages.LOGIN);
153 // --- debug log (out method) ---
154 if (logger.isDebugEnabled()) {
155 logger.debug("11422 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
157 // --- debug log (out method) ---
161 boolean validationFlag = true;
162 validationFlag = validationCheck(session, description, curPass,
164 if (validationFlag == false) {
165 UserData inputUser = new UserData();
166 inputUser.description = description;
167 session.setAttribute(SessionKeys.INPUT_USERDATA, inputUser);
168 response.sendRedirect(RedirectPages.USER_MODIFY);
169 // --- debug log (out method) ---
170 if (logger.isDebugEnabled()) {
171 logger.debug("11423 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
173 // --- debug log (out method) ---
177 // User authentication
178 UserManager user = UserManager.getInstance();
179 UserData authCheck = null;
181 authCheck = user.authUser(currentUser.userName, curPass);
182 } catch (Exception e) {
183 MessageView error = new MessageView(41187, LogCategorySet.GUI_START_STOP,
184 Message.UNEXPECTED_ERROR);
185 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
186 response.sendRedirect(RedirectPages.LOGIN);
187 // --- debug log (out method) ---
188 if (logger.isDebugEnabled()) {
189 logger.debug("11424 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
191 // --- debug log (out method) ---
195 if (authCheck == null) {
196 MessageView error = new MessageView(21076, LogCategorySet.GUI_USER_MANAGE,
197 Message.PASSWORD_INVALID);
198 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
199 response.sendRedirect(RedirectPages.USER_MODIFY);
200 // --- debug log (out method) ---
201 if (logger.isDebugEnabled()) {
202 logger.debug("11425 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
204 // --- debug log (out method) ---
209 UserData modUser = new UserData();
210 modUser.userName = currentUser.userName;
211 modUser.description = description;
212 modUser.passwd = newPass1;
214 boolean passChange = true;
216 passChange = user.changeUser(modUser);
217 } catch (FileNotWriteException e) {
218 MessageView error = new MessageView(41188,LogCategorySet.GUI_IO_FILE,
219 Message.WRITE_ERROR);
220 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
221 response.sendRedirect(RedirectPages.LOGIN);
222 // --- debug log (out method) ---
223 if (logger.isDebugEnabled()) {
224 logger.debug("11426 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
226 // --- debug log (out method) ---
228 } catch (Exception e) {
229 MessageView error = new MessageView(41189, LogCategorySet.GUI_USER_MANAGE,
230 Message.UNEXPECTED_ERROR);
231 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
232 response.sendRedirect(RedirectPages.LOGIN);
233 // --- debug log (out method) ---
234 if (logger.isDebugEnabled()) {
235 logger.debug("11427 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
237 // --- debug log (out method) ---
241 if (passChange == true) {
242 session.setAttribute(SessionKeys.LOGIN_SESSION, modUser);
243 MessageView error = new MessageView(21077, LogCategorySet.GUI_USER_MANAGE,
244 Message.USER_CHANGE_SUCCESS);
245 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
246 session.setAttribute(SessionKeys.GUI_SYNC_STATE, SessionKeys.NO_SYNC);
247 response.sendRedirect(RedirectPages.USER_MODIFY_SUCCESS);
249 session.setAttribute(SessionKeys.LOGIN_SESSION, authCheck);
250 MessageView error = new MessageView(41190, LogCategorySet.GUI_USER_MANAGE,
251 Message.UNEXPECTED_ERROR);
252 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
253 response.sendRedirect(RedirectPages.USER_MODIFY_FAIL);
256 // --- debug log (out method) ---
257 if (logger.isDebugEnabled()) {
258 logger.debug("11428 UserModServlet::doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException out");
260 // --- debug log (out method) ---
267 * validationCheck method
277 boolean validationCheck(HttpSession session, String description,
278 String curPass, String newPass1, String newPass2) {
279 // --- debug log (in method) ---
280 if (logger.isDebugEnabled()) {
281 StringBuffer buf = new StringBuffer();
282 buf.append("UserModServlet::validationCheck(HttpSession session, String description, String newPass1, String newPass2) in ");
283 buf.append("session=(" + session + "), ");
284 buf.append("description=\"" + description + "\", ");
285 buf.append("newPass1=\"" + newPass1 + "\", ");
286 buf.append("newPass2=\"" + newPass2);
287 logger.debug("11429 " + buf.toString());
289 // --- debug log (in method) ---
291 boolean validationFlag = true;
292 final int MAX_DESCRIPTION_LENGTH = 64;
293 final int MIN_PASS_LENGTH = 6;
294 final int MAX_PASS_LENGTH = 16;
296 Pattern pattern = Pattern.compile("[^\\x20-\\x7e]");
298 if ((description.length() == 0) && (curPass.length() == 0)
299 && (newPass1.length() == 0) && (newPass2.length() == 0)) {
300 MessageView error = new MessageView(21078, LogCategorySet.GUI_USER_MANAGE,
302 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
303 validationFlag = false;
306 else if (description.length() != 0) {
307 Matcher matcher = pattern.matcher(description);
308 if ((description.length() > MAX_DESCRIPTION_LENGTH) || matcher.find() ){
309 MessageView error = new MessageView(21079, LogCategorySet.GUI_USER_MANAGE,
310 "Description : " + Message.INVALID_VALUE);
311 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
312 validationFlag = false;
316 if ( (curPass.length() == 0 ) || (newPass1.length() == 0) || (newPass2.length() == 0) ){
317 MessageView error = new MessageView(21080, LogCategorySet.GUI_USER_MANAGE,
318 "Password : " + Message.REQUIED_ITEM);
319 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
320 validationFlag = false;
322 Matcher matcherCurPass = pattern.matcher(curPass);
323 Matcher matcherNewPass1 = pattern.matcher(newPass1);
324 Matcher matcherNewPass2 = pattern.matcher(newPass2);
326 if (matcherCurPass.find() || matcherNewPass1.find()
327 || matcherNewPass2.find()) {
328 MessageView error = new MessageView(21081, LogCategorySet.GUI_USER_MANAGE,
329 "Input item : "+ Message.INVALID_VALUE);
330 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
331 validationFlag = false;
332 } else if (false == newPass1.equals(newPass2)) {
333 MessageView error = new MessageView(21082, LogCategorySet.GUI_USER_MANAGE,
335 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
336 validationFlag = false;
338 else if ((newPass1.length() < MIN_PASS_LENGTH) || (newPass1.length() > MAX_PASS_LENGTH)){
339 MessageView error = new MessageView(21083, LogCategorySet.GUI_USER_MANAGE,
340 Message.INVALID_VALUE);
341 session.setAttribute(SessionKeys.RESULT_MESSAGE, error);
342 validationFlag = false;
346 // --- debug log (out method) ---
347 if (logger.isDebugEnabled()) {
348 logger.debug("11430 UserModServlet::validationCheck(HttpSession session, String description, String newPass1, String newPass2) out return=" + validationFlag);
350 // --- debug log (out method) ---
351 return validationFlag;