--- /dev/null
+/**\r
+ * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.\r
+ *\r
+ * Permission is hereby granted, free of charge, to any person obtaining a copy\r
+ * of this software and associated documentation files (the "Software"), to deal\r
+ * in the Software without restriction, including without limitation the rights\r
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\r
+ * copies of the Software, and to permit persons to whom the Software is\r
+ * furnished to do so, subject to the following conditions:\r
+ *\r
+ * The above copyright notice and this permission notice shall be included in\r
+ * all copies or substantial portions of the Software.\r
+ *\r
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\r
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\r
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\r
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\r
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\r
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\r
+ * SOFTWARE.\r
+ */\r
+\r
+package com.liferay.portal.action;\r
+\r
+import java.util.Properties;\r
+\r
+import com.liferay.portal.NoSuchUserException;\r
+import com.liferay.portal.UserPasswordException;\r
+import com.liferay.portal.kernel.ldap.LDAPUtil;\r
+import com.liferay.portal.kernel.log.Log;\r
+import com.liferay.portal.kernel.log.LogFactoryUtil;\r
+import com.liferay.portal.kernel.servlet.SessionErrors;\r
+import com.liferay.portal.kernel.util.Constants;\r
+import com.liferay.portal.kernel.util.DigesterUtil;\r
+import com.liferay.portal.kernel.util.ParamUtil;\r
+import com.liferay.portal.kernel.util.PrefsPropsUtil;\r
+import com.liferay.portal.kernel.util.Validator;\r
+import com.liferay.portal.model.User;\r
+import com.liferay.portal.security.auth.PrincipalException;\r
+import com.liferay.portal.security.ldap.LDAPLocalServiceImpl;\r
+import com.liferay.portal.security.ldap.LDAPLocalServiceUtil;\r
+import com.liferay.portal.service.UserLocalServiceUtil;\r
+import com.liferay.portal.service.UserServiceUtil;\r
+import com.liferay.portal.struts.ActionConstants;\r
+import com.liferay.portal.util.PortalUtil;\r
+import com.liferay.portal.util.WebKeys;\r
+\r
+import javax.naming.Context;\r
+import javax.naming.NamingEnumeration;\r
+import javax.naming.NamingException;\r
+import javax.naming.directory.BasicAttribute;\r
+import javax.naming.directory.ModificationItem;\r
+import javax.naming.directory.SearchControls;\r
+import javax.naming.directory.SearchResult;\r
+import javax.naming.ldap.InitialLdapContext;\r
+import javax.naming.ldap.LdapContext;\r
+import javax.servlet.http.HttpServletRequest;\r
+import javax.servlet.http.HttpServletResponse;\r
+import javax.servlet.http.HttpSession;\r
+\r
+import org.apache.struts.action.Action;\r
+import org.apache.struts.action.ActionForm;\r
+import org.apache.struts.action.ActionForward;\r
+import org.apache.struts.action.ActionMapping;\r
+\r
+/**\r
+ * <a href="UpdatePasswordAction.java.html"><b><i>View Source</i></b></a>\r
+ *\r
+ * @author Brian Wing Shun Chan\r
+ *\r
+ */\r
+public class UpdatePasswordAction extends Action {\r
+\r
+ public static String peoplebase = null;\r
+ public static LdapContext ctx = null;\r
+ public static String baseDN ="";\r
+ public static String LDAP_FACTORY_INITIAL_KEY = "ldap.factory.initial";\r
+ public static String LDAP_BASE_PROVIDER_URL_KEY = "ldap.base.provider.url";\r
+ public static String LDAP_BASE_DN_KEY = "ldap.base.dn";\r
+ public static String LDAP_SECURITY_PRINCIPAL_KEY = "ldap.security.principal";\r
+ public static String LDAP_SECURITY_CREDENTIALS_KEY = "ldap.security.credentials";\r
+\r
+ private static Log logger = LogFactoryUtil.getLog(UpdatePasswordAction.class.getName());\r
+\r
+ public ActionForward execute(\r
+ ActionMapping mapping, ActionForm form, HttpServletRequest request,\r
+ HttpServletResponse response)\r
+ throws Exception {\r
+\r
+ String cmd = ParamUtil.getString(request, Constants.CMD);\r
+\r
+ if (Validator.isNull(cmd)) {\r
+ return mapping.findForward("portal.update_password");\r
+ }\r
+\r
+ try {\r
+ updatePassword(request, response);\r
+\r
+ return mapping.findForward(ActionConstants.COMMON_REFERER);\r
+ }\r
+ catch (Exception e) {\r
+ if (e instanceof UserPasswordException) {\r
+ SessionErrors.add(request, e.getClass().getName(), e);\r
+\r
+ return mapping.findForward(ActionConstants.COMMON_REFERER);\r
+ }\r
+ else if (e instanceof NoSuchUserException ||\r
+ e instanceof PrincipalException) {\r
+\r
+ SessionErrors.add(request, e.getClass().getName());\r
+\r
+ return mapping.findForward("portal.error");\r
+ }\r
+ else {\r
+ PortalUtil.sendError(e, request, response);\r
+\r
+ return null;\r
+ }\r
+ }\r
+ }\r
+\r
+ protected void updatePassword(\r
+ HttpServletRequest request, HttpServletResponse response)\r
+ throws Exception {\r
+\r
+ HttpSession session = request.getSession();\r
+\r
+ long userId = PortalUtil.getUserId(request);\r
+ String password1 = ParamUtil.getString(request, "password1");\r
+ String password2 = ParamUtil.getString(request, "password2");\r
+ boolean passwordReset = false;\r
+\r
+ // Change password in DB\r
+ UserServiceUtil.updatePassword(\r
+ userId, password1, password2, passwordReset);\r
+\r
+ // Change password in LDAP\r
+ User user = PortalUtil.getUser(request);\r
+ changeUserPasswordInLdap(user.getCompanyId(), user.getScreenName(), password2); \r
+\r
+ session.setAttribute(WebKeys.USER_PASSWORD, password1);\r
+ }\r
+\r
+ /**\r
+ * Change the user password on LDAP.\r
+ * @param pCompanyId user company ID\r
+ * @param pScreenName the screen name to user, permit to identify it to change the password to the user\r
+ * @param pPassword the password to set\r
+ * @throws NamingException\r
+ */\r
+ public static void changeUserPasswordInLdap(long pCompanyId, String pScreenName, String pPassword) throws NamingException {\r
+\r
+ SearchControls cons = new SearchControls(SearchControls.SUBTREE_SCOPE, 100000, 0, null, false, false);\r
+\r
+ try {\r
+ ctx = getContext(pCompanyId);\r
+ //ctx = LDAPLocalServiceImpl.getContext(pCompanyId);\r
+ NamingEnumeration<SearchResult> l = ctx.search(peoplebase,\r
+ "(&(objectClass=ENTPerson)(ENTPersonLogin=" + pScreenName + "))",\r
+ cons);\r
+\r
+ // Screen name is unique => there is only a unique result\r
+ while (l.hasMoreElements()) {\r
+ SearchResult sr = l.next();\r
+ String pwd = "{SHA}" + DigesterUtil.digest("SHA", pPassword);\r
+ ModificationItem[] mia = new ModificationItem[1];\r
+ mia[0] = new ModificationItem(LdapContext.REPLACE_ATTRIBUTE,\r
+ new BasicAttribute("userPassword", pwd));\r
+ ctx.modifyAttributes(sr.getNameInNamespace(), mia);\r
+ }\r
+ } catch (Exception e1) {\r
+ logger.error(e1);\r
+ } finally {\r
+ if (ctx != null) {\r
+ ctx.close();\r
+ ctx = null;\r
+ }\r
+ }\r
+ }\r
+\r
+ /**\r
+ * Get Ldap context\r
+ * @param companyId\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public static LdapContext getContext(long companyId) throws Exception {\r
+ \r
+ String baseProviderURL = PrefsPropsUtil.getString(companyId,\r
+ LDAP_BASE_PROVIDER_URL_KEY);\r
+ String principal = PrefsPropsUtil.getString(companyId,\r
+ LDAP_SECURITY_PRINCIPAL_KEY);\r
+ String credentials = PrefsPropsUtil.getString(companyId,\r
+ LDAP_SECURITY_CREDENTIALS_KEY);\r
+\r
+\r
+ baseDN = PrefsPropsUtil.getString(companyId, LDAP_BASE_DN_KEY);\r
+ \r
+ LdapContext ctx = getContext(companyId, baseProviderURL, principal, credentials);\r
+\r
+ if (peoplebase == null) {\r
+ initPeopleBase(ctx);\r
+ }\r
+\r
+ \r
+ return ctx;\r
+ }\r
+\r
+ /**\r
+ * Init the people list in Ldap\r
+ * @param ctx\r
+ */\r
+ public static void initPeopleBase(LdapContext ctx) {\r
+\r
+ SearchControls cons = new SearchControls(SearchControls.SUBTREE_SCOPE,\r
+ 10000, 0, null, false, false);\r
+\r
+ try {\r
+ NamingEnumeration<SearchResult> l = ctx.search(baseDN,\r
+ "(objectClass=ENTPerson)", cons);\r
+\r
+ String dn = l.next().getNameInNamespace();\r
+\r
+ peoplebase = dn.substring(dn.indexOf(",") + 1, dn.length());\r
+\r
+ } catch (NamingException e) {\r
+ logger.error(e);\r
+ }\r
+ }\r
+\r
+ /**\r
+ * Get Ldap context\r
+ * @param companyId\r
+ * @param providerURL\r
+ * @param principal\r
+ * @param credentials\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public static LdapContext getContext(long companyId, String providerURL,\r
+ String principal, String credentials) throws Exception {\r
+\r
+ Properties env = new Properties();\r
+\r
+ env.put(Context.INITIAL_CONTEXT_FACTORY, PrefsPropsUtil.getString(\r
+ companyId, LDAP_FACTORY_INITIAL_KEY));\r
+ env.put(Context.SECURITY_AUTHENTICATION, "simple"); \r
+ env.put(Context.PROVIDER_URL, providerURL);\r
+ env.put(Context.SECURITY_PRINCIPAL, principal);\r
+ env.put(Context.SECURITY_CREDENTIALS, credentials);\r
+ \r
+\r
+ env.put("com.sun.jndi.ldap.connect.pool", "true");\r
+ env.put("com.sun.jndi.ldap.connect.pool.maxsize", "50");\r
+ env.put("com.sun.jndi.ldap.connect.pool.timeout", "100000");\r
+\r
+ \r
+ LdapContext ctx = null;\r
+\r
+ try {\r
+ ctx = new InitialLdapContext(env, null);\r
+ } catch (Exception e) {\r
+ logger.error(e);\r
+ }\r
+\r
+ return ctx;\r
+ }\r
+\r
+\r
+}
\ No newline at end of file