1 package org
.argeo
.cms
.ui
.workbench
.commands
;
3 import static org
.argeo
.cms
.CmsMsg
.changePassword
;
4 import static org
.argeo
.cms
.CmsMsg
.currentPassword
;
5 import static org
.argeo
.cms
.CmsMsg
.newPassword
;
6 import static org
.argeo
.cms
.CmsMsg
.passwordChanged
;
7 import static org
.argeo
.cms
.CmsMsg
.repeatNewPassword
;
8 import static org
.eclipse
.jface
.dialogs
.IMessageProvider
.INFORMATION
;
10 import java
.security
.AccessController
;
11 import java
.util
.Arrays
;
13 import javax
.naming
.InvalidNameException
;
14 import javax
.naming
.ldap
.LdapName
;
15 import javax
.security
.auth
.Subject
;
16 import javax
.security
.auth
.x500
.X500Principal
;
18 import org
.apache
.commons
.logging
.Log
;
19 import org
.apache
.commons
.logging
.LogFactory
;
20 import org
.argeo
.api
.security
.CryptoKeyring
;
21 import org
.argeo
.cms
.CmsException
;
22 import org
.argeo
.eclipse
.ui
.dialogs
.ErrorFeedback
;
23 import org
.argeo
.osgi
.transaction
.WorkTransaction
;
24 import org
.eclipse
.core
.commands
.AbstractHandler
;
25 import org
.eclipse
.core
.commands
.ExecutionEvent
;
26 import org
.eclipse
.core
.commands
.ExecutionException
;
27 import org
.eclipse
.jface
.dialogs
.Dialog
;
28 import org
.eclipse
.jface
.dialogs
.MessageDialog
;
29 import org
.eclipse
.jface
.dialogs
.TitleAreaDialog
;
30 import org
.eclipse
.swt
.SWT
;
31 import org
.eclipse
.swt
.graphics
.Point
;
32 import org
.eclipse
.swt
.layout
.GridData
;
33 import org
.eclipse
.swt
.layout
.GridLayout
;
34 import org
.eclipse
.swt
.widgets
.Composite
;
35 import org
.eclipse
.swt
.widgets
.Control
;
36 import org
.eclipse
.swt
.widgets
.Label
;
37 import org
.eclipse
.swt
.widgets
.Shell
;
38 import org
.eclipse
.swt
.widgets
.Text
;
39 import org
.eclipse
.ui
.handlers
.HandlerUtil
;
40 import org
.osgi
.service
.useradmin
.User
;
41 import org
.osgi
.service
.useradmin
.UserAdmin
;
43 /** Open the change password dialog */
44 public class OpenChangePasswordDialog
extends AbstractHandler
{
45 private final static Log log
= LogFactory
.getLog(OpenChangePasswordDialog
.class);
46 private UserAdmin userAdmin
;
47 private WorkTransaction userTransaction
;
48 private CryptoKeyring keyring
= null;
50 public Object
execute(ExecutionEvent event
) throws ExecutionException
{
51 ChangePasswordDialog dialog
= new ChangePasswordDialog(HandlerUtil
.getActiveShell(event
), userAdmin
);
52 if (dialog
.open() == Dialog
.OK
) {
53 MessageDialog
.openInformation(HandlerUtil
.getActiveShell(event
), passwordChanged
.lead(),
54 passwordChanged
.lead());
59 @SuppressWarnings("unchecked")
60 protected void changePassword(char[] oldPassword
, char[] newPassword
) {
61 Subject subject
= Subject
.getSubject(AccessController
.getContext());
62 String name
= subject
.getPrincipals(X500Principal
.class).iterator().next().toString();
65 dn
= new LdapName(name
);
66 } catch (InvalidNameException e
) {
67 throw new CmsException("Invalid user dn " + name
, e
);
69 User user
= (User
) userAdmin
.getRole(dn
.toString());
70 if (!user
.hasCredential(null, oldPassword
))
71 throw new CmsException("Invalid password");
72 if (Arrays
.equals(newPassword
, new char[0]))
73 throw new CmsException("New password empty");
75 userTransaction
.begin();
76 user
.getCredentials().put(null, newPassword
);
77 if (keyring
!= null) {
78 keyring
.changePassword(oldPassword
, newPassword
);
79 // TODO change secret keys in the CMS session
81 userTransaction
.commit();
82 } catch (Exception e
) {
84 userTransaction
.rollback();
85 } catch (Exception e1
) {
86 log
.error("Could not roll back", e1
);
88 if (e
instanceof RuntimeException
)
89 throw (RuntimeException
) e
;
91 throw new CmsException("Cannot change password", e
);
95 class ChangePasswordDialog
extends TitleAreaDialog
{
96 private static final long serialVersionUID
= -6963970583882720962L;
97 private Text oldPassword
, newPassword1
, newPassword2
;
99 public ChangePasswordDialog(Shell parentShell
, UserAdmin securityService
) {
103 protected Point
getInitialSize() {
104 return new Point(400, 450);
107 protected Control
createDialogArea(Composite parent
) {
108 Composite dialogarea
= (Composite
) super.createDialogArea(parent
);
109 dialogarea
.setLayoutData(new GridData(SWT
.FILL
, SWT
.FILL
, true, true));
110 Composite composite
= new Composite(dialogarea
, SWT
.NONE
);
111 composite
.setLayout(new GridLayout(2, false));
112 composite
.setLayoutData(new GridData(SWT
.FILL
, SWT
.FILL
, true, false));
113 oldPassword
= createLP(composite
, currentPassword
.lead());
114 newPassword1
= createLP(composite
, newPassword
.lead());
115 newPassword2
= createLP(composite
, repeatNewPassword
.lead());
117 setMessage(changePassword
.lead(), INFORMATION
);
119 oldPassword
.setFocus();
124 protected void okPressed() {
126 if (!newPassword1
.getText().equals(newPassword2
.getText()))
127 throw new CmsException("New passwords are different");
128 changePassword(oldPassword
.getTextChars(), newPassword1
.getTextChars());
130 } catch (Exception e
) {
131 ErrorFeedback
.show("Cannot change password", e
);
135 /** Creates label and password. */
136 protected Text
createLP(Composite parent
, String label
) {
137 new Label(parent
, SWT
.NONE
).setText(label
);
138 Text text
= new Text(parent
, SWT
.SINGLE
| SWT
.LEAD
| SWT
.PASSWORD
| SWT
.BORDER
);
139 text
.setLayoutData(new GridData(SWT
.FILL
, SWT
.FILL
, true, false));
143 protected void configureShell(Shell shell
) {
144 super.configureShell(shell
);
145 shell
.setText(changePassword
.lead());
149 public void setUserAdmin(UserAdmin userAdmin
) {
150 this.userAdmin
= userAdmin
;
153 public void setUserTransaction(WorkTransaction userTransaction
) {
154 this.userTransaction
= userTransaction
;
157 public void setKeyring(CryptoKeyring keyring
) {
158 this.keyring
= keyring
;