portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From morci...@apache.org
Subject cvs commit: jakarta-jetspeed/xdocs changes.xml config_guide.xml todo.xml
Date Fri, 13 Sep 2002 18:44:07 GMT
morciuch    2002/09/13 11:44:07

  Modified:    build/torque/schema security-schema.xml
               docs/site changes.html config_guide.html todo.html
               src/java/org/apache/jetspeed/modules/actions JLoginUser.java
               src/java/org/apache/jetspeed/modules/localization
                        JetspeedLocalization_de.properties
                        JetspeedLocalization_en.properties
                        JetspeedLocalization_es.properties
                        JetspeedLocalization_fr.properties
                        JetspeedLocalization_it.properties
                        JetspeedLocalization_ja.properties
                        JetspeedLocalization_my.properties
                        JetspeedLocalization_nl.properties
                        JetspeedLocalization_no.properties
               src/java/org/apache/jetspeed/om/security
                        BaseJetspeedUser.java JetspeedUser.java
               src/java/org/apache/jetspeed/services/resources
                        JetspeedResources.java
               src/java/org/apache/jetspeed/services/security/turbine
                        TurbineAuthentication.java
                        TurbineUserManagement.java
               webapp/WEB-INF/conf JetspeedSecurity.properties
                        JetspeedSecurity.template
               webapp/WEB-INF/db jetspeed.script
               webapp/WEB-INF/templates/vm/portlets/html user-form.vm
               xdocs    changes.xml config_guide.xml todo.xml
  Added:       src/java/org/apache/jetspeed/modules/actions
                        ChangePassword.java
               webapp/WEB-INF/templates/vm/screens/html ChangePassword.vm
  Log:
  Implemented automatic password expiration feature (see Bugzilla bug# 11736).
  
  This feature is disabled by default. To activate set services.JetspeedSecurity.password.expiration.period in js.props to a value greater than 0 - number of days between expirations. If activated for the first time, all users will have their passwords automatically expired (unless TURBINE_USER.PASSWORD_CHANGED is set).
  
  Revision  Changes    Path
  1.3       +2 -1      jakarta-jetspeed/build/torque/schema/security-schema.xml
  
  Index: security-schema.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/build/torque/schema/security-schema.xml,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- security-schema.xml	28 Jun 2002 05:37:28 -0000	1.2
  +++ security-schema.xml	13 Sep 2002 18:44:05 -0000	1.3
  @@ -31,6 +31,7 @@
       <column name="LAST_LOGIN" type="TIMESTAMP"/>
   	 <column name="DISABLED" size="1" type="CHAR"/>
       <column name="OBJECTDATA" type="VARBINARY"/>
  +    <column name="PASSWORD_CHANGED" type="TIMESTAMP"/>    
       
       <unique>
           <unique-column name="LOGIN_NAME"/>
  
  
  
  1.56      +4 -1      jakarta-jetspeed/docs/site/changes.html
  
  Index: changes.html
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/docs/site/changes.html,v
  retrieving revision 1.55
  retrieving revision 1.56
  diff -u -r1.55 -r1.56
  --- changes.html	11 Sep 2002 18:30:54 -0000	1.55
  +++ changes.html	13 Sep 2002 18:44:05 -0000	1.56
  @@ -129,7 +129,10 @@
   </li>
   -->
   <li>
  -  Add - Bug # 11735 - 2002/09/11 - Implemented role profile merging feature (MO)
  +  Add - Bug # 11736 - 2002/09/13 - Implemented automatic password expiration feature, disabled by default (MO)
  +</li>
  +<li>
  +  Add - Bug # 11735 - 2002/09/11 - Implemented role profile merging feature, disabled by default (MO)
   </li>
   <li>
     Add - Bug # 11741 - 2002/09/10 - Implemented Print Friendly Format portlet action (MO)
  
  
  
  1.18      +41 -0     jakarta-jetspeed/docs/site/config_guide.html
  
  Index: config_guide.html
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/docs/site/config_guide.html,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- config_guide.html	11 Sep 2002 18:30:54 -0000	1.17
  +++ config_guide.html	13 Sep 2002 18:44:05 -0000	1.18
  @@ -159,6 +159,7 @@
           <li><a href="#Enable e-mail confirmation">Enable e-mail confirmation</a></li>
           <li><a href="#Logon Configuration">Logon Configuration</a></li>
           <li><a href="#Account Disabling">Account Disabling</a></li>
  +        <li><a href="#Automatic Password Expiration">Automatic Password Expiration</a></li>        
           <li><a href="#Backup and Test">Backup and Test</a></li>
         </ul>
                               </blockquote>
  @@ -1387,6 +1388,46 @@
   # dont allow more than 10 over any time period
   services.JetspeedSecurity.logon.strike.max=10
   logon.disabled.form=AccountDisabled.vm
  +</pre></td>
  +      <td bgcolor="#023264" width="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +    </tr>
  +    <tr>
  +      <td bgcolor="#023264" width="1" height="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +      <td bgcolor="#023264" height="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +      <td bgcolor="#023264" width="1" height="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +    </tr>
  +    </table>
  +    </div>
  +                            </blockquote>
  +        </p>
  +      </td></tr>
  +      <tr><td><br/></td></tr>
  +    </table>
  +                                                <table border="0" cellspacing="0" cellpadding="2" width="100%">
  +      <tr><td bgcolor="#525D76">
  +        <font color="#ffffff" face="arial,helvetica,sanserif">
  +          <a name="Automatic Password Expiration"><strong>Automatic Password Expiration</strong></a>
  +        </font>
  +      </td></tr>
  +      <tr><td>
  +        <blockquote>
  +                                    <p>Password can automatically expire with this feature. When password expires, the user is presented
  +with a a change password screen. The user must change the password in order to continue. When new
  +user is created, a temporary password is assigned. On first login, the user is then prompted to
  +change the password. The administrator can force password expiration by setting column PASSWORD_CHANGED
  +to null in TURBINE_USER for particular account(s).
  +To turn on this feature, set this property to a value greater than 0:</p>
  +                                                    <div align="left">
  +    <table cellspacing="4" cellpadding="0" border="0">
  +    <tr>
  +      <td bgcolor="#023264" width="1" height="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +      <td bgcolor="#023264" height="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +      <td bgcolor="#023264" width="1" height="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +    </tr>
  +    <tr>
  +      <td bgcolor="#023264" width="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
  +      <td bgcolor="#ffffff"><pre>
  +services.JetspeedSecurity.password.expiration.period=[number of days before the password expires]
   </pre></td>
         <td bgcolor="#023264" width="1"><img src="/images/void.gif" width="1" height="1" vspace="0" hspace="0" border="0"/></td>
       </tr>
  
  
  
  1.43      +1 -1      jakarta-jetspeed/docs/site/todo.html
  
  Index: todo.html
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/docs/site/todo.html,v
  retrieving revision 1.42
  retrieving revision 1.43
  diff -u -r1.42 -r1.43
  --- todo.html	11 Sep 2002 18:30:54 -0000	1.42
  +++ todo.html	13 Sep 2002 18:44:06 -0000	1.43
  @@ -481,7 +481,7 @@
   </td>
                                   <td bgcolor="#a0ddf0" colspan="" rowspan="" valign="top" align="left">
       <font color="#000000" size="-1" face="arial,helvetica,sanserif">
  -                Password Expiration and Validation
  +                Password Expiration and Validation. <strong>Done</strong>
               </font>
   </td>
                                   <td bgcolor="#a0ddf0" colspan="" rowspan="" valign="top" align="left">
  
  
  
  1.29      +14 -7     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLoginUser.java
  
  Index: JLoginUser.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLoginUser.java,v
  retrieving revision 1.28
  retrieving revision 1.29
  diff -u -r1.28 -r1.29
  --- JLoginUser.java	30 Jul 2002 05:45:21 -0000	1.28
  +++ JLoginUser.java	13 Sep 2002 18:44:06 -0000	1.29
  @@ -251,6 +251,12 @@
           }
           catch (LoginException e)
           {
  +            data.setScreenTemplate(JetspeedResources.getString(TurbineConstants.TEMPLATE_LOGIN));
  +            String message = e.getMessage() != null ? e.getMessage() : e.toString();
  +            data.setMessage(message);
  +            data.setUser(JetspeedSecurity.getAnonymousUser());
  +            data.getUser().setHasLoggedIn(new Boolean (false) );            
  +
               if (e instanceof FailedLoginException)
               {
                   Log.info("JLoginUser: Credential Failure on login", e);
  @@ -259,15 +265,16 @@
               {
                   Log.info("JLoginUser: Account Expired ", e);
               } 
  -            else if (e instanceof AccountExpiredException)
  +            else if (e instanceof CredentialExpiredException)
               {
  -                Log.info("JLoginUser: Credentials Expired ", e);
  +                Log.info("JLoginUser: Credentials expired for user: " + username);
  +                data.setScreenTemplate(
  +                    JetspeedResources.getString(JetspeedResources.CHANGE_PASSWORD_TEMPLATE, "ChangePassword")
  +                    );
  +                data.setMessage("Your password has expired. Please change your password.");
  +                data.getParameters().setString("username", username);
               } 
  -            data.setMessage(e.toString());
  -            String loginTemplate = JetspeedResources.getString(TurbineConstants.TEMPLATE_LOGIN);
  -            data.setScreenTemplate(loginTemplate);
  -            data.setUser(JetspeedSecurity.getAnonymousUser());
  -            data.getUser().setHasLoggedIn(new Boolean (false) );            
  +
               return;
   
           }
  
  
  
  1.1                  jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/ChangePassword.java
  
  Index: ChangePassword.java
  ===================================================================
  /* ====================================================================
   * The Apache Software License, Version 1.1
   *
   * Copyright (c) 2000-2001 The Apache Software Foundation.  All rights
   * reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer.
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. The end-user documentation included with the redistribution,
   *    if any, must include the following acknowledgment:
   *       "This product includes software developed by the
   *        Apache Software Foundation (http://www.apache.org/)."
   *    Alternately, this acknowledgment may appear in the software itself,
   *    if and wherever such third-party acknowledgments normally appear.
   *
   * 4. The names "Apache" and "Apache Software Foundation" and
   *     "Apache Jetspeed" must not be used to endorse or promote products
   *    derived from this software without prior written permission. For
   *    written permission, please contact apache@apache.org.
   *
   * 5. Products derived from this software may not be called "Apache" or
   *    "Apache Jetspeed", nor may "Apache" appear in their name, without
   *    prior written permission of the Apache Software Foundation.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Software Foundation.  For more
   * information on the Apache Software Foundation, please see
   * <http://www.apache.org/>.
   */
  
  package org.apache.jetspeed.modules.actions;
  
  // Jetspeed
  import org.apache.jetspeed.services.JetspeedSecurity;
  import org.apache.jetspeed.services.resources.JetspeedResources;
  import org.apache.jetspeed.om.security.JetspeedUser;
  
  // Turbine
  import org.apache.turbine.modules.Action;
  import org.apache.turbine.modules.ActionLoader;
  import org.apache.turbine.services.localization.Localization;
  import org.apache.turbine.util.RunData;
  import org.apache.turbine.util.Log;
  import org.apache.turbine.TurbineConstants;
  
  /**
   * Performs change password action
   * 
   * @author <a href="morciuch@apache.org">Mark Orciuch</a>
   * @version $Id: ChangePassword.java,v 1.1 2002/09/13 18:44:06 morciuch Exp $
   */
  public class ChangePassword extends Action
  {
      public void doPerform(RunData rundata) throws Exception
      {
  
          String cancelBtn = rundata.getParameters().getString(Localization.getString("PASSWORDFORM_CANCEL"));
          String username  = rundata.getParameters().getString("username" , "");
          String oldPassword  = JetspeedSecurity.convertPassword(rundata.getParameters().getString("old_password" , ""));
          String password  = JetspeedSecurity.convertPassword(rundata.getParameters().getString("password", ""));
          String password2 = JetspeedSecurity.convertPassword(rundata.getParameters().getString("password_confirm", ""));
  
          // CANCEL BUTTON
          //
          // check to see if the Cancel button was pressed.
          // if so, return to default portal page
          if (cancelBtn != null && cancelBtn.equalsIgnoreCase(Localization.getString("PASSWORDFORM_CANCEL")))
          {
              return;
          }
  
          String returnTemplate = JetspeedResources.getString(JetspeedResources.CHANGE_PASSWORD_TEMPLATE, "ChangePassword");
  
          try 
          {
  
              JetspeedUser user = JetspeedSecurity.getUser(username);
  
              if (!password.equals(password2))
              {
                  rundata.setMessage(Localization.getString("UPDATEACCOUNT_PWNOTMATCH"));
                  rundata.setScreenTemplate(returnTemplate);
                  return;
              }
  
              if (password.equals(oldPassword))
              {
                  rundata.setMessage(Localization.getString("PASSWORDFORM_THESAME_MSG"));
                  rundata.setScreenTemplate(returnTemplate);
                  return;
              }
  
              // Change the password
              JetspeedSecurity.changePassword(user, oldPassword, password);
              rundata.setMessage(Localization.getString("PASSWORDFORM_DONE"));
  
              // Login again
              rundata.getParameters().setString("username", username);
              rundata.getParameters().setString("password", password);
              ActionLoader.getInstance().getInstance(
                  JetspeedResources.getString(TurbineConstants.ACTION_LOGIN)
                  ).doPerform(rundata);
  
          }
          catch (Exception e) 
          {
              Log.error(e);
              rundata.setMessage(e.getMessage() != null ? e.getMessage() : e.toString());
              rundata.setScreenTemplate(returnTemplate);
          }
      }
  
  }
  
  
  
  1.8       +12 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_de.properties
  
  Index: JetspeedLocalization_de.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_de.properties,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- JetspeedLocalization_de.properties	29 Aug 2002 02:09:10 -0000	1.7
  +++ JetspeedLocalization_de.properties	13 Sep 2002 18:44:06 -0000	1.8
  @@ -99,3 +99,14 @@
   USERFORM_CANCEL=Abbrechen
   USERFORM_UPDATE=Zugang aktualisieren
   USERFORM_CREATE=Neue Registrierung
  +
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  
  
  
  1.23      +13 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties
  
  Index: JetspeedLocalization_en.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties,v
  retrieving revision 1.22
  retrieving revision 1.23
  diff -u -r1.22 -r1.23
  --- JetspeedLocalization_en.properties	29 Aug 2002 02:27:47 -0000	1.22
  +++ JetspeedLocalization_en.properties	13 Sep 2002 18:44:06 -0000	1.23
  @@ -178,3 +178,15 @@
   CUSTOMIZER_TITLE=Title
   CUSTOMIZER_TYPE=Type
   CUSTOMIZER_UPDATE=Update
  +
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  +
  
  
  
  1.7       +12 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_es.properties
  
  Index: JetspeedLocalization_es.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_es.properties,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- JetspeedLocalization_es.properties	23 Jul 2002 05:30:04 -0000	1.6
  +++ JetspeedLocalization_es.properties	13 Sep 2002 18:44:06 -0000	1.7
  @@ -112,3 +112,14 @@
   UPDATEACCOUNT_NOTLOGGEDIN=You must login before you can update account information.
   UPDATEACCOUNT_NOUSER=Could not find correct user.
   UPDATEACCOUNT_PWNOTMATCH=Sorry, the passwords do not match.
  +
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  
  
  
  1.10      +11 -2     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_fr.properties
  
  Index: JetspeedLocalization_fr.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_fr.properties,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- JetspeedLocalization_fr.properties	29 Aug 2002 02:09:10 -0000	1.9
  +++ JetspeedLocalization_fr.properties	13 Sep 2002 18:44:06 -0000	1.10
  @@ -112,7 +112,16 @@
   NEWACCOUNT_CANCEL=Annuler
   NEWACCOUNT_CREATE=Cr&eacute;er un nouveau compte
   
  -
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
   
   
   
  
  
  
  1.2       +11 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_it.properties
  
  Index: JetspeedLocalization_it.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_it.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- JetspeedLocalization_it.properties	2 Sep 2002 19:22:07 -0000	1.1
  +++ JetspeedLocalization_it.properties	13 Sep 2002 18:44:06 -0000	1.2
  @@ -176,3 +176,13 @@
   CUSTOMIZER_TYPE=Tipo
   CUSTOMIZER_UPDATE=Aggiorna
   
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  
  
  
  1.3       +11 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_ja.properties
  
  Index: JetspeedLocalization_ja.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_ja.properties,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- JetspeedLocalization_ja.properties	29 Aug 2002 02:09:10 -0000	1.2
  +++ JetspeedLocalization_ja.properties	13 Sep 2002 18:44:06 -0000	1.3
  @@ -178,3 +178,13 @@
   CUSTOMIZER_TYPE=\u30bf\u30a4\u30d7
   CUSTOMIZER_UPDATE=\u66f4\u65b0
   
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  
  
  
  1.2       +12 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_my.properties
  
  Index: JetspeedLocalization_my.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_my.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- JetspeedLocalization_my.properties	29 Aug 2002 02:11:51 -0000	1.1
  +++ JetspeedLocalization_my.properties	13 Sep 2002 18:44:06 -0000	1.2
  @@ -179,3 +179,14 @@
   CUSTOMIZER_TITLE=Tajuk
   CUSTOMIZER_TYPE=Jenis
   CUSTOMIZER_UPDATE=Kemaskini
  +
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  
  
  
  1.3       +12 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_nl.properties
  
  Index: JetspeedLocalization_nl.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_nl.properties,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- JetspeedLocalization_nl.properties	29 Aug 2002 02:09:10 -0000	1.2
  +++ JetspeedLocalization_nl.properties	13 Sep 2002 18:44:06 -0000	1.3
  @@ -179,3 +179,14 @@
   CUSTOMIZER_TITLE=Titel
   CUSTOMIZER_TYPE=Type
   CUSTOMIZER_UPDATE=Aanpassing
  +
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  
  
  
  1.2       +12 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_no.properties
  
  Index: JetspeedLocalization_no.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_no.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- JetspeedLocalization_no.properties	29 Aug 2002 02:27:47 -0000	1.1
  +++ JetspeedLocalization_no.properties	13 Sep 2002 18:44:06 -0000	1.2
  @@ -183,3 +183,14 @@
   CUSTOMIZER_TITLE=Tittel
   CUSTOMIZER_TYPE=Type
   CUSTOMIZER_UPDATE=Oppdater
  +
  +PASSWORDFORM_TITLE=Change your account password
  +PASSWORDFORM_USERNAMEMSG=Username:
  +PASSWORDFORM_OLDPASSWORDMSG=Old Password
  +PASSWORDFORM_PASSWORDMSG=New Password:
  +PASSWORDFORM_PASSWORDCONFIRMMSG=New Password (confirm):
  +PASSWORDFORM_CANCEL=Cancel
  +PASSWORDFORM_RESET=Reset
  +PASSWORDFORM_CHANGE=Change Password
  +PASSWORDFORM_DONE=Password has been successfully changed
  +PASSWORDFORM_THESAME_MSG=Old and new passwords are the same. Please select another new password.
  
  
  
  1.6       +19 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/BaseJetspeedUser.java
  
  Index: BaseJetspeedUser.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/BaseJetspeedUser.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- BaseJetspeedUser.java	26 Jul 2002 01:47:21 -0000	1.5
  +++ BaseJetspeedUser.java	13 Sep 2002 18:44:06 -0000	1.6
  @@ -78,6 +78,7 @@
    * for custom attributes). 
    *
    * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
  + * @author <a href="mailto:morciuch@apache.org">Mark Orciuch</a> 
    * @version $Id$
    */
   public class BaseJetspeedUser /*extends SecurityObject*/ implements JetspeedUser
  @@ -774,4 +775,21 @@
       {
           this.isNew = isNew;
       }
  +
  +    /**
  +     * @see org.apache.jetspeed.om.security.JetspeedUser#getPasswordChanged
  +     */
  +    public Date getPasswordChanged()
  +    {
  +        return (Date) getPerm(JetspeedUser.PASSWORD_CHANGED);
  +    }
  + 
  +    /**
  +     * @see org.apache.jetspeed.om.security.JetspeedUser#setPasswordChanged
  +     */
  +    public void setPasswordChanged(Date value)
  +    {
  +        setPerm(JetspeedUser.PASSWORD_CHANGED, value);
  +    }
  +
   }
  
  
  
  1.3       +20 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/JetspeedUser.java
  
  Index: JetspeedUser.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/JetspeedUser.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- JetspeedUser.java	28 Jun 2002 05:37:31 -0000	1.2
  +++ JetspeedUser.java	13 Sep 2002 18:44:06 -0000	1.3
  @@ -56,16 +56,20 @@
   
   import org.apache.turbine.om.security.User;
   
  +import java.util.Date;
  +
   /**
    * A Jetspeed extension of the Turbine User interface.
    *
    * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
  + * @author <a href="mailto:morciuch@apache.org">Mark Orciuch</a> 
    * @version $Id$
    */
   public interface JetspeedUser extends User
   {
       public static final String DISABLED = "DISABLED";
       public static final String USER_ID = "USER_ID";
  +    public static final String PASSWORD_CHANGED = "PASSWORD_CHANGED";
   
       /**
        * Returns the disabled status for the user
  @@ -86,4 +90,19 @@
   
   
       public boolean isNew();
  +
  +    /**
  +     * Returns the date of last password change
  +     *
  +     * @return date
  +     */
  +    public Date getPasswordChanged();
  + 
  +    /**
  +     * Sets the date of last password change
  +     * 
  +     * @param value  Date
  +     */
  +    public void setPasswordChanged(Date value);
  +
   }
  
  
  
  1.14      +2 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/services/resources/JetspeedResources.java
  
  Index: JetspeedResources.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/resources/JetspeedResources.java,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- JetspeedResources.java	10 Sep 2002 02:01:27 -0000	1.13
  +++ JetspeedResources.java	13 Sep 2002 18:44:07 -0000	1.14
  @@ -131,6 +131,7 @@
       public static final String HTML_COLOR_NAME_KEY = "html.color.name.";
       public static final String MANDATORY_PORTLET = "portlet.mandatory";
   
  +    public static final String CHANGE_PASSWORD_TEMPLATE = "template.change.password";
   
       // Images for the portal
       
  
  
  
  1.4       +34 -2     jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineAuthentication.java
  
  Index: TurbineAuthentication.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineAuthentication.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- TurbineAuthentication.java	16 Jul 2002 17:27:06 -0000	1.3
  +++ TurbineAuthentication.java	13 Sep 2002 18:44:07 -0000	1.4
  @@ -56,6 +56,9 @@
   
   import javax.servlet.ServletConfig;
   
  +import java.util.Date;
  +import java.util.GregorianCalendar;
  +
   import org.apache.turbine.util.Log;
   import org.apache.turbine.services.TurbineBaseService;
   import org.apache.turbine.services.TurbineServices;
  @@ -74,6 +77,7 @@
   import org.apache.jetspeed.services.security.JetspeedSecurityService;
   import org.apache.jetspeed.services.security.LoginException;
   import org.apache.jetspeed.services.security.FailedLoginException;
  +import org.apache.jetspeed.services.security.CredentialExpiredException;
   import org.apache.jetspeed.services.security.UnknownUserException;
   import org.apache.jetspeed.services.security.UserException;
   import org.apache.jetspeed.services.security.JetspeedSecurityException;
  @@ -91,6 +95,7 @@
    * This service does not use any of the Turbine security or user management classes.
    * 
    * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
  + * @author <a href="mailto:morciuch@apache.org">Mark Orciuch</a> 
    * @version $Id$
    */
                                                                
  @@ -105,6 +110,9 @@
       private final static String CACHING_ENABLE = "caching.enable";
       private boolean cachingEnable = true;
   
  +    private final static String CONFIG_PASSWORD_EXPIRATION_PERIOD = "password.expiration.period";
  +
  +    private int expirationPeriod = 0;
   
       /**
        * Given a public credential(username) and private credential(password), 
  @@ -144,7 +152,30 @@
           if(!user.getPassword().equals(password))
           {
               throw new FailedLoginException("Credential authentication failure");
  -        }        
  +        }  
  +
  +        // Check for password expiration
  +        if (this.expirationPeriod > 0)
  +        {
  +            Date passwordLastChangedDate = user.getPasswordChanged();
  +            Date passwordExpireDate = null;
  +            if (passwordLastChangedDate != null) {
  +                GregorianCalendar gcal = (GregorianCalendar) GregorianCalendar.getInstance();
  +                gcal.setTime(passwordLastChangedDate);
  +                gcal.add(GregorianCalendar.DATE, this.expirationPeriod);
  +                passwordExpireDate = gcal.getTime();
  +                if (Log.getLogger().isDebugEnabled())
  +                {
  +                    Log.debug("TurbineAuthentication: password last changed = " + passwordLastChangedDate.toString() +
  +                              ", password expires = " + passwordExpireDate.toString());
  +                }
  +            }
  +
  +            if (passwordExpireDate == null || (new Date().getTime() > passwordExpireDate.getTime())) {
  +                throw new CredentialExpiredException("Password expired");
  +            }
  +
  +        }
   
           // Mark the user as being logged in.
           user.setHasLoggedIn(new Boolean(true));
  @@ -242,6 +273,7 @@
   
           anonymousUser = serviceConf.getString(CONFIG_ANONYMOUS_USER, anonymousUser);
           cachingEnable = serviceConf.getBoolean( CACHING_ENABLE, cachingEnable );
  +        expirationPeriod = serviceConf.getInt( this.CONFIG_PASSWORD_EXPIRATION_PERIOD, 0 );
   
           this.runDataService =
               (JetspeedRunDataService)TurbineServices.getInstance()
  
  
  
  1.5       +6 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java
  
  Index: TurbineUserManagement.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- TurbineUserManagement.java	11 Sep 2002 18:30:55 -0000	1.4
  +++ TurbineUserManagement.java	13 Sep 2002 18:44:07 -0000	1.5
  @@ -56,6 +56,7 @@
   
   import java.util.Vector;
   import java.util.Iterator;
  +import java.util.Date;
   import javax.servlet.ServletConfig;
   import java.security.Principal;
   
  @@ -440,6 +441,10 @@
                   "' was incorrect");
           }
           user.setPassword(JetspeedSecurity.encryptPassword(newPassword));
  +
  +        // Set the last password change date
  +        user.setPasswordChanged(new Date());
  +
           // save the changes in the database immediately, to prevent the password
           // being 'reverted' to the old value if the user data is lost somehow
           // before it is saved at session's expiry. 
  
  
  
  1.30      +9 -1      jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties
  
  Index: JetspeedSecurity.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties,v
  retrieving revision 1.29
  retrieving revision 1.30
  diff -u -r1.29 -r1.30
  --- JetspeedSecurity.properties	6 Sep 2002 03:29:43 -0000	1.29
  +++ JetspeedSecurity.properties	13 Sep 2002 18:44:07 -0000	1.30
  @@ -118,6 +118,14 @@
   # Caching
   services.JetspeedSecurity.caching.enable=true
   
  +#
  +# Number of days until password expires. To disable
  +# this feature, set it to 0.
  +#
  +# Default:  0
  +#
  +services.JetspeedSecurity.password.expiration.period=0
  +
   #########################################
   # Action buttons                        #
   #########################################
  
  
  
  1.6       +9 -1      jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.template
  
  Index: JetspeedSecurity.template
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.template,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- JetspeedSecurity.template	6 Sep 2002 03:29:43 -0000	1.5
  +++ JetspeedSecurity.template	13 Sep 2002 18:44:07 -0000	1.6
  @@ -118,6 +118,14 @@
   # Caching
   services.JetspeedSecurity.caching.enable=true
   
  +#
  +# Number of days until password expires. To disable
  +# this feature, set it to 0.
  +#
  +# Default:  0
  +#
  +services.JetspeedSecurity.password.expiration.period=0
  +
   #########################################
   # Action buttons                        #
   #########################################
  
  
  
  1.19      +4 -4      jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script
  
  Index: jetspeed.script
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- jetspeed.script	23 Jul 2002 00:03:55 -0000	1.18
  +++ jetspeed.script	13 Sep 2002 18:44:07 -0000	1.19
  @@ -1,7 +1,7 @@
   CREATE TABLE TURBINE_PERMISSION(PERMISSION_ID INTEGER NOT NULL IDENTITY PRIMARY KEY,PERMISSION_NAME VARCHAR NOT NULL,OBJECTDATA BINARY)
   CREATE TABLE TURBINE_ROLE(ROLE_ID INTEGER NOT NULL IDENTITY PRIMARY KEY,ROLE_NAME VARCHAR NOT NULL,OBJECTDATA BINARY)
   CREATE TABLE TURBINE_GROUP(GROUP_ID INTEGER NOT NULL IDENTITY PRIMARY KEY,GROUP_NAME VARCHAR NOT NULL,OBJECTDATA BINARY)
  -CREATE TABLE TURBINE_USER(USER_ID INTEGER NOT NULL IDENTITY PRIMARY KEY,LOGIN_NAME VARCHAR NOT NULL,PASSWORD_VALUE VARCHAR NOT NULL,FIRST_NAME VARCHAR NOT NULL,LAST_NAME VARCHAR NOT NULL,EMAIL VARCHAR,CONFIRM_VALUE VARCHAR,MODIFIED TIMESTAMP,CREATED TIMESTAMP,LAST_LOGIN TIMESTAMP,DISABLED CHAR,OBJECTDATA BINARY)
  +CREATE TABLE TURBINE_USER(USER_ID INTEGER NOT NULL IDENTITY PRIMARY KEY,LOGIN_NAME VARCHAR NOT NULL,PASSWORD_VALUE VARCHAR NOT NULL,FIRST_NAME VARCHAR NOT NULL,LAST_NAME VARCHAR NOT NULL,EMAIL VARCHAR,CONFIRM_VALUE VARCHAR,MODIFIED TIMESTAMP,CREATED TIMESTAMP,LAST_LOGIN TIMESTAMP,DISABLED CHAR,OBJECTDATA BINARY,PASSWORD_CHANGED TIMESTAMP)
   CREATE TABLE TURBINE_ROLE_PERMISSION(ROLE_ID INTEGER NOT NULL,PERMISSION_ID INTEGER NOT NULL)
   CREATE UNIQUE INDEX ROLE_PERMISSION_INDEX ON TURBINE_ROLE_PERMISSION(ROLE_ID,PERMISSION_ID)
   CREATE TABLE TURBINE_USER_GROUP_ROLE(USER_ID INTEGER NOT NULL,GROUP_ID INTEGER NOT NULL,ROLE_ID INTEGER NOT NULL)
  @@ -100,9 +100,9 @@
   INSERT INTO TURBINE_ROLE VALUES(3,'guest',NULL)
   INSERT INTO TURBINE_GROUP VALUES(1,'Jetspeed',NULL)
   INSERT INTO TURBINE_GROUP VALUES(2,'apache',NULL)
  -INSERT INTO TURBINE_USER VALUES(0,'turbine','turbine','Tommy','Turbine','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2002-06-04 16:05:25.712','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000577080000000700000003740008756e69747465737474000074000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b020000787000000076740007555345525f49447400013078')
  -INSERT INTO TURBINE_USER VALUES(1,'admin','jetspeed','Jetspeed','Admin','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2001-11-11 18:45:41.671','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f400000000000027708000000030000000174000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b0200007870000000a978')
  -INSERT INTO TURBINE_USER VALUES(2,'anon','anon','Anonymous','User','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2001-11-11 18:45:41.671','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f400000000000027708000000030000000174000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b0200007870000000a978')
  +INSERT INTO TURBINE_USER VALUES(0,'turbine','turbine','Tommy','Turbine','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2002-06-04 16:05:25.712','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000577080000000700000003740008756e69747465737474000074000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b020000787000000076740007555345525f49447400013078',NULL)
  +INSERT INTO TURBINE_USER VALUES(1,'admin','jetspeed','Jetspeed','Admin','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2001-11-11 18:45:41.671','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f400000000000027708000000030000000174000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b0200007870000000a978',NULL)
  +INSERT INTO TURBINE_USER VALUES(2,'anon','anon','Anonymous','User','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2001-11-11 18:45:41.671','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f400000000000027708000000030000000174000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b0200007870000000a978',NULL)
   INSERT INTO TURBINE_ROLE_PERMISSION VALUES(1,1)
   INSERT INTO TURBINE_ROLE_PERMISSION VALUES(1,2)
   INSERT INTO TURBINE_ROLE_PERMISSION VALUES(1,3)
  
  
  
  1.8       +7 -1      jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-form.vm
  
  Index: user-form.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-form.vm,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- user-form.vm	14 May 2002 05:13:19 -0000	1.7
  +++ user-form.vm	13 Sep 2002 18:44:07 -0000	1.8
  @@ -72,6 +72,12 @@
   #end
         </tr>
   #end
  +#if (($mode == "delete") || ($mode=="update"))
  +      <tr>
  +        <td><b>Password Last Changed</b></td>      
  +        <td>$!user.PasswordChanged</td>
  +      </tr>
  +#end      
     </table>
   
    #if ( $config.getBoolean("newuser.approval.enable") == true )
  
  
  
  1.1                  jakarta-jetspeed/webapp/WEB-INF/templates/vm/screens/html/ChangePassword.vm
  
  Index: ChangePassword.vm
  ===================================================================
  #set ($username = $!data.Parameters.getString("username"))
  #if (! $username)
    #set ($username = $data.user.UserName)
  #end
  
  #if (!$username.equals($config.getString("services.JetspeedSecurity.user.anonymous")))
  <div>
    <center>
      <table cellpadding="2" cellspacing="0" border="1" width="50%">
        <tr>
          <td align="center" colspan="3" class="INPUTFORMTITLE">
            $l10n.PASSWORDFORM_TITLE
          </td>
        </tr>
        <tr>
          <td class="INPUTFORM">
            #if ($data.Message)
              ## Message include account creation failure messages.
              <p><b>$data.Message</b></p>
            #end
            <form accept-charset="UTF-8, ISO-8859-1" 
                method="POST" 
                action="$jslink.HomePage" 
                enctype="application/x-www-form-urlencoded">
            <input name="$jslink.ActionKey" type="hidden" value="ChangePassword">
            <input name="username" type="hidden" value="$username">
            <center>
                <table cellpadding="0" cellspacing="1" border="0">
                  <tr>
                    <td>$l10n.PASSWORDFORM_USERNAMEMSG</td>
                    <td>&nbsp;</td>
                    <td align="left">
                      $username
                    </td>
                  </tr>
                  <tr>
                    <td>$l10n.PASSWORDFORM_OLDPASSWORDMSG</td>
                    <td>&nbsp;</td>
                    <td align="left">
                      <input name="old_password" type="PASSWORD" value="">
                    </td>
                  </tr>
                  <tr>
                    <td>$l10n.PASSWORDFORM_PASSWORDMSG</td>
                    <td>&nbsp;</td>
                    <td align="left">
                      <input name="password" type="PASSWORD" value="">
                    </td>
                  </tr>
                  <tr>
                    <td>$l10n.PASSWORDFORM_PASSWORDCONFIRMMSG</td>
                    <td>&nbsp;</td>
                    <td align="left">
                      <input name="password_confirm" type="PASSWORD" value="">
                    </td>
                  </tr>
                  <tr>
                    <td colspan="3">&nbsp;</td>
                  </tr> 
                  <tr>
                    <td colspan="3">
                      <table width="100%">
                        <tr>
                          <td align="right" width="40%">
                            <input name="$l10n.PASSWORDFORM_CANCEL" type="submit" value="$l10n.PASSWORDFORM_CANCEL">
                          </td>
                          <td width="10%">&nbsp;</td>
                          <td align="left" width="40%">
                            <input name="$l10n.PASSWORDFORM_CHANGE" type="submit" value="$l10n.PASSWORDFORM_CHANGE">
                          </td>
                        </tr>
                      </table>
                    </td>
                  </tr>
                </table>
              </center>
            </form>
          </td>
        </tr>
      </table>
    </center>
  </div>
  #else
  <h3>Sorry, cannot change password for anonymous user.<h3>
  #end
  
  
  
  1.74      +5 -2      jakarta-jetspeed/xdocs/changes.xml
  
  Index: changes.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/xdocs/changes.xml,v
  retrieving revision 1.73
  retrieving revision 1.74
  diff -u -r1.73 -r1.74
  --- changes.xml	11 Sep 2002 18:30:55 -0000	1.73
  +++ changes.xml	13 Sep 2002 18:44:07 -0000	1.74
  @@ -23,7 +23,10 @@
   </li>
   -->
   <li>
  -  Add - Bug # 11735 - 2002/09/11 - Implemented role profile merging feature (MO)
  +  Add - Bug # 11736 - 2002/09/13 - Implemented automatic password expiration feature, disabled by default (MO)
  +</li>
  +<li>
  +  Add - Bug # 11735 - 2002/09/11 - Implemented role profile merging feature, disabled by default (MO)
   </li>
   <li>
     Add - Bug # 11741 - 2002/09/10 - Implemented Print Friendly Format portlet action (MO)
  
  
  
  1.12      +12 -0     jakarta-jetspeed/xdocs/config_guide.xml
  
  Index: config_guide.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/xdocs/config_guide.xml,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- config_guide.xml	11 Sep 2002 18:30:55 -0000	1.11
  +++ config_guide.xml	13 Sep 2002 18:44:07 -0000	1.12
  @@ -46,6 +46,7 @@
           <li><a href="#Enable e-mail confirmation">Enable e-mail confirmation</a></li>
           <li><a href="#Logon Configuration">Logon Configuration</a></li>
           <li><a href="#Account Disabling">Account Disabling</a></li>
  +        <li><a href="#Automatic Password Expiration">Automatic Password Expiration</a></li>        
           <li><a href="#Backup and Test">Backup and Test</a></li>
         </ul>
       </section>
  @@ -661,6 +662,17 @@
   logon.disabled.form=AccountDisabled.vm
   </source>  
   	</section>
  +<section name = "Automatic Password Expiration">
  +<p>Password can automatically expire with this feature. When password expires, the user is presented
  +with a a change password screen. The user must change the password in order to continue. When new
  +user is created, a temporary password is assigned. On first login, the user is then prompted to
  +change the password. The administrator can force password expiration by setting column PASSWORD_CHANGED
  +to null in TURBINE_USER for particular account(s).
  +To turn on this feature, set this property to a value greater than 0:</p>
  +<source>
  +services.JetspeedSecurity.password.expiration.period=[number of days before the password expires]
  +</source>
  +</section>    
       <section name="Backup and Test">
         <p><center>This section is incomplete</center></p>
         <p>
  
  
  
  1.32      +2 -2      jakarta-jetspeed/xdocs/todo.xml
  
  Index: todo.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/xdocs/todo.xml,v
  retrieving revision 1.31
  retrieving revision 1.32
  diff -u -r1.31 -r1.32
  --- todo.xml	11 Sep 2002 18:30:55 -0000	1.31
  +++ todo.xml	13 Sep 2002 18:44:07 -0000	1.32
  @@ -162,7 +162,7 @@
   </tr>
   <tr>
     <td>11736</td>
  -  <td>Password Expiration and Validation</td>
  +  <td>Password Expiration and Validation. <strong>Done</strong></td>
     <td>MO</td>
   </tr>
   <tr>
  
  
  

--
To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>


Mime
View raw message