portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject cvs commit: jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/om/impl InternalCredentialImpl.java
Date Thu, 25 Nov 2004 02:25:59 GMT
ate         2004/11/24 18:25:59

  Modified:    components/security/src/java/org/apache/jetspeed/security/spi/impl
                        InternalPasswordCredentialStateHandlingInterceptor.java
                        InternalPasswordCredentialHistoryHandlingInterceptor.java
                        DefaultPasswordCredentialProvider.java
                        DefaultCredentialHandler.java
                        DefaultPasswordCredentialImpl.java
               src/sql  populate-db-default.sql
                        populate-userinfo-for-default-psml.sql
               src/schema security-schema.xml
               applications/pam/src/webapp/WEB-INF/view user-details.jsp
               jetspeed-api/src/java/org/apache/jetspeed/security
                        UserManager.java SecurityException.java
                        PasswordCredential.java
               portal/src/webapp/WEB-INF/assembly pipelines.xml
               components/security/src/java/org/apache/jetspeed/security/impl
                        UserManagerImpl.java
               components/security/src/test/org/apache/jetspeed/security/spi
                        TestInternalPasswordCredentialStateHandlingInterceptor.java
               jetspeed-api/src/java/org/apache/jetspeed/profiler
                        ProfileLocator.java Profiler.java
               components/security/src/java/org/apache/jetspeed/security
                        SecurityHelper.java
               applications/security/src/java/org/apache/jetspeed/portlets/security/resources
                        ChgPwdResources_en.properties
                        ChgPwdResources.properties
                        ChgPwdResources_nl.properties
               applications/security/src/webapp/WEB-INF/security/chgpwd
                        change-password.jsp
               src/sql/mysql populate-userinfo-for-default-psml.sql
               .        .classpath
               src/sql/mssql populate-userinfo-for-default-psml.sql
               applications/security project.xml
               src/sql/oracle populate-userinfo-for-default-psml.sql
               portal/src/java/org/apache/jetspeed/security/impl
                        SecurityValveImpl.java
               applications/security/src/java/org/apache/jetspeed/portlets/security
                        ChangePasswordPortlet.java
               portal/src/java/org/apache/jetspeed/pipeline/valve
                        PageProfilerValve.java
               components/security/src/java/META-INF
                        security_repository.xml
               components/profiler/src/java/org/apache/jetspeed/profiler/impl
                        JetspeedProfilerImpl.java
               jetspeed-api/src/java/org/apache/jetspeed/security/om
                        InternalCredential.java
               applications/pam/src/java/org/apache/jetspeed/portlets/security
                        UserDetailsPortlet.java
               portal/src/webapp/WEB-INF/pages my-account.psml
               portal/src/java/org/apache/jetspeed/profiler/impl
                        ProfilerValveImpl.java
               components/security/src/java/org/apache/jetspeed/security/om/impl
                        InternalCredentialImpl.java
  Added:       portal/src/java/org/apache/jetspeed/security/impl
                        PasswordCredentialValveImpl.java
               portal/src/java/org/apache/jetspeed/pipeline/valve
                        PasswordCredentialValve.java
  Log:
  JS2-151 (password) security features, part 3: password change requirements implemented
  Warning: the SECURITY_CREDENTIAL table has changed once more. I'll post a message on the dev-list shortly with more information.
  
  Revision  Changes    Path
  1.4       +9 -6      jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialStateHandlingInterceptor.java
  
  Index: InternalPasswordCredentialStateHandlingInterceptor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialStateHandlingInterceptor.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- InternalPasswordCredentialStateHandlingInterceptor.java	12 Nov 2004 03:17:46 -0000	1.3
  +++ InternalPasswordCredentialStateHandlingInterceptor.java	25 Nov 2004 02:25:57 -0000	1.4
  @@ -51,7 +51,9 @@
           boolean update = super.afterAuthenticated(internalUser, userName, credential, authenticated);
           if ( !credential.isExpired() )
           {
  -            if (credential.getExpirationDate().getTime() < System.currentTimeMillis())
  +            long expirationTime = credential.getExpirationDate().getTime();
  +            long currentTime     = new java.util.Date().getTime();
  +            if (expirationTime <= currentTime)
               {
                   credential.setExpired(true);
                   update = true;
  @@ -79,10 +81,10 @@
           boolean update = super.afterLoad(pcProvider, userName, credential);
           if ( credential.getExpirationDate() == null )
           {
  -            credential.setExpirationDate(new Date(System.currentTimeMillis()+maxLifeSpanInMillis));
  +            credential.setExpirationDate(new Date(new java.util.Date().getTime()+maxLifeSpanInMillis));
               update = true;
           }
  -        if (credential.getLastLogonDate() == null && !credential.isUpdateRequired())
  +        if ( !credential.isUpdateRequired() && credential.getLastAuthenticationDate() == null )
           {
               credential.setUpdateRequired(true);
               update = true;
  @@ -97,7 +99,7 @@
               InternalCredential credential, String password) throws SecurityException
       {
           super.beforeCreate(internalUser, credentials, userName, credential, password);
  -        credential.setExpirationDate(new Date(System.currentTimeMillis()+maxLifeSpanInMillis));
  +        credential.setExpirationDate(new Date(new java.util.Date().getTime()+maxLifeSpanInMillis));
           credential.setExpired(false);
           credential.setAuthenticationFailures(0);
       }
  @@ -109,8 +111,9 @@
               InternalCredential credential, String password, boolean authenticated) throws SecurityException
       {
           super.beforeSetPassword(internalUser, credentials, userName, credential, password, authenticated);
  -        credential.setExpirationDate(new Date(System.currentTimeMillis()+maxLifeSpanInMillis));
  +        credential.setExpirationDate(new Date(new java.util.Date().getTime()+maxLifeSpanInMillis));
           credential.setExpired(false);
           credential.setAuthenticationFailures(0);
  +        credential.setUpdateRequired(false);
       }
   }
  
  
  
  1.2       +3 -2      jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialHistoryHandlingInterceptor.java
  
  Index: InternalPasswordCredentialHistoryHandlingInterceptor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/InternalPasswordCredentialHistoryHandlingInterceptor.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- InternalPasswordCredentialHistoryHandlingInterceptor.java	12 Nov 2004 03:17:46 -0000	1.1
  +++ InternalPasswordCredentialHistoryHandlingInterceptor.java	25 Nov 2004 02:25:57 -0000	1.2
  @@ -19,6 +19,7 @@
   import java.util.Collection;
   import java.util.Collections;
   import java.util.Comparator;
  +import java.util.Date;
   import java.util.Iterator;
   
   import org.apache.jetspeed.security.SecurityException;
  @@ -112,7 +113,7 @@
           credentials.add(historicalPasswordCredential);
           
           // fake update to current InternalCredential as being an insert of a new one
  -        credential.setCreationDate(new Timestamp(System.currentTimeMillis()));
  +        credential.setCreationDate(new Timestamp(new Date().getTime()));
           
           super.beforeSetPassword(internalUser, credentials, userName, credential, password, authenticated);
       }
  
  
  
  1.3       +2 -4      jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultPasswordCredentialProvider.java
  
  Index: DefaultPasswordCredentialProvider.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultPasswordCredentialProvider.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- DefaultPasswordCredentialProvider.java	8 Nov 2004 22:35:41 -0000	1.2
  +++ DefaultPasswordCredentialProvider.java	25 Nov 2004 02:25:57 -0000	1.3
  @@ -130,8 +130,6 @@
        */
       public PasswordCredential create(String userName, InternalCredential credential) throws SecurityException
       {
  -        return new DefaultPasswordCredentialImpl(userName, credential.getValue().toCharArray(), 
  -                credential.isUpdateRequired(),credential.isEnabled(), credential.isExpired(), 
  -                credential.getExpirationDate(), credential.getLastLogonDate());
  +        return new DefaultPasswordCredentialImpl(userName, credential);
       }
   }
  
  
  
  1.11      +6 -4      jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
  
  Index: DefaultCredentialHandler.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- DefaultCredentialHandler.java	12 Nov 2004 03:17:46 -0000	1.10
  +++ DefaultCredentialHandler.java	25 Nov 2004 02:25:57 -0000	1.11
  @@ -17,6 +17,7 @@
   import java.sql.Timestamp;
   import java.util.ArrayList;
   import java.util.Collection;
  +import java.util.Date;
   import java.util.HashSet;
   import java.util.Iterator;
   import java.util.Set;
  @@ -215,7 +216,7 @@
               credential.setEncoded(encoded);
           }
                   
  -        internalUser.setModifiedDate(new Timestamp(System.currentTimeMillis()));
  +        internalUser.setModifiedDate(new Timestamp(new Date().getTime()));
           internalUser.setCredentials(credentials);
           // Set the user with the new credentials.
           securityAccess.setInternalUserPrincipal(internalUser, false);
  @@ -234,7 +235,7 @@
               if ( credential != null && !credential.isExpired() && credential.isEnabled() != enabled )
               {
                   credential.setEnabled(enabled);
  -                internalUser.setModifiedDate(new Timestamp(System.currentTimeMillis()));
  +                internalUser.setModifiedDate(new Timestamp(new Date().getTime()));
                   securityAccess.setInternalUserPrincipal(internalUser, false);
               }
           }
  @@ -256,7 +257,7 @@
               if ( credential != null && !credential.isExpired() && credential.isUpdateRequired() != updateRequired )
               {
                   credential.setUpdateRequired(updateRequired);
  -                internalUser.setModifiedDate(new Timestamp(System.currentTimeMillis()));
  +                internalUser.setModifiedDate(new Timestamp(new Date().getTime()));
                   securityAccess.setInternalUserPrincipal(internalUser, false);
               }
           }
  @@ -297,7 +298,8 @@
                   if ( authenticated )
                   {
                       credential.setAuthenticationFailures(0);
  -                    credential.setLastLogonDate(new Timestamp(System.currentTimeMillis()));
  +                    credential.setPreviousAuthenticationDate(credential.getLastAuthenticationDate());
  +                    credential.setLastAuthenticationDate(new Timestamp(System.currentTimeMillis()));
                       update = true;
                   }
                   
  
  
  
  1.3       +25 -13    jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultPasswordCredentialImpl.java
  
  Index: DefaultPasswordCredentialImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultPasswordCredentialImpl.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- DefaultPasswordCredentialImpl.java	8 Nov 2004 03:23:35 -0000	1.2
  +++ DefaultPasswordCredentialImpl.java	25 Nov 2004 02:25:57 -0000	1.3
  @@ -20,6 +20,7 @@
   import java.util.Arrays;
   
   import org.apache.jetspeed.security.PasswordCredential;
  +import org.apache.jetspeed.security.om.InternalCredential;
   
   /**
    * <p>
  @@ -54,8 +55,11 @@
       /** The expiration date. */
       private Date expirationDate;
       
  -    /** The last logged in date */
  -    private Timestamp lastLogonDate;
  +    /** The previous authentication in date */
  +    private Timestamp previousAuthenticationDate;
  +    
  +    /** The last authentication in date */
  +    private Timestamp lastAuthenticationDate;
       
       /**
        * @param userName
  @@ -67,15 +71,15 @@
           this.password = (char[]) password.clone();
       }
       
  -    public DefaultPasswordCredentialImpl(String userName, char[] password, boolean updateRequired, boolean enabled, 
  -            boolean expired, Date expirationDate, Timestamp lastLogonDate)
  +    public DefaultPasswordCredentialImpl(String userName, InternalCredential credential)
       {
  -        this(userName, password);
  -        this.updateRequired = updateRequired;
  -        this.enabled = enabled;
  -        this.expired = expired;
  -        this.expirationDate = expirationDate;
  -        this.lastLogonDate = lastLogonDate;
  +        this(userName, credential.getValue().toCharArray());
  +        this.updateRequired = credential.isUpdateRequired();
  +        this.enabled = credential.isEnabled();
  +        this.expired = credential.isExpired();
  +        this.expirationDate = credential.getExpirationDate();
  +        this.previousAuthenticationDate = credential.getPreviousAuthenticationDate();
  +        this.lastAuthenticationDate = credential.getLastAuthenticationDate();
       }
       
       /**
  @@ -128,11 +132,19 @@
       }
       
       /**
  -     * @see org.apache.jetspeed.security.PasswordCredential#getLastLogonDate()
  +     * @see org.apache.jetspeed.security.PasswordCredential#getPreviousAuthenticationDate()
  +     */
  +    public Timestamp getPreviousAuthenticationDate()
  +    {
  +        return previousAuthenticationDate;
  +    }
  +
  +    /**
  +     * @see org.apache.jetspeed.security.PasswordCredential#getLastAuthenticationDate()
        */
  -    public Timestamp getLastLogonDate()
  +    public Timestamp getLastAuthenticationDate()
       {
  -        return lastLogonDate;
  +        return lastAuthenticationDate;
       }
   
       /**
  
  
  
  1.9       +5 -0      jakarta-jetspeed-2/src/sql/populate-db-default.sql
  
  Index: populate-db-default.sql
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/src/sql/populate-db-default.sql,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- populate-db-default.sql	4 Nov 2004 03:59:23 -0000	1.8
  +++ populate-db-default.sql	25 Nov 2004 02:25:57 -0000	1.9
  @@ -311,6 +311,11 @@
   insert into RULE_CRITERION values (15, 'group-fallback', 0, 'group', 'group', null, 2);
   insert into RULE_CRITERION values (16, 'group-fallback', 1, 'request.session', 'page', 'default-page', 0);
   
  +insert into PROFILING_RULE values ('security', 
  +   'org.apache.jetspeed.profiler.rules.impl.StandardProfilingRule',
  +   'The security profiling rule needed for credential change requirements.');
  +insert into RULE_CRITERION values (17, 'security', 0, 'hard.coded', 'page', '/my-account.psml', 0);
  +
   insert into PRINCIPAL_RULE_ASSOC values ( 'guest', 'page', 'j1' );
   insert into PRINCIPAL_RULE_ASSOC values ( 'jetspeed', 'page', 'role-fallback' );
   insert into PRINCIPAL_RULE_ASSOC values ( 'jetspeed', 'docset', 'role-group' );
  
  
  
  1.12      +5 -6      jakarta-jetspeed-2/src/sql/populate-userinfo-for-default-psml.sql
  
  Index: populate-userinfo-for-default-psml.sql
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/src/sql/populate-userinfo-for-default-psml.sql,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- populate-userinfo-for-default-psml.sql	19 Nov 2004 03:08:28 -0000	1.11
  +++ populate-userinfo-for-default-psml.sql	25 Nov 2004 02:25:57 -0000	1.12
  @@ -19,12 +19,11 @@
   INSERT INTO SECURITY_PRINCIPAL VALUES(11,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/accounting','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
   INSERT INTO SECURITY_PRINCIPAL VALUES(12,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/marketing','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
   INSERT INTO SECURITY_PRINCIPAL VALUES(13,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/engineering','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
  -INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(9,9,'guest',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,6);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,7);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,8);
  
  
  
  1.9       +2 -1      jakarta-jetspeed-2/src/schema/security-schema.xml
  
  Index: security-schema.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/src/schema/security-schema.xml,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- security-schema.xml	22 Nov 2004 06:12:46 -0000	1.8
  +++ security-schema.xml	25 Nov 2004 02:25:57 -0000	1.9
  @@ -147,7 +147,8 @@
           <column name="IS_EXPIRED" required="true" type="BIT"/>
           <column name="CREATION_DATE" required="true" type="TIMESTAMP"/>
           <column name="MODIFIED_DATE" required="true" type="TIMESTAMP"/>
  -        <column name="LAST_LOGON_DATE" required="false" type="TIMESTAMP"/>
  +        <column name="PREV_AUTH_DATE" required="false" type="TIMESTAMP"/>
  +        <column name="LAST_AUTH_DATE" required="false" type="TIMESTAMP"/>
           <column name="EXPIRATION_DATE" required="false" type="DATE"/>
           <foreign-key foreignTable="SECURITY_PRINCIPAL">
               <reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
  
  
  
  1.12      +1 -1      jakarta-jetspeed-2/applications/pam/src/webapp/WEB-INF/view/user-details.jsp
  
  Index: user-details.jsp
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/pam/src/webapp/WEB-INF/view/user-details.jsp,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- user-details.jsp	10 Nov 2004 13:27:02 -0000	1.11
  +++ user-details.jsp	25 Nov 2004 02:25:57 -0000	1.12
  @@ -148,7 +148,7 @@
             <fmt:message key="security.credential.last.logon"/>
           </td>
           <td class="portlet-section-body" >
  -          <fmt:formatDate value="${credential.lastLogonDate}" type="both" dateStyle="short" timeStyle="long"/>
  +          <fmt:formatDate value="${credential.lastAuthenticationDate}" type="both" dateStyle="short" timeStyle="long"/>
           </td>
           <td>
             &nbsp;
  
  
  
  1.6       +5 -1      jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/UserManager.java
  
  Index: UserManager.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/UserManager.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- UserManager.java	8 Nov 2004 03:23:35 -0000	1.5
  +++ UserManager.java	25 Nov 2004 02:25:57 -0000	1.6
  @@ -27,7 +27,11 @@
    */
   public interface UserManager
   {
  -
  +    /**
  +     * @return the name of the anonymous user
  +     */
  +    String getAnonymousUser();
  +    
       /**
        * <p>
        * Authenticate a user.
  
  
  
  1.7       +3 -1      jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/SecurityException.java
  
  Index: SecurityException.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/SecurityException.java,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- SecurityException.java	12 Nov 2004 03:17:46 -0000	1.6
  +++ SecurityException.java	25 Nov 2004 02:25:57 -0000	1.7
  @@ -23,7 +23,6 @@
    */
   public class SecurityException extends JetspeedException
   {
  -
       /** <p>Principal does not exist exception message.</p> */
       public static final String PRINCIPAL_DOES_NOT_EXIST = "The principal does not exist.";
   
  @@ -62,6 +61,9 @@
   
       /** <p>Password already used exception message.</p> */
       public static final String PASSWORD_ALREADY_USED = "Password already used.";
  +
  +    /** <p>The anonymous user is protected exception message.</p> */
  +    public static final String ANONYMOUS_USER_PROTECTED = "The anonymous user is protected.";
   
       /**
        * <p>Default Constructor.</p>
  
  
  
  1.2       +9 -2      jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/PasswordCredential.java
  
  Index: PasswordCredential.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/PasswordCredential.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- PasswordCredential.java	8 Nov 2004 03:23:35 -0000	1.1
  +++ PasswordCredential.java	25 Nov 2004 02:25:57 -0000	1.2
  @@ -27,6 +27,8 @@
    */
   public interface PasswordCredential
   {
  +    String PASSWORD_CREDENTIAL_DAYS_VALID_REQUEST_ATTR_KEY = PasswordCredential.class.getName() + ".check";
  +
       /**
        * @return The username.
        */
  @@ -58,7 +60,12 @@
       Date getExpirationDate();
       
       /**
  +     * @return the previous time the user logged in 
  +     */
  +    Timestamp getPreviousAuthenticationDate();
  +
  +    /**
        * @return the last time the user logged in 
        */
  -    Timestamp getLastLogonDate();
  +    Timestamp getLastAuthenticationDate();
   }
  
  
  
  1.7       +15 -0     jakarta-jetspeed-2/portal/src/webapp/WEB-INF/assembly/pipelines.xml
  
  Index: pipelines.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/portal/src/webapp/WEB-INF/assembly/pipelines.xml,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- pipelines.xml	7 Nov 2004 18:44:19 -0000	1.6
  +++ pipelines.xml	25 Nov 2004 02:25:57 -0000	1.7
  @@ -47,6 +47,20 @@
      </constructor-arg>
     </bean> 
     
  +  <bean id="passwordCredentialValve"
  +        class="org.apache.jetspeed.security.impl.PasswordCredentialValveImpl"
  +        init-method="initialize"
  +  >
  +   <constructor-arg>
  +     <!-- expirationWarningDays -->
  +     <list>
  +       <value>2</value>
  +       <value>3</value>
  +       <value>7</value>
  +     </list>
  +   </constructor-arg>
  +  </bean> 
  +  
     <bean id="profilerValve"
           class="org.apache.jetspeed.profiler.impl.ProfilerValveImpl"
           init-method="initialize"
  @@ -110,6 +124,7 @@
       	<ref bean="capabilityValve"/>
         <ref bean="portalURLValve"/>
       	<ref bean="securityValve"/>
  +      <ref bean="passwordCredentialValve"/>
       	<ref bean="profilerValve"/>
       	<ref bean="containerValve"/>
       	<ref bean="actionValve"/>
  
  
  
  1.17      +85 -15    jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/UserManagerImpl.java
  
  Index: UserManagerImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/UserManagerImpl.java,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- UserManagerImpl.java	8 Nov 2004 03:23:36 -0000	1.16
  +++ UserManagerImpl.java	25 Nov 2004 02:25:57 -0000	1.17
  @@ -57,6 +57,8 @@
       /** The security mapping handler. */
       private SecurityMappingHandler securityMappingHandler = null;
   
  +    private String anonymousUser = "guest";
  +
       /**
        * @param securityProvider The security provider.
        */
  @@ -68,6 +70,20 @@
   
       /**
        * @param securityProvider The security provider.
  +     * @param anonymousUser    The anonymous user name
  +     */
  +    public UserManagerImpl(SecurityProvider securityProvider, String anonymousUser)
  +    {
  +        this.atnProviderProxy = securityProvider.getAuthenticationProviderProxy();
  +        this.securityMappingHandler = securityProvider.getSecurityMappingHandler();
  +        if ( anonymousUser != null )
  +        {
  +            this.anonymousUser = anonymousUser;
  +        }
  +    }
  +
  +    /**
  +     * @param securityProvider The security provider.
        * @param roleHierarchyResolver The role hierachy resolver.
        * @param groupHierarchyResolver The group hierarchy resolver.
        */
  @@ -81,6 +97,35 @@
       }
   
       /**
  +     * @param securityProvider The security provider.
  +     * @param roleHierarchyResolver The role hierachy resolver.
  +     * @param groupHierarchyResolver The group hierarchy resolver.
  +     * @param anonymousUser    The anonymous user name
  +     */
  +    public UserManagerImpl(SecurityProvider securityProvider, HierarchyResolver roleHierarchyResolver,
  +            HierarchyResolver groupHierarchyResolver, String anonymousUser)
  +    {
  +        securityProvider.getSecurityMappingHandler().setRoleHierarchyResolver(roleHierarchyResolver);
  +        securityProvider.getSecurityMappingHandler().setGroupHierarchyResolver(groupHierarchyResolver);
  +        this.atnProviderProxy = securityProvider.getAuthenticationProviderProxy();
  +        this.securityMappingHandler = securityProvider.getSecurityMappingHandler();
  +        if ( anonymousUser != null )
  +        {
  +            this.anonymousUser = anonymousUser;
  +        }
  +    }
  +
  +    /*
  +     * (non-Javadoc)
  +     * 
  +     * @see org.apache.jetspeed.security.UserManager#getAnonymousUser()
  +     */
  +    public String getAnonymousUser()
  +    {
  +        return this.anonymousUser;
  +    }
  +
  +    /**
        * @see org.apache.jetspeed.security.UserManager#authenticate(java.lang.String,
        *      java.lang.String)
        */
  @@ -93,10 +138,13 @@
           boolean authenticated = false;
           try
           {
  -            authenticated = atnProviderProxy.authenticate(username, password);
  -            if (authenticated && log.isDebugEnabled())
  +            if ( !getAnonymousUser().equals(username) )
               {
  -                log.debug("Authenticated user: " + username);
  +                authenticated = atnProviderProxy.authenticate(username, password);
  +                if (authenticated && log.isDebugEnabled())
  +                {
  +                    log.debug("Authenticated user: " + username);
  +                }
               }
           }
           catch (SecurityException e)
  @@ -127,6 +175,11 @@
           ArgUtil.notNull(new Object[] { username, atnProviderName }, new String[] { "username", "atnProviderName"},
                   "addUser(java.lang.String, java.lang.String, java.lang.String)");
   
  +        if (getAnonymousUser().equals(username))
  +        {
  +            throw new SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED);
  +        }
  +        
           // Check if user already exists.
           if (userExists(username))
           {
  @@ -185,6 +238,10 @@
       {
           ArgUtil.notNull(new Object[] { username }, new String[] { "username" }, "removeUser(java.lang.String)");
   
  +        if ( getAnonymousUser().equals(username) )
  +        {
  +            throw new SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED);
  +        }
           UserPrincipal userPrincipal = new UserPrincipalImpl(username);
           String fullPath = userPrincipal.getFullPath();
           atnProviderProxy.removeUserPrincipal(userPrincipal);
  @@ -207,14 +264,7 @@
       {
           ArgUtil.notNull(new Object[] { username }, new String[] { "username" }, "userExists(java.lang.String)");
   
  -        Principal principal = atnProviderProxy.getUserPrincipal(username);
  -        boolean userExists = (null != principal);
  -        if (log.isDebugEnabled())
  -        {
  -            log.debug("User exists: " + userExists);
  -            log.debug("User: " + username);
  -        }
  -        return userExists;
  +        return atnProviderProxy.getUserPrincipal(username) != null;
       }
   
       /**
  @@ -237,8 +287,16 @@
           principals.addAll(securityMappingHandler.getRolePrincipals(username));
           principals.addAll(securityMappingHandler.getGroupPrincipals(username));
   
  -        Subject subject = new Subject(true, principals, atnProviderProxy.getPublicCredentials(username),
  -                atnProviderProxy.getPrivateCredentials(username));
  +        Subject subject = null;
  +        if (getAnonymousUser().equals(username))
  +        {
  +            subject = new Subject(true, principals, new HashSet(), new HashSet());
  +        }
  +        else
  +        {
  +            subject = new Subject(true, principals, atnProviderProxy.getPublicCredentials(username),
  +                    atnProviderProxy.getPrivateCredentials(username));
  +        }
           Preferences preferences = Preferences.userRoot().node(fullPath);
           User user = new UserImpl(subject, preferences);
   
  @@ -311,7 +369,11 @@
       {
           ArgUtil.notNull(new Object[] { username, newPassword }, new String[] { "username", 
                   "newPassword" }, "setPassword(java.lang.String, java.lang.String, java.lang.String)");
  -
  +        
  +        if ( getAnonymousUser().equals(username) )
  +        {
  +            throw new SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED);
  +        }
           atnProviderProxy.setPassword(username, oldPassword, newPassword);
       }
   
  @@ -324,6 +386,10 @@
           ArgUtil.notNull(new Object[] { userName,  }, new String[] { "userName" }, 
                   "setPasswordEnabled(java.lang.String, boolean)");
   
  +        if ( getAnonymousUser().equals(userName) )
  +        {
  +            throw new SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED);
  +        }
           atnProviderProxy.setPasswordEnabled(userName, enabled);
       }
       /**
  @@ -334,6 +400,10 @@
           ArgUtil.notNull(new Object[] { userName,  }, new String[] { "userName" }, 
               "setPasswordUpdateRequired(java.lang.String, boolean)");
   
  +        if ( getAnonymousUser().equals(userName) )
  +        {
  +            throw new SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED);
  +        }
           atnProviderProxy.setPasswordUpdateRequired(userName, updateRequired);
       }
   }
  
  
  
  1.4       +2 -2      jakarta-jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/TestInternalPasswordCredentialStateHandlingInterceptor.java
  
  Index: TestInternalPasswordCredentialStateHandlingInterceptor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/TestInternalPasswordCredentialStateHandlingInterceptor.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- TestInternalPasswordCredentialStateHandlingInterceptor.java	12 Nov 2004 03:17:46 -0000	1.3
  +++ TestInternalPasswordCredentialStateHandlingInterceptor.java	25 Nov 2004 02:25:57 -0000	1.4
  @@ -61,7 +61,7 @@
       public void testExpired() throws Exception
       {
           assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password"));
  -        credential.setExpirationDate(new Date(System.currentTimeMillis()));
  +        credential.setExpirationDate(new Date(new java.util.Date().getTime()));
           updateCredential();
           assertFalse("should be expired",ums.authenticate("testcred","password"));
           ums.setPassword("testcred","password","password2");
  
  
  
  1.7       +2 -1      jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/profiler/ProfileLocator.java
  
  Index: ProfileLocator.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/profiler/ProfileLocator.java,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- ProfileLocator.java	3 Nov 2004 19:39:56 -0000	1.6
  +++ ProfileLocator.java	25 Nov 2004 02:25:57 -0000	1.7
  @@ -41,6 +41,7 @@
   public interface ProfileLocator 
   {
       public final static String PAGE_LOCATOR = "page";
  +    public final static String SECURITY_LOCATOR = "security";
       public final static String DOCSET_LOCATOR = "docset";
   
       public final static String PATH_SEPARATOR = ":";
  
  
  
  1.16      +1 -6      jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/profiler/Profiler.java
  
  Index: Profiler.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/profiler/Profiler.java,v
  retrieving revision 1.15
  retrieving revision 1.16
  diff -u -r1.15 -r1.16
  --- Profiler.java	3 Nov 2004 16:01:50 -0000	1.15
  +++ Profiler.java	25 Nov 2004 02:25:57 -0000	1.16
  @@ -134,11 +134,6 @@
       ProfilingRule getRule(String id);
       
       /**
  -     * @return
  -     */
  -    String getAnonymousUser();
  -    
  -    /**
        * For a given principal, find all supported locators and return a string array of 
        * locator names.
        * 
  
  
  
  1.6       +20 -1     jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/SecurityHelper.java
  
  Index: SecurityHelper.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/SecurityHelper.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- SecurityHelper.java	23 Sep 2004 21:13:20 -0000	1.5
  +++ SecurityHelper.java	25 Nov 2004 02:25:57 -0000	1.6
  @@ -151,4 +151,23 @@
           return result;
       }
       
  +    /** 
  +     * <p>Given a subject, find the (first) PasswordCredential from the
  +     * private credentials</p>
  +     * @param subject The subject
  +     * @return the PasswordCredential or null if not found.
  +     */
  +    public static PasswordCredential getPasswordCredential(Subject subject)
  +    {
  +        Iterator iter = subject.getPrivateCredentials().iterator();
  +        while (iter.hasNext())
  +        {
  +            Object o = iter.next();
  +            if (o instanceof PasswordCredential)
  +            {
  +                return (PasswordCredential)o;
  +            }
  +        }
  +        return null;
  +    }
   }
  
  
  
  1.3       +6 -1      jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/ChgPwdResources_en.properties
  
  Index: ChgPwdResources_en.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/ChgPwdResources_en.properties,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- ChgPwdResources_en.properties	30 Oct 2004 00:12:18 -0000	1.2
  +++ ChgPwdResources_en.properties	25 Nov 2004 02:25:57 -0000	1.3
  @@ -31,3 +31,8 @@
   chgpwd.error.currentPasswordNull=Current password is required
   chgpwd.error.newPasswordNull=New password is required
   chgpwd.error.newPasswordsDoNotMatch=Passwords do not match
  +chgpwd.label.Logout=Logout
  +chgpwd.message.change.required=Your password needs to be changed.
  +chgpwd.message.expires.today=Your password will expire today.
  +chgpwd.message.expires.in.days=Your password will expire in {0} days.
  +chgpwd.label.cancel=Cancel
  
  
  
  1.2       +6 -1      jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/ChgPwdResources.properties
  
  Index: ChgPwdResources.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/ChgPwdResources.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- ChgPwdResources.properties	18 Oct 2004 01:42:07 -0000	1.1
  +++ ChgPwdResources.properties	25 Nov 2004 02:25:57 -0000	1.2
  @@ -29,3 +29,8 @@
   chgpwd.error.currentPasswordNull=Current password is required
   chgpwd.error.newPasswordNull=New password is required
   chgpwd.error.newPasswordsDoNotMatch=Passwords do not match
  +chgpwd.label.Logout=Logout
  +chgpwd.message.change.required=Your password needs to be changed.
  +chgpwd.message.expires.today=Your password will expire today.
  +chgpwd.message.expires.in.days=Your password will expire in {0} days.
  +chgpwd.label.cancel=Cancel
  
  
  
  1.2       +6 -1      jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/ChgPwdResources_nl.properties
  
  Index: ChgPwdResources_nl.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/ChgPwdResources_nl.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- ChgPwdResources_nl.properties	18 Oct 2004 01:42:07 -0000	1.1
  +++ ChgPwdResources_nl.properties	25 Nov 2004 02:25:57 -0000	1.2
  @@ -29,3 +29,8 @@
   chgpwd.error.currentPasswordNull=Huidige Wachtwoord is verplicht
   chgpwd.error.newPasswordNull=Nieuw Wachtwoord is verplicht
   chgpwd.error.newPasswordsDoNotMatch=Wachtwoorden komen niet overeen
  +chgpwd.label.Logout=Uitloggen
  +chgpwd.message.change.required=Het wachtwoord moet gewijzigd worden.
  +chgpwd.message.expires.today=Het wachtwoord verloopt vandaag.
  +chgpwd.message.expires.in.days=Het wachtwoord verloopt over {0} dagen.
  +chgpwd.label.cancel=Annuleren
  
  
  
  1.3       +30 -2     jakarta-jetspeed-2/applications/security/src/webapp/WEB-INF/security/chgpwd/change-password.jsp
  
  Index: change-password.jsp
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/webapp/WEB-INF/security/chgpwd/change-password.jsp,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- change-password.jsp	18 Oct 2004 02:12:59 -0000	1.2
  +++ change-password.jsp	25 Nov 2004 02:25:58 -0000	1.3
  @@ -16,6 +16,7 @@
   <%@page import="org.apache.jetspeed.portlets.security.ChangePasswordPortlet"%>
   <%@ taglib uri="http://java.sun.com/portlet" prefix="portlet"%>
   <%@taglib uri="http://java.sun.com/jstl/core" prefix="c"%>
  +<%@taglib uri="http://java.sun.com/jstl/core_rt" prefix="c_rt"%>
   <%@taglib uri="http://java.sun.com/jstl/fmt" prefix="fmt"%>
   
   <portlet:defineObjects/>
  @@ -24,8 +25,17 @@
   <c:choose>
     <c:when test="${pageContext.request.userPrincipal != null}">
   
  +    <c:set var="whyKey"><%=ChangePasswordPortlet.WHY%></c:set>
  +    <c:set var="why" value="${requestScope[whyKey]}"/>
  +    <c:set var="requiredKey"><%=ChangePasswordPortlet.REQUIRED%></c:set>
  +    <c:set var="required" value="${requestScope[requiredKey]}"/>
       <c:set var="errorMessagesKey"><%=ChangePasswordPortlet.ERROR_MESSAGES%></c:set>
       <c:set var="errorMessages" value="${requestScope[errorMessagesKey]}"/>
  +    
  +    <c:if test="${why != null}">
  +      <i><c:out value="${why}"/></i>
  +      <br/>
  +    </c:if>
       <c:if test="${errorMessages != null}">
       <ul>
         <c:forEach items="${errorMessages}" var="error">
  @@ -34,7 +44,7 @@
       </ul>
       </c:if>
   
  -    <c:set var="passwordChangedKey"><%=ChangePasswordPortlet.PASSWORD_CHANGED%></c:set>
  +    <c_rt:set var="passwordChangedKey" value="<%=ChangePasswordPortlet.PASSWORD_CHANGED%>"/>
       <c:set var="p" value="${requestScope[passwordChangedKey]}"/>
       <c:if test="${requestScope[passwordChangedKey] != null}">
         <br>
  @@ -57,7 +67,25 @@
           <td><input type="password" size="30" name="<%=ChangePasswordPortlet.NEW_PASSWORD_AGAIN%>"></td>
         </tr>
         <tr>
  -        <td colspan="2"><input type="submit" value="<fmt:message key="chgpwd.label.save"/>"></td>
  +        <td colspan="2">
  +          <input type="submit" value="<fmt:message key="chgpwd.label.save"/>">
  +          <c:if test="${why != null}">
  +            <c:choose>
  +              <c:when test="${required == null}">
  +                &nbsp;&nbsp;
  +                <c_rt:set var="cancelItem" value="<%=ChangePasswordPortlet.CANCELLED%>"/>
  +                <input type="checkbox" style="display:none" name="<c:out value="${cancelItem}"/>">
  +                <input type="submit" 
  +                       value="<fmt:message key="chgpwd.label.cancel"/>"
  +                       onClick="this.form.<c:out value="${cancelItem}"/>.checked=true">
  +              </c:when>
  +              <c:otherwise>
  +                <br/><br/>
  +                <a href='<c:url value="/login/logout"/>'><fmt:message key="chgpwd.label.Logout"/></a>
  +              </c:otherwise>
  +            </c:choose>
  +          </c:if>
  +        </td>
         </tr>
         </table>
       </form>
  
  
  
  1.9       +5 -6      jakarta-jetspeed-2/src/sql/mysql/populate-userinfo-for-default-psml.sql
  
  Index: populate-userinfo-for-default-psml.sql
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/src/sql/mysql/populate-userinfo-for-default-psml.sql,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- populate-userinfo-for-default-psml.sql	19 Nov 2004 03:08:28 -0000	1.8
  +++ populate-userinfo-for-default-psml.sql	25 Nov 2004 02:25:58 -0000	1.9
  @@ -19,12 +19,11 @@
   INSERT INTO SECURITY_PRINCIPAL VALUES(11,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/accounting','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
   INSERT INTO SECURITY_PRINCIPAL VALUES(12,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/marketing','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
   INSERT INTO SECURITY_PRINCIPAL VALUES(13,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/engineering','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
  -INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(9,9,'guest',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,6);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,7);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,8);
  
  
  
  1.81      +1 -1      jakarta-jetspeed-2/.classpath
  
  Index: .classpath
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/.classpath,v
  retrieving revision 1.80
  retrieving revision 1.81
  diff -u -r1.80 -r1.81
  --- .classpath	21 Nov 2004 20:22:25 -0000	1.80
  +++ .classpath	25 Nov 2004 02:25:58 -0000	1.81
  @@ -8,7 +8,7 @@
   	<classpathentry excluding="**/CVS/*" kind="src" path="portals-bridges/perl/src/java"/>
   	<classpathentry kind="src" path="portals-bridges/frameworks/src/java"/>
   	<classpathentry excluding="**/CVS/*" kind="src" path="portals-bridges/velocity/src/java"/>
  -	<classpathentry including="**/CVS/*" kind="src" path="applications/security/src/java"/>
  +	<classpathentry excluding="**/CVS/*" kind="src" path="applications/security/src/java"/>
   	<classpathentry excluding="**/CVS/*" kind="src" path="components/search/src/java"/>
   	<classpathentry excluding="**/CVS/*" kind="src" path="components/search/src/test"/>
   	<classpathentry kind="src" path="components/web-content/src/java"/>
  
  
  
  1.6       +5 -6      jakarta-jetspeed-2/src/sql/mssql/populate-userinfo-for-default-psml.sql
  
  Index: populate-userinfo-for-default-psml.sql
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/src/sql/mssql/populate-userinfo-for-default-psml.sql,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- populate-userinfo-for-default-psml.sql	19 Nov 2004 03:08:28 -0000	1.5
  +++ populate-userinfo-for-default-psml.sql	25 Nov 2004 02:25:58 -0000	1.6
  @@ -19,12 +19,11 @@
   INSERT INTO SECURITY_PRINCIPAL VALUES(11,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/accounting','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
   INSERT INTO SECURITY_PRINCIPAL VALUES(12,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/marketing','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
   INSERT INTO SECURITY_PRINCIPAL VALUES(13,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/engineering','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572');
  -INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(9,9,'guest',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,'2004-05-22 16:27:12.572','2004-05-22 16:27:12.572',null,null,null);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,6);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,7);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,8);
  
  
  
  1.11      +11 -1     jakarta-jetspeed-2/applications/security/project.xml
  
  Index: project.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/project.xml,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- project.xml	18 Oct 2004 01:42:07 -0000	1.10
  +++ project.xml	25 Nov 2004 02:25:58 -0000	1.11
  @@ -182,6 +182,16 @@
           <war.bundle>false</war.bundle>
         </properties>
       </dependency>
  +    <!-- needed for hack around PLUTO-83 bug in ChangePasswordPortlet
  +         TODO: should be removed again when rc2 is release -->
  +    <dependency>
  +      <id>pluto</id>
  +      <groupId>pluto</groupId>
  +      <version>1.0.1-rc1</version>
  +      <properties>
  +        <war.bundle>false</war.bundle>
  +      </properties>
  +     </dependency>    
      </dependencies>
     <build>
       <sourceDirectory>src/java</sourceDirectory>
  
  
  
  1.10      +5 -6      jakarta-jetspeed-2/src/sql/oracle/populate-userinfo-for-default-psml.sql
  
  Index: populate-userinfo-for-default-psml.sql
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/src/sql/oracle/populate-userinfo-for-default-psml.sql,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- populate-userinfo-for-default-psml.sql	19 Nov 2004 03:08:28 -0000	1.9
  +++ populate-userinfo-for-default-psml.sql	25 Nov 2004 02:25:58 -0000	1.10
  @@ -19,12 +19,11 @@
   INSERT INTO SECURITY_PRINCIPAL VALUES(11,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/accounting',to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'));
   INSERT INTO SECURITY_PRINCIPAL VALUES(12,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/marketing',to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'));
   INSERT INTO SECURITY_PRINCIPAL VALUES(13,'org.apache.jetspeed.security.JetspeedGroupPrincipalImpl',0,1,'/group/engineering',to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'));
  -INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null);
  -INSERT INTO SECURITY_CREDENTIAL VALUES(9,9,'guest',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(1,1,'admin',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(2,2,'manager',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(3,3,'user',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(4,4,'tomcat',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null,null);
  +INSERT INTO SECURITY_CREDENTIAL VALUES(5,5,'jetspeed',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',0,0,1,0,0,to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),to_date('2004-05-22 16:27:12','YYYY-MM-DD HH24:MI:SS'),null,null,null);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,6);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,7);
   INSERT INTO SECURITY_USER_ROLE VALUES(1,8);
  
  
  
  1.10      +16 -4     jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
  
  Index: SecurityValveImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- SecurityValveImpl.java	19 Nov 2004 03:07:43 -0000	1.9
  +++ SecurityValveImpl.java	25 Nov 2004 02:25:58 -0000	1.10
  @@ -32,6 +32,7 @@
   import org.apache.jetspeed.profiler.Profiler;
   import org.apache.jetspeed.request.RequestContext;
   import org.apache.jetspeed.security.SecurityHelper;
  +import org.apache.jetspeed.security.User;
   import org.apache.jetspeed.security.UserManager;
   import org.apache.jetspeed.security.UserPrincipal;
   
  @@ -67,7 +68,7 @@
               Principal userPrincipal = request.getRequest().getUserPrincipal();
               if (userPrincipal == null)
               {
  -                userPrincipal = new UserPrincipalImpl(profiler.getAnonymousUser());
  +                userPrincipal = new UserPrincipalImpl(userMgr.getAnonymousUser());
               }
   
               // check for previously established session subject and
  @@ -89,8 +90,19 @@
               {
                   // attempt to get complete subject for user principal
                   // from user manager
  -                subject = userMgr.getUser(userPrincipal.getName()).getSubject();
  -
  +                try
  +                {
  +                    User user = userMgr.getUser(userPrincipal.getName());
  +                    if ( user != null )
  +                    {
  +                        subject = user.getSubject();
  +                    }
  +                }
  +                catch (SecurityException sex)
  +                {
  +                    subject = null;
  +                }
  +                
                   // if subject not available, generate default subject using
                   // request or default profiler anonymous user principal
                   if (subject == null)
  
  
  
  1.1                  jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java
  
  Index: PasswordCredentialValveImpl.java
  ===================================================================
  /*
   * Copyright 2000-2004 The Apache Software Foundation.
   * 
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   * 
   *      http://www.apache.org/licenses/LICENSE-2.0
   * 
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security.impl;
  
  import java.util.Arrays;
  import java.util.Iterator;
  import java.util.List;
  
  import javax.security.auth.Subject;
  
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
  import org.apache.jetspeed.pipeline.PipelineException;
  import org.apache.jetspeed.pipeline.valve.AbstractValve;
  import org.apache.jetspeed.pipeline.valve.PageProfilerValve;
  import org.apache.jetspeed.pipeline.valve.ValveContext;
  import org.apache.jetspeed.profiler.ProfileLocator;
  import org.apache.jetspeed.request.RequestContext;
  import org.apache.jetspeed.security.PasswordCredential;
  
  /**
   * SecurityValve
   *
   * @author <a href="mailto:ate@apache.org">Ate Douma</a>
   * @version $Id: PasswordCredentialValveImpl.java,v 1.1 2004/11/25 02:25:58 ate Exp $
   */
  public class PasswordCredentialValveImpl extends AbstractValve implements org.apache.jetspeed.pipeline.valve.PasswordCredentialValve
  {
      private static final Log log = LogFactory.getLog(PasswordCredentialValveImpl.class);
      
      private static final String CHECKED_KEY = PasswordCredentialValveImpl.class.getName() + ".checked";
      //private PageManager pageManager;
      private int[] expirationWarningDays;
      
      public PasswordCredentialValveImpl(List expirationWarningDays)
      {
          if ( expirationWarningDays != null )
          {
              this.expirationWarningDays = new int[expirationWarningDays.size()];
              for ( int i = 0; i < this.expirationWarningDays.length; i++ )
              {
                  this.expirationWarningDays[i] = Integer.parseInt((String)expirationWarningDays.get(i));
              }
              Arrays.sort(this.expirationWarningDays);
          }
          else
          {
              this.expirationWarningDays = new int[0];
          }
      }
  
      /**
       * @see org.apache.jetspeed.pipeline.valve.Valve#invoke(org.apache.jetspeed.request.RequestContext, org.apache.jetspeed.pipeline.valve.ValveContext)
       */
      public void invoke(RequestContext request, ValveContext context) throws PipelineException
      {
          try
          {
              Subject subject = request.getSubject();
              Iterator credentialsIter = subject.getPrivateCredentials().iterator();
              PasswordCredential pwdCredential = null;
              while ( credentialsIter.hasNext() )
              {
                  Object credential = credentialsIter.next();
                  if ( credential instanceof PasswordCredential )
                  {
                      pwdCredential = (PasswordCredential)credential;
                      break;
                  }
              }
              Integer passwordDaysValid = null;
              
              // check for an existing password credential
              // The only expected subject without a password credential is the anonymous user!
              if ( pwdCredential != null )
              {
                  if ( pwdCredential.isUpdateRequired() )
                  {
                      passwordDaysValid = new Integer(0); // required change
                  }
                  if ( request.getSessionAttribute(CHECKED_KEY) == null  )
                  {
                      request.setSessionAttribute(CHECKED_KEY,Boolean.TRUE);
                      if ( pwdCredential.getPreviousAuthenticationDate() != null )
                      {
                          long expirationTime = pwdCredential.getExpirationDate().getTime();
                          long lastAuthTime = pwdCredential.getLastAuthenticationDate().getTime();
                          int lastAuthDaysBeforeExpiration = (int)(expirationTime-lastAuthTime)/(24*60*60*1000);
                          if (  lastAuthDaysBeforeExpiration < 1 )
                          {
                              passwordDaysValid = new Integer(1);
                          }
                          else if (expirationWarningDays.length > 0)
                          {
                              long prevAuthTime = Long.MIN_VALUE;
                              if (pwdCredential.getPreviousAuthenticationDate() != null )
                              {
                                  prevAuthTime = pwdCredential.getPreviousAuthenticationDate().getTime();
                              }
                              int prevAuthDaysBeforeExpiration = (int)(expirationTime-prevAuthTime)/(24*60*60*1000);
                              if ( prevAuthDaysBeforeExpiration > lastAuthDaysBeforeExpiration )
                              {
                                  for ( int i = 0; i < expirationWarningDays.length; i++ )
                                  {
                                      int daysBefore = expirationWarningDays[i]-1;
                                      if ( lastAuthDaysBeforeExpiration == daysBefore ||
                                              (lastAuthDaysBeforeExpiration < daysBefore &&
                                                      prevAuthDaysBeforeExpiration > daysBefore ) )
                                      {
                                          passwordDaysValid = new Integer(lastAuthDaysBeforeExpiration+1);
                                          break;
                                      }
                                  }
                              }
                          }
                      }
                  }
              }
              if ( passwordDaysValid != null )
              {
                  // enforce the SECURITY_LOCATOR to be used to redirect to a change password portlet page
                  request.setAttribute(PageProfilerValve.PROFILE_LOCATOR_REQUEST_ATTR_KEY,ProfileLocator.SECURITY_LOCATOR);
                  // inform the change password portlet why it is invoked
                  request.setAttribute(PasswordCredential.PASSWORD_CREDENTIAL_DAYS_VALID_REQUEST_ATTR_KEY, passwordDaysValid);
              }
              context.invokeNext(request);
          }
          catch (Exception e)
          {
              log.error("Exception in request pipeline: " + e.getMessage(), e);
              throw new PipelineException(e.toString(), e);
          }
      }
  
      public String toString()
      {
          return "PasswordCredentialValve";
      }
  
  }
  
  
  
  1.3       +107 -55   jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/ChangePasswordPortlet.java
  
  Index: ChangePasswordPortlet.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/ChangePasswordPortlet.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- ChangePasswordPortlet.java	27 Oct 2004 21:08:00 -0000	1.2
  +++ ChangePasswordPortlet.java	25 Nov 2004 02:25:58 -0000	1.3
  @@ -16,6 +16,7 @@
   package org.apache.jetspeed.portlets.security;
   
   import java.io.IOException;
  +import java.text.MessageFormat;
   import java.util.ArrayList;
   import java.util.ResourceBundle;
   
  @@ -26,9 +27,17 @@
   import javax.portlet.RenderRequest;
   import javax.portlet.RenderResponse;
   
  +import org.apache.jetspeed.PortalReservedParameters;
  +import javax.security.auth.Subject;
  +import javax.servlet.http.HttpServletRequest;
  +
  +import org.apache.jetspeed.request.RequestContext;
  +import org.apache.jetspeed.security.PasswordCredential;
   import org.apache.jetspeed.security.SecurityException;
   import org.apache.jetspeed.security.UserManager;
  -import org.apache.portals.bridges.common.GenericServletPortlet;
  +import org.apache.pluto.core.impl.PortletRequestImpl;
  +import org.apache.portals.
  +bridges.common.GenericServletPortlet;
   
   /**
    * This portlet allows a logged on user to change its password.
  @@ -45,6 +54,9 @@
       public static final String NEW_PASSWORD_AGAIN = "newPasswordAgain";
       public static final String ERROR_MESSAGES = "errorMessages";
       public static final String PASSWORD_CHANGED = "passwordChanged";
  +    public static final String WHY = "why";
  +    public static final String REQUIRED = "required";
  +    public static final String CANCELLED = "cancelled";
       public static final String CPS_USER_MANAGER_COMPONENT = "cps:UserManager";
       
       public void init(PortletConfig config)
  @@ -61,76 +73,116 @@
       public void doView(RenderRequest request, RenderResponse response) throws PortletException, IOException
       {
           response.setContentType("text/html");
  -        
  -        ArrayList errorMessages = (ArrayList)request.getPortletSession().getAttribute(ERROR_MESSAGES);
  -        if (errorMessages != null )
  -        {
  -            request.getPortletSession().removeAttribute(ERROR_MESSAGES);
  -            request.setAttribute(ERROR_MESSAGES,errorMessages);
  -        }
  -        else
  +
  +        if ( request.getUserPrincipal() != null )
           {
  -            Boolean password_changed = (Boolean)request.getPortletSession().getAttribute(PASSWORD_CHANGED);
  -            if ( password_changed != null )
  +            // TODO 2004-11-18: Hack around PLUTO-83 bug which fix should be availabe in 1.0.1-rc2 
  +            //                  After the fix, the RequestContext should be retrieved from the RenderRequest
  +            //                  and the pluto depedency removed from this project project.xml
  +            HttpServletRequest req = (HttpServletRequest)((PortletRequestImpl)request).getRequest();
  +            RequestContext requestContext = (RequestContext)req.getAttribute(RequestContext.REQUEST_PORTALENV);
  +            Integer passwordDaysValid = (Integer)requestContext.getAttribute(PasswordCredential.PASSWORD_CREDENTIAL_DAYS_VALID_REQUEST_ATTR_KEY);
  +            
  +            if ( passwordDaysValid != null )
               {
  -                request.getPortletSession().removeAttribute(PASSWORD_CHANGED);
  -                request.setAttribute(PASSWORD_CHANGED,password_changed);
  +                ResourceBundle bundle = ResourceBundle.getBundle("org.apache.jetspeed.portlets.security.resources.ChgPwdResources",request.getLocale());
  +                if ( passwordDaysValid.intValue() < 1 )
  +                {
  +                    request.setAttribute(WHY,bundle.getString("chgpwd.message.change.required"));
  +                    request.setAttribute(REQUIRED,Boolean.TRUE);
  +                }
  +                else if ( passwordDaysValid.intValue() == 1 )
  +                {
  +                    request.setAttribute(WHY,bundle.getString("chgpwd.message.expires.today"));
  +                    request.setAttribute(REQUIRED,Boolean.TRUE);
  +                }
  +                else
  +                {
  +                    MessageFormat mf = new MessageFormat(bundle.getString("chgpwd.message.expires.in.days"));
  +                    request.setAttribute(WHY,mf.format(new Integer[]{passwordDaysValid}));
  +                }
               }
  -        }        
  +            
  +            ArrayList errorMessages = (ArrayList)request.getPortletSession().getAttribute(ERROR_MESSAGES);
  +            if (errorMessages != null )
  +            {
  +                request.getPortletSession().removeAttribute(ERROR_MESSAGES);
  +                request.setAttribute(ERROR_MESSAGES,errorMessages);
  +            }
  +            else
  +            {
  +                Boolean password_changed = (Boolean)request.getPortletSession().getAttribute(PASSWORD_CHANGED);
  +                if ( password_changed != null )
  +                {
  +                    request.getPortletSession().removeAttribute(PASSWORD_CHANGED);
  +                    request.setAttribute(PASSWORD_CHANGED,password_changed);
  +                }
  +            }        
  +        }
           super.doView(request, response);
       }
       
       public void processAction(ActionRequest actionRequest, ActionResponse actionResponse) throws PortletException,
       IOException
       {
  -        ResourceBundle bundle = ResourceBundle.getBundle("org.apache.jetspeed.portlets.security.resources.ChgPwdResources",actionRequest.getLocale());
  -
  -        ArrayList errorMessages = new ArrayList();
  -        
           if ( actionRequest.getUserPrincipal() != null )
           {
  -            String currPassword = actionRequest.getParameter(CURRENT_PASSWORD);
  -            String newPassword = actionRequest.getParameter(NEW_PASSWORD);
  -            String newPasswordAgain = actionRequest.getParameter(NEW_PASSWORD_AGAIN);
  -        
  -            if (currPassword == null || currPassword.length() == 0)
  -            {
  -                errorMessages.add(bundle.getString("chgpwd.error.currentPasswordNull"));
  -                currPassword = null;
  -            }
  -            if (newPassword == null || newPassword.length() == 0)
  -            {
  -                errorMessages.add(bundle.getString("chgpwd.error.newPasswordNull"));
  -                newPassword = null;
  -            }
  -            if (newPassword != null && newPassword.length() == 0)
  -            {
  -                newPassword = null;
  -            }
  +            ResourceBundle bundle = ResourceBundle.getBundle("org.apache.jetspeed.portlets.security.resources.ChgPwdResources",actionRequest.getLocale());
  +
  +            ArrayList errorMessages = new ArrayList();
               
  -            if (newPassword != null && 
  -                    (newPasswordAgain == null || (newPasswordAgain != null && !newPassword.equals(newPasswordAgain))))
  -            {
  -                errorMessages.add(bundle.getString("chgpwd.error.newPasswordsDoNotMatch"));
  -            }
  -            if ( errorMessages.size() == 0 )
  +            String cancelled = actionRequest.getParameter(CANCELLED);
  +            if ( cancelled == null )
               {
  -                try
  +                String currPassword = actionRequest.getParameter(CURRENT_PASSWORD);
  +                String newPassword = actionRequest.getParameter(NEW_PASSWORD);
  +                String newPasswordAgain = actionRequest.getParameter(NEW_PASSWORD_AGAIN);
  +            
  +                if (currPassword == null || currPassword.length() == 0)
                   {
  -                    manager.setPassword(actionRequest.getUserPrincipal().getName(), currPassword, newPassword);
  +                    errorMessages.add(bundle.getString("chgpwd.error.currentPasswordNull"));
  +                    currPassword = null;
                   }
  -                catch ( SecurityException e)
  +                if (newPassword == null || newPassword.length() == 0)
                   {
  -                    errorMessages.add(e.getMessage());
  +                    errorMessages.add(bundle.getString("chgpwd.error.newPasswordNull"));
  +                    newPassword = null;
  +                }
  +                if (newPassword != null && newPassword.length() == 0)
  +                {
  +                    newPassword = null;
  +                }
  +                
  +                if (newPassword != null && 
  +                        (newPasswordAgain == null || (newPasswordAgain != null && !newPassword.equals(newPasswordAgain))))
  +                {
  +                    errorMessages.add(bundle.getString("chgpwd.error.newPasswordsDoNotMatch"));
  +                }
  +                if ( errorMessages.size() == 0 )
  +                {
  +                    try
  +                    {
  +                        String userName = actionRequest.getUserPrincipal().getName();
  +                        manager.setPassword(userName, currPassword, newPassword);
  +
  +                        // refresh/update Subject in session to reflect the changed PasswordCredential
  +                        Subject subject = manager.getUser(userName).getSubject();
  +                        RequestContext requestContext = (RequestContext)actionRequest.getAttribute(RequestContext.REQUEST_PORTALENV);                  
  +                        requestContext.setSessionAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT, subject);
  +                    }
  +                    catch ( SecurityException e)
  +                    {
  +                        errorMessages.add(e.getMessage());
  +                    }
  +                }
  +                if ( errorMessages.size() > 0 )
  +                {
  +                    actionRequest.getPortletSession().setAttribute(ERROR_MESSAGES,errorMessages);
  +                }
  +                else
  +                {
  +                    actionRequest.getPortletSession().setAttribute(PASSWORD_CHANGED,Boolean.TRUE);
                   }
  -            }
  -            if ( errorMessages.size() > 0 )
  -            {
  -                actionRequest.getPortletSession().setAttribute(ERROR_MESSAGES,errorMessages);
  -            }
  -            else
  -            {
  -                actionRequest.getPortletSession().setAttribute(PASSWORD_CHANGED,Boolean.TRUE);
               }
           }
       }
  
  
  
  1.5       +2 -1      jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/pipeline/valve/PageProfilerValve.java
  
  Index: PageProfilerValve.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/pipeline/valve/PageProfilerValve.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- PageProfilerValve.java	5 Jun 2004 05:13:08 -0000	1.4
  +++ PageProfilerValve.java	25 Nov 2004 02:25:58 -0000	1.5
  @@ -38,4 +38,5 @@
    */
   public interface PageProfilerValve extends Valve
   {
  +    String PROFILE_LOCATOR_REQUEST_ATTR_KEY = "org.apache.jetspeed.profiler.ProfileLocator";
   }
  
  
  
  1.1                  jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/pipeline/valve/PasswordCredentialValve.java
  
  Index: PasswordCredentialValve.java
  ===================================================================
  /*
   * Copyright 2000-2004 The Apache Software Foundation.
   * 
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   * 
   *      http://www.apache.org/licenses/LICENSE-2.0
   * 
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.pipeline.valve;
  
  /**
   * Checks the PasswordCredential (only once) after a User is logged in
   * and redirects to a Change Password page if necessary.
   * <br/>
   * Read from the ValveContext:
   * <ul>
   * </ul>
   *
   * <br/>
   * Written into the ValveContext:
   * <ul>
   * </ul>
   *
   * <br>
   * Note: The primary purpose of this interface is primary for documention.
   * 
   * @author <a href="mailto:ate@apache.org">Ate Douma</a>
   * @version $Id: PasswordCredentialValve.java,v 1.1 2004/11/25 02:25:58 ate Exp $
   * 
   * @see PasswordCredentialContext
   */
  public interface PasswordCredentialValve extends Valve
  {
  }
  
  
  
  1.4       +9 -2      jakarta-jetspeed-2/components/security/src/java/META-INF/security_repository.xml
  
  Index: security_repository.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/META-INF/security_repository.xml,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- security_repository.xml	12 Nov 2004 03:17:46 -0000	1.3
  +++ security_repository.xml	25 Nov 2004 02:25:58 -0000	1.4
  @@ -195,8 +195,15 @@
   	    >
   	    </field-descriptor>
         <field-descriptor
  -          name="lastLogonDate"
  -          column="last_logon_date"
  +          name="previousAuthenticationDate"
  +          column="prev_auth_date"
  +          jdbc-type="TIMESTAMP"
  +          nullable="true"
  +      >
  +      </field-descriptor>
  +      <field-descriptor
  +          name="lastAuthenticationDate"
  +          column="last_auth_date"
             jdbc-type="TIMESTAMP"
             nullable="true"
         >
  
  
  
  1.3       +17 -18    jakarta-jetspeed-2/components/profiler/src/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java
  
  Index: JetspeedProfilerImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/profiler/src/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- JetspeedProfilerImpl.java	3 Nov 2004 15:59:47 -0000	1.2
  +++ JetspeedProfilerImpl.java	25 Nov 2004 02:25:58 -0000	1.3
  @@ -71,8 +71,6 @@
       /** The configured default rule for this portal */
       private String defaultRule = "j1";
   
  -    private String anonymousUser = "guest";
  -
       private Map principalRules = new HashMap();
   
       public JetspeedProfilerImpl( String repositoryPath )
  @@ -100,7 +98,6 @@
       {
           this(repositoryPath);
           this.defaultRule = properties.getProperty("defaultRule", "j1");
  -        this.anonymousUser = properties.getProperty("anonymousUser", "guest");
           initModelClasses(properties); // TODO: move this to
           // start()
       }
  @@ -245,17 +242,29 @@
        */
       public ProfilingRule getRuleForPrincipal( Principal principal, String locatorName )
       {
  +        ProfilingRule rule = null;
           // lookup the rule for the given principal in our user/rule table
           PrincipalRule pr = lookupPrincipalRule(principal.getName(), locatorName);
   
  -        // if not found, fallback to the system wide rule
  +        // if not found, fallback to the locator named rule or system wide rule
           if (pr == null)
           {
  -            return getDefaultRule();
  +            // find rule on locator name
  +            rule = getRule(locatorName);
  +            
  +            if ( rule == null )
  +            {
  +                // if not found, fallback to the system wide rule
  +                rule = getDefaultRule();
  +            }
  +        }
  +        else
  +        {
  +            // Get the associated rule
  +            rule = pr.getProfilingRule();
           }
   
  -        // Now get the associated rule
  -        return pr.getProfilingRule();
  +        return rule;
       }
   
       /*
  @@ -350,16 +359,6 @@
   
           return (ProfilingRule) getPersistenceBrokerTemplate().getObjectByQuery(
                   QueryFactory.newQuery(profilingRuleClass, c));
  -    }
  -
  -    /*
  -     * (non-Javadoc)
  -     * 
  -     * @see org.apache.jetspeed.profiler.Profiler#getAnonymousUser()
  -     */
  -    public String getAnonymousUser()
  -    {
  -        return this.anonymousUser;
       }
   
       /*
  
  
  
  1.4       +20 -7     jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/om/InternalCredential.java
  
  Index: InternalCredential.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/jetspeed-api/src/java/org/apache/jetspeed/security/om/InternalCredential.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- InternalCredential.java	12 Nov 2004 03:17:46 -0000	1.3
  +++ InternalCredential.java	25 Nov 2004 02:25:58 -0000	1.4
  @@ -32,8 +32,9 @@
    * </ul>
    * <p>The credential classname represent the class of credential.
    * </p>
  - * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
    * TODO Add multiple credentials support.
  + * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
  + * @version $Id$
    */
   public interface InternalCredential extends Serializable, Cloneable
   {
  @@ -212,14 +213,26 @@
       void setModifiedDate(Timestamp modifiedDate);
   
       /**
  -     * <p>Getter for the last logon date</p>
  -     * @return The last logon date.
  +     * <p>Getter for the previous authentication date</p>
  +     * @return The previous authentication date.
  +     */
  +    Timestamp getPreviousAuthenticationDate();
  +    
  +    /**
  +     * <p>Setter for the previous authentication date</p>
  +     * @param previousAuthenticationDate The previous authentication date.
  +     */
  +    void setPreviousAuthenticationDate(Timestamp previousAuthenticationDate);
  +
  +    /**
  +     * <p>Getter for the last authentication date</p>
  +     * @return The last authentication date.
        */
  -    Timestamp getLastLogonDate();
  +    Timestamp getLastAuthenticationDate();
       
       /**
  -     * <p>Setter for the last logon date</p>
  -     * @param lastLogonDate The last logon date.
  +     * <p>Setter for the last authentication date</p>
  +     * @param lastAuthenticationDate The last authentication date.
        */
  -    void setLastLogonDate(Timestamp lastLogonDate);
  +    void setLastAuthenticationDate(Timestamp lastAuthenticationDate);
   }
  
  
  
  1.13      +25 -4     jakarta-jetspeed-2/applications/pam/src/java/org/apache/jetspeed/portlets/security/UserDetailsPortlet.java
  
  Index: UserDetailsPortlet.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/applications/pam/src/java/org/apache/jetspeed/portlets/security/UserDetailsPortlet.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- UserDetailsPortlet.java	8 Nov 2004 03:23:37 -0000	1.12
  +++ UserDetailsPortlet.java	25 Nov 2004 02:25:58 -0000	1.13
  @@ -91,6 +91,7 @@
       private Profiler     profiler;
   
       private LinkedHashMap userTabMap = new LinkedHashMap();
  +    private LinkedHashMap anonymousUserTabMap = new LinkedHashMap();
       
       public void init(PortletConfig config)
       throws PortletException 
  @@ -128,6 +129,11 @@
           userTabMap.put(tb2.getId(), tb2);
           userTabMap.put(tb3.getId(), tb3); 
           userTabMap.put(tb4.getId(), tb4);
  +        
  +        anonymousUserTabMap.put(tb1.getId(), tb1);
  +        anonymousUserTabMap.put(tb2.getId(), tb2);
  +        anonymousUserTabMap.put(tb3.getId(), tb3);
  +        anonymousUserTabMap.put(tb4.getId(), tb4);
       }
       
       public void doView(RenderRequest request, RenderResponse response)
  @@ -147,15 +153,30 @@
           }
           
           if (user != null)
  -        {        
  +        {       
  +            LinkedHashMap tabMap = null;
  +            if ( userManager.getAnonymousUser().equals(userName) )
  +            {
  +                tabMap = anonymousUserTabMap;
  +            }
  +            else
  +            {
  +                tabMap = userTabMap;
  +            }
               
               // Tabs
  -            request.setAttribute("tabs", userTabMap.values());        
  +            request.setAttribute("tabs", tabMap.values());        
               TabBean selectedTab = 
                   (TabBean) request.getPortletSession().getAttribute(PortletApplicationResources.REQUEST_SELECT_TAB);
  +
  +            if(selectedTab != null && !tabMap.containsKey(selectedTab.getId()))
  +            {
  +                selectedTab = null;
  +            }
  +            
               if(selectedTab == null)
               {
  -                selectedTab = (TabBean) userTabMap.values().iterator().next();
  +                selectedTab = (TabBean) tabMap.values().iterator().next();
               }
               JetspeedUserBean bean = new JetspeedUserBean(user);
               request.setAttribute(VIEW_USER, bean);
  
  
  
  1.2       +1 -1      jakarta-jetspeed-2/portal/src/webapp/WEB-INF/pages/my-account.psml
  
  Index: my-account.psml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/portal/src/webapp/WEB-INF/pages/my-account.psml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- my-account.psml	23 Nov 2004 21:14:13 -0000	1.1
  +++ my-account.psml	25 Nov 2004 02:25:58 -0000	1.2
  @@ -1 +1 @@
  -<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<page id="my-account">
  <defaults
     skin="orange"
     layout-decorator="tigris"
     portlet-decorator="tigris"
  />
  <title>My Account</title>
  <fragment id="cpwd-1" type="layout" name="jetspeed::VelocityTwoColumns">
    <fragment id="cpwd-2" type="portlet" name="security::ChangePasswordPortlet">
      <property layout="TwoColumns" name="row" value="0" />
      <property layout="TwoColumns" name="column" value="0" />
    </fragment>
  </fragment>
  <!-- allow all users to view 
       TODO: restrict to logged on users only (but how?)
  -->
  <security-constraints>
    <security-constraint>
      <users>*</users>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints>
</page>
  \ No newline at end of file
  +<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<page id="my-account">
  <defaults
     skin="orange"
     layout-decorator="tigris"
     portlet-decorator="tigris"
  />
  <title>My Account</title>
  <fragment id="cpwd-1" type="layout" name="jetspeed::VelocityTwoColumns">
    <fragment id="cpwd-2" type="portlet" name="security::ChangePasswordPortlet">
      <property layout="TwoColumns" name="row" value="0" />
      <property layout="TwoColumns" name="column" value="0" />
    </fragment>
  </fragment>
  <!-- allow all users to view 
       TODO: restrict to logged on users only (but how?)
  -->
  <security-constraints>
    <security-constraint>
      <users>guest</users>
    </security-constraint>
    <security-constraint>
      <users>*</users>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints>
</page>
  \ No newline at end of file
  
  
  
  1.21      +19 -3     jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java
  
  Index: ProfilerValveImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java,v
  retrieving revision 1.20
  retrieving revision 1.21
  diff -u -r1.20 -r1.21
  --- ProfilerValveImpl.java	19 Nov 2004 03:07:43 -0000	1.20
  +++ ProfilerValveImpl.java	25 Nov 2004 02:25:59 -0000	1.21
  @@ -17,6 +17,7 @@
   
   import java.io.IOException;
   import java.security.Principal;
  +import java.util.HashMap;
   import java.util.Map;
   
   import javax.security.auth.Subject;
  @@ -84,9 +85,24 @@
                   throw new ProfilerException("Missing principal for request: " + request.getPath());
               }
   
  -            // get all locators for the current user
  -            Map locators = profiler.getProfileLocators(request, principal);
  +            Map locators = null;
  +            String locatorName = (String)request.getAttribute(PROFILE_LOCATOR_REQUEST_ATTR_KEY);
  +            if ( locatorName != null )
  +            {
  +                ProfileLocator locator = profiler.getProfile(request,locatorName);
  +                if ( locator != null )
  +                {
  +                    locators = new HashMap();
  +                    locators.put(ProfileLocator.PAGE_LOCATOR, locator);
  +                }
  +            }
               
  +            if ( locators ==  null )
  +            {
  +                // get all locators for the current user
  +                locators = profiler.getProfileLocators(request, principal);
  +            }
  +
               if (locators.size() == 0)
               {
                   locators = profiler.getDefaultProfileLocators(request);                
  
  
  
  1.5       +31 -10    jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/om/impl/InternalCredentialImpl.java
  
  Index: InternalCredentialImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/om/impl/InternalCredentialImpl.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- InternalCredentialImpl.java	12 Nov 2004 03:19:28 -0000	1.4
  +++ InternalCredentialImpl.java	25 Nov 2004 02:25:59 -0000	1.5
  @@ -23,6 +23,7 @@
    * <p>{@link InternalCredential} interface implementation.</p>
    * 
    * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
  + * @version $Id$
    */
   public class InternalCredentialImpl implements InternalCredential
   {
  @@ -46,7 +47,7 @@
           this.value = value;
           this.type = type;
           this.classname = classname;
  -        this.creationDate = new Timestamp(System.currentTimeMillis());
  +        this.creationDate = new Timestamp(new java.util.Date().getTime());
           this.modifiedDate = this.creationDate;
       }
       
  @@ -64,7 +65,8 @@
           this.encoded = credential.isEncoded();
           this.expirationDate = credential.getExpirationDate();
           this.expired = credential.isExpired();
  -        this.lastLogonDate = credential.getLastLogonDate();
  +        this.previousAuthenticationDate = credential.getPreviousAuthenticationDate();
  +        this.lastAuthenticationDate = credential.getLastAuthenticationDate();
           this.modifiedDate = credential.getModifiedDate();
           this.principalId = credential.getPrincipalId();
           this.type = credential.getType();
  @@ -306,22 +308,40 @@
           this.modifiedDate = modifiedDate;
       }
   
  -    private Timestamp lastLogonDate;
  +    private Timestamp previousAuthenticationDate;
  +
  +    /**
  +     * @see org.apache.jetspeed.security.om.InternalCredential#getPreviousAuthenticationDate()
  +     */
  +    public Timestamp getPreviousAuthenticationDate()
  +    {
  +        return previousAuthenticationDate;
  +    }
  +    
  +    /**
  +     * @see org.apache.jetspeed.security.om.InternalCredential#setPreviousAuthenticationDate(java.sql.Timestamp)
  +     */
  +    public void setPreviousAuthenticationDate(Timestamp previousAuthenticationDate)
  +    {
  +        this.previousAuthenticationDate = previousAuthenticationDate;
  +    }
  +
  +    private Timestamp lastAuthenticationDate;
       
       /**
  -     * @see org.apache.jetspeed.security.om.InternalCredential#getLastLoggedInDate()
  +     * @see org.apache.jetspeed.security.om.InternalCredential#getLastAuthenticationDate()
        */
  -    public Timestamp getLastLogonDate()
  +    public Timestamp getLastAuthenticationDate()
       {
  -        return lastLogonDate;
  +        return lastAuthenticationDate;
       }
       
       /**
  -     * @see org.apache.jetspeed.security.om.InternalCredential#setLastLogonDate(java.sql.Timestamp)
  +     * @see org.apache.jetspeed.security.om.InternalCredential#setLastAuthenticationDate(java.sql.Timestamp)
        */
  -    public void setLastLogonDate(Timestamp lastLogonDate)
  +    public void setLastAuthenticationDate(Timestamp lastAuthenticationDate)
       {
  -        this.lastLogonDate = lastLogonDate;
  +        this.lastAuthenticationDate = lastAuthenticationDate;
       }
       
       /**
  @@ -358,7 +378,8 @@
               + "[classname, " + this.classname + "], "
               + "[creationDate, " + this.creationDate + "], "
               + "[modifiedDate, " + this.modifiedDate + "], "
  -            + "[lastLogonDate, " + this.lastLogonDate + "]"
  +            + "[previousAuthenticationDate, " + this.previousAuthenticationDate + "]"
  +            + "[lastAuthenticationDate, " + this.lastAuthenticationDate + "]"
               + (expirationDate != null ? (", [expirationDate, "+ this.expirationDate + "]]") : "]");
           return toStringCredential;
       }    
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message