portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject cvs commit: jakarta-jetspeed/webapp/WEB-INF/conf JetspeedResources.properties
Date Tue, 28 May 2002 23:04:56 GMT
taylor      02/05/28 16:04:56

  Modified:    proposals Security.txt
               src/java/org/apache/jetspeed/modules/actions JLoginUser.java
               src/java/org/apache/jetspeed/modules/actions/portlets/security
                        UserUpdateAction.java
               src/java/org/apache/jetspeed/services JetspeedSecurity.java
               src/java/org/apache/jetspeed/services/security
                        JetspeedDBSecurityService.java
                        JetspeedSecurityService.java
               src/java/org/apache/jetspeed/services/template
                        JetspeedTemplateLocatorService.java
               webapp/WEB-INF/conf JetspeedResources.properties
  Log:
  - fixed logon.auto.disable bug in JR.p - made it part of JetspeedSecurity service (for now)
  - the default is now false (feature is turned 0ff by default)
  
  Revision  Changes    Path
  1.4       +3 -1      jakarta-jetspeed/proposals/Security.txt
  
  Index: Security.txt
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/proposals/Security.txt,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- Security.txt	24 May 2002 05:46:26 -0000	1.3
  +++ Security.txt	28 May 2002 23:04:55 -0000	1.4
  @@ -1,5 +1,5 @@
   Jetspeed Proposal: Portal Security 1.4
  -LAST MODIFIED: $Date: 2002/05/24 05:46:26 $
  +LAST MODIFIED: $Date: 2002/05/28 23:04:55 $
   AUTHOR:  taylor@apache.org, paulsp@apache.org
   STATUS:  
   
  @@ -237,6 +237,8 @@
       User login( String username, String password );
       User login( Principal principal );  
       User getAnonymousUser();
  +
  +    void logout();
   }
   
   -----------------------------------------------
  
  
  
  1.24      +2 -2      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLoginUser.java
  
  Index: JLoginUser.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLoginUser.java,v
  retrieving revision 1.23
  retrieving revision 1.24
  diff -u -r1.23 -r1.24
  --- JLoginUser.java	25 Feb 2002 04:38:12 -0000	1.23
  +++ JLoginUser.java	28 May 2002 23:04:55 -0000	1.24
  @@ -265,7 +265,7 @@
   
           if ( data.getUser().hasLoggedIn())
           {
  -            if  (JetspeedResources.getBoolean("logon.auto.disable", true))
  +            if  (JetspeedSecurity.getAutoLogonDisable())
               {
                   // dst: this needs some refactoring. I don't believe this api is necessary
                   JetspeedSecurity.resetUserCheck(data.getParameters().getString("username",
""));
  @@ -354,7 +354,7 @@
           else
           {
               // disable user after a configurable number of strikes
  -            if  (JetspeedResources.getBoolean("logon.auto.disable", true))
  +            if  (JetspeedSecurity.getAutoLogonDisable())
               {
                   boolean disabled = JetspeedSecurity.disableUserCheck(data.getParameters().getString("username",
""));
                   if (disabled)
  
  
  
  1.12      +2 -2      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java
  
  Index: UserUpdateAction.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- UserUpdateAction.java	29 Mar 2002 20:12:32 -0000	1.11
  +++ UserUpdateAction.java	28 May 2002 23:04:55 -0000	1.12
  @@ -104,7 +104,7 @@
    * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
    * @author <a href="mailto:kimptoc_mail@yahoo.com">Chris Kimpton</a>
    * @author <a href="mailto:paulsp@apache.org">Paul Spencer</a>
  - * @version $Id: UserUpdateAction.java,v 1.11 2002/03/29 20:12:32 taylor Exp $
  + * @version $Id: UserUpdateAction.java,v 1.12 2002/05/28 23:04:55 taylor Exp $
    */
   public class UserUpdateAction extends VelocityPortletAction
   {
  @@ -483,7 +483,7 @@
               boolean disabled = (strDisabled != null);
               user.setDisabled(disabled);
   
  -            if  (!disabled && oldDisabled && JetspeedResources.getBoolean("logon.auto.disable",
true))
  +            if  (!disabled && oldDisabled && JetspeedSecurity.getAutoLogonDisable())
               {
                   JetspeedSecurity.resetUserCheck(name);
               }
  
  
  
  1.11      +8 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java
  
  Index: JetspeedSecurity.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- JetspeedSecurity.java	25 Feb 2002 04:38:13 -0000	1.10
  +++ JetspeedSecurity.java	28 May 2002 23:04:55 -0000	1.11
  @@ -75,7 +75,7 @@
    * 
    * @see org.apache.jetspeed.services.security.JetspeedSecurityService
    * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
  - * @version $Id: JetspeedSecurity.java,v 1.10 2002/02/25 04:38:13 taylor Exp $
  + * @version $Id: JetspeedSecurity.java,v 1.11 2002/05/28 23:04:55 taylor Exp $
    */
   
   abstract public class JetspeedSecurity extends TurbineSecurity
  @@ -215,5 +215,12 @@
          ((JetspeedSecurityService)getService()).resetUserCheck(username);
       }
   
  +    /**
  +     * @see JetspeedSecurityService#getAutoLogonDisable
  +     */
  +    public static boolean getAutoLogonDisable()
  +    {
  +       return ((JetspeedSecurityService)getService()).getAutoLogonDisable();
  +    }
   
   }
  
  
  
  1.19      +13 -2     jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
  
  Index: JetspeedDBSecurityService.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- JetspeedDBSecurityService.java	17 Apr 2002 02:04:56 -0000	1.18
  +++ JetspeedDBSecurityService.java	28 May 2002 23:04:55 -0000	1.19
  @@ -101,7 +101,7 @@
    *
    * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
    * @author <a href="mailto:sgala@hisitech.com">Santiago Gala</a>
  - * @version $Id: JetspeedDBSecurityService.java,v 1.18 2002/04/17 02:04:56 taylor Exp $
  + * @version $Id: JetspeedDBSecurityService.java,v 1.19 2002/05/28 23:04:55 taylor Exp $
    */
   
   
  @@ -115,6 +115,7 @@
       private final static String CONFIG_LOGON_STRIKE_COUNT = "logon.strike.count";
       private final static String CONFIG_LOGON_STRIKE_MAX = "logon.strike.max";
       private final static String CONFIG_LOGON_STRIKE_INTERVAL = "logon.strike.interval";
  +    private final static String CONFIG_LOGON_AUTO_DISABLE = "logon.auto.disable";
   
       private final static String CONFIG_NEWUSER_ROLES     = "newuser.roles";
       private final static String CONFIG_DEFAULT_PERMISSION_LOGGEDIN     = "permission.default.loggedin";
  @@ -126,11 +127,13 @@
       String roles[] = null;
       boolean caseInsensitiveUsername = false;
       boolean caseInsensitivePassword = false;
  -    boolean caseInsensitiveUpper = true;
  +    boolean caseInsensitiveUpper = true;    
       int strikeCount = 3;             // 3 within the interval
       int strikeMax = 20;              // 20 total failures 
       long strikeInterval = 300;  // five minutes
   
  +    boolean autoLogonDisable = false;
  +
       private static HashMap users = new HashMap();
   
       /**
  @@ -171,6 +174,8 @@
           strikeInterval = serviceConf.getLong(CONFIG_LOGON_STRIKE_INTERVAL, strikeInterval);
           strikeMax = serviceConf.getInt(CONFIG_LOGON_STRIKE_MAX, strikeMax);
   
  +        autoLogonDisable = serviceConf.getBoolean(CONFIG_LOGON_AUTO_DISABLE, autoLogonDisable);
  +
           // initialization done
           setInit(true);
        }
  @@ -624,4 +629,10 @@
       {
           super.forcePassword(user, convertPassword(password));
       }
  +
  +    public boolean getAutoLogonDisable()
  +    {
  +       return autoLogonDisable;
  +    }
  +
   }
  
  
  
  1.8       +2 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedSecurityService.java
  
  Index: JetspeedSecurityService.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedSecurityService.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- JetspeedSecurityService.java	25 Feb 2002 04:38:13 -0000	1.7
  +++ JetspeedSecurityService.java	28 May 2002 23:04:56 -0000	1.8
  @@ -75,7 +75,7 @@
    * for controlling access to portal resources (portlets, panes).
    *
    * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
  - * @version $Id: JetspeedSecurityService.java,v 1.7 2002/02/25 04:38:13 taylor Exp $
  + * @version $Id: JetspeedSecurityService.java,v 1.8 2002/05/28 23:04:56 taylor Exp $
    */
   
   
  @@ -113,4 +113,5 @@
   
       public void resetUserCheck(String username);
   
  +    public boolean getAutoLogonDisable();
   }
  
  
  
  1.8       +2 -2      jakarta-jetspeed/src/java/org/apache/jetspeed/services/template/JetspeedTemplateLocatorService.java
  
  Index: JetspeedTemplateLocatorService.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/template/JetspeedTemplateLocatorService.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- JetspeedTemplateLocatorService.java	9 May 2002 08:44:53 -0000	1.7
  +++ JetspeedTemplateLocatorService.java	28 May 2002 23:04:56 -0000	1.8
  @@ -112,7 +112,7 @@
    * @author <a href="mailto:rapahel@apache.org">Raphael Luta</a>
    * @author <a href="mailto:paulsp@apache.org">Paul Spener</a>
    * @author <a href="mailto:kimptoc_mail@yahoo.com">Chris Kimpton</a>
  - * @version $Id: JetspeedTemplateLocatorService.java,v 1.7 2002/05/09 08:44:53 kimptoc
Exp $
  + * @version $Id: JetspeedTemplateLocatorService.java,v 1.8 2002/05/28 23:04:56 taylor Exp
$
    */
   
   public class JetspeedTemplateLocatorService   extends TurbineBaseService
  @@ -591,7 +591,6 @@
               templatePath.append(PATH_SEPARATOR).append(language);
           if ((country != null) && (country.length() > 0)) 
               templatePath.append(PATH_SEPARATOR).append(country);
  -
           return  templatePath.toString();
       }
   
  @@ -697,5 +696,6 @@
                   loadNameCache(path + list[ix], list[ix]);
           }
       }
  +
   
   }
  
  
  
  1.78      +2 -2      jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedResources.properties
  
  Index: JetspeedResources.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedResources.properties,v
  retrieving revision 1.77
  retrieving revision 1.78
  diff -u -r1.77 -r1.78
  --- JetspeedResources.properties	10 May 2002 18:43:01 -0000	1.77
  +++ JetspeedResources.properties	28 May 2002 23:04:56 -0000	1.78
  @@ -1,7 +1,7 @@
   ################################################################################
   # Jetspeed Configuration                             
   # Author: Kevin A. Burton (burton@apache.org)
  -# $Id: JetspeedResources.properties,v 1.77 2002/05/10 18:43:01 kimptoc Exp $
  +# $Id: JetspeedResources.properties,v 1.78 2002/05/28 23:04:56 taylor Exp $
   ################################################################################
   # This is the main file you will need to configuration Jetspeed.  If there are 
   # any secondary files they will be pointed to from this file.
  @@ -424,7 +424,7 @@
   services.JetspeedSecurity.caseinsensitive.upper=true
   
   # Auto-Account-Disable Feature         
  -services.JetspeedSecurity.logon.auto.disable=true
  +services.JetspeedSecurity.logon.auto.disable=false
   
   # 3 logon strikes per 300 seconds and your out
   services.JetspeedSecurity.logon.strike.count=3
  
  
  

--
To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>


Mime
View raw message