Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
ac
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Container registry
Model registry
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
OATS-CADC
ac
Commits
f7b8e184
Commit
f7b8e184
authored
9 years ago
by
Alinga Yeung
Browse files
Options
Downloads
Patches
Plain Diff
Story ac2. Updated Password servlet as per Brian's code review comments.
parent
2ab9e92b
No related branches found
No related tags found
No related merge requests found
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/PasswordServlet.java
+79
-68
79 additions, 68 deletions
.../src/ca/nrc/cadc/ac/server/web/users/PasswordServlet.java
with
79 additions
and
68 deletions
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/PasswordServlet.java
+
79
−
68
View file @
f7b8e184
...
@@ -97,12 +97,21 @@ public class PasswordServlet extends HttpServlet
...
@@ -97,12 +97,21 @@ public class PasswordServlet extends HttpServlet
public
void
doPost
(
final
HttpServletRequest
request
,
final
HttpServletResponse
response
)
public
void
doPost
(
final
HttpServletRequest
request
,
final
HttpServletResponse
response
)
throws
IOException
throws
IOException
{
{
response
.
setStatus
(
HttpServletResponse
.
SC_INTERNAL_SERVER_ERROR
);
final
long
start
=
System
.
currentTimeMillis
();
final
long
start
=
System
.
currentTimeMillis
();
final
ServletLogInfo
logInfo
=
new
ServletLogInfo
(
request
);
final
ServletLogInfo
logInfo
=
new
ServletLogInfo
(
request
);
log
.
info
(
logInfo
.
start
());
log
.
info
(
logInfo
.
start
());
try
{
final
Subject
subject
=
AuthenticationUtil
.
getSubject
(
request
);
final
Subject
subject
=
AuthenticationUtil
.
getSubject
(
request
);
if
((
subject
==
null
)
||
(
subject
.
getPrincipals
(
HttpPrincipal
.
class
).
isEmpty
()))
{
logInfo
.
setMessage
(
"Missing subject"
);
response
.
setStatus
(
HttpServletResponse
.
SC_UNAUTHORIZED
);
}
else
{
logInfo
.
setSubject
(
subject
);
logInfo
.
setSubject
(
subject
);
Subject
.
doAs
(
subject
,
new
PrivilegedAction
<
Void
>()
Subject
.
doAs
(
subject
,
new
PrivilegedAction
<
Void
>()
{
{
@Override
@Override
...
@@ -110,17 +119,11 @@ public class PasswordServlet extends HttpServlet
...
@@ -110,17 +119,11 @@ public class PasswordServlet extends HttpServlet
{
{
try
try
{
{
response
.
setStatus
(
HttpServletResponse
.
SC_OK
);
final
Set
<
HttpPrincipal
>
webPrincipals
=
final
Set
<
HttpPrincipal
>
webPrincipals
=
subject
.
getPrincipals
(
HttpPrincipal
.
class
);
subject
.
getPrincipals
(
HttpPrincipal
.
class
);
if
(
webPrincipals
.
isEmpty
())
User
<
HttpPrincipal
>
user
=
new
User
<
HttpPrincipal
>(
webPrincipals
.
iterator
().
next
());
{
response
.
setStatus
(
HttpServletResponse
.
SC_UNAUTHORIZED
);
}
else
{
User
<
HttpPrincipal
>
user
=
new
User
<
HttpPrincipal
>(
webPrincipals
.
toArray
(
new
HttpPrincipal
[
1
])[
0
]);
String
oldPassword
=
request
.
getParameter
(
"old_password"
);
String
oldPassword
=
request
.
getParameter
(
"old_password"
);
String
newPassword
=
request
.
getParameter
(
"new_password"
);
String
newPassword
=
request
.
getParameter
(
"new_password"
);
if
(
StringUtil
.
hasText
(
oldPassword
))
if
(
StringUtil
.
hasText
(
oldPassword
))
...
@@ -139,18 +142,31 @@ public class PasswordServlet extends HttpServlet
...
@@ -139,18 +142,31 @@ public class PasswordServlet extends HttpServlet
throw
new
IllegalArgumentException
(
"Missing old password"
);
throw
new
IllegalArgumentException
(
"Missing old password"
);
}
}
}
}
}
catch
(
IllegalArgumentException
e
)
catch
(
IllegalArgumentException
e
)
{
{
log
.
debug
(
e
.
getMessage
(),
e
);
log
.
debug
(
e
.
getMessage
(),
e
);
logInfo
.
setMessage
(
e
.
getMessage
());
logInfo
.
setMessage
(
e
.
getMessage
());
response
.
setStatus
(
400
);
response
.
setStatus
(
HttpServletResponse
.
SC_BAD_REQUEST
);
}
}
catch
(
AccessControlException
e
)
catch
(
AccessControlException
e
)
{
{
log
.
debug
(
e
.
getMessage
(),
e
);
log
.
debug
(
e
.
getMessage
(),
e
);
logInfo
.
setMessage
(
e
.
getMessage
());
logInfo
.
setMessage
(
e
.
getMessage
());
response
.
setStatus
(
401
);
response
.
setStatus
(
HttpServletResponse
.
SC_UNAUTHORIZED
);
}
catch
(
Throwable
t
)
{
String
message
=
"Internal Server Error: "
+
t
.
getMessage
();
log
.
error
(
message
,
t
);
logInfo
.
setSuccess
(
false
);
logInfo
.
setMessage
(
message
);
response
.
setStatus
(
HttpServletResponse
.
SC_INTERNAL_SERVER_ERROR
);
}
return
null
;
}
});
}
}
}
catch
(
Throwable
t
)
catch
(
Throwable
t
)
{
{
...
@@ -158,16 +174,11 @@ public class PasswordServlet extends HttpServlet
...
@@ -158,16 +174,11 @@ public class PasswordServlet extends HttpServlet
log
.
error
(
message
,
t
);
log
.
error
(
message
,
t
);
logInfo
.
setSuccess
(
false
);
logInfo
.
setSuccess
(
false
);
logInfo
.
setMessage
(
message
);
logInfo
.
setMessage
(
message
);
response
.
setStatus
(
500
);
}
}
finally
finally
{
{
logInfo
.
setElapsedTime
(
System
.
currentTimeMillis
()
-
start
);
logInfo
.
setElapsedTime
(
System
.
currentTimeMillis
()
-
start
);
log
.
info
(
logInfo
.
end
());
log
.
info
(
logInfo
.
end
());
}
}
return
null
;
}
});
}
}
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
