java/code/src/com/redhat/rhn/common/conf/ConfigDefaults.java | 13 java/code/src/com/redhat/rhn/domain/user/User.java | 6 java/code/src/com/redhat/rhn/domain/user/legacy/UserImpl.java | 8 java/code/src/com/redhat/rhn/frontend/action/LoginAction.java | 153 ++++------ java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java | 113 ++++++- java/code/src/com/redhat/rhn/frontend/security/PxtAuthenticationService.java | 28 + java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml | 12 java/code/src/com/redhat/rhn/manager/user/CreateUserCommand.java | 8 java/code/webapp/WEB-INF/pages/common/relogin.jsp | 2 java/code/webapp/WEB-INF/struts-config.xml | 2 java/spacewalk-java.spec | 7 rel-eng/packages/spacewalk-java | 2 12 files changed, 228 insertions(+), 126 deletions(-)
New commits: commit 87d31080163c2437a7fe75defddf9c9ae9040995 Author: Tomas Lestach tlestach@redhat.com Date: Fri Jan 3 17:05:47 2014 +0100
Automatic commit of package [spacewalk-java] release [2.1.108-1].
diff --git a/java/spacewalk-java.spec b/java/spacewalk-java.spec index 11ac152..d506b84 100644 --- a/java/spacewalk-java.spec +++ b/java/spacewalk-java.spec @@ -28,7 +28,7 @@ Name: spacewalk-java Summary: Spacewalk Java site packages Group: Applications/Internet License: GPLv2 -Version: 2.1.107 +Version: 2.1.108 Release: 1%{?dist} URL: https://fedorahosted.org/spacewalk Source0: https://fedorahosted.org/releases/s/p/spacewalk/%%7Bname%7D-%%7Bversion%7D.t... @@ -785,6 +785,11 @@ fi %{jardir}/postgresql-jdbc.jar
%changelog +* Fri Jan 03 2014 Tomas Lestach tlestach@redhat.com 2.1.108-1 +- store url_bounce and request_method to session and re-use common login parts +- support logins using Kerberos ticket +- 1044547 - adding newlines as needed + * Mon Dec 23 2013 Milan Zazrivec mzazrivec@redhat.com 2.1.107-1 - Remove extraneous character from query - Fix action type diff --git a/rel-eng/packages/spacewalk-java b/rel-eng/packages/spacewalk-java index 8be226d..9cb7a72 100644 --- a/rel-eng/packages/spacewalk-java +++ b/rel-eng/packages/spacewalk-java @@ -1 +1 @@ -2.1.107-1 java/ +2.1.108-1 java/
commit 6a6d928b41c6a2fb3afab2d6e751eb35e25a6234 Author: Tomas Lestach tlestach@redhat.com Date: Tue Dec 17 11:56:46 2013 +0100
store url_bounce and request_method to session and re-use common login parts
diff --git a/java/code/src/com/redhat/rhn/frontend/action/LoginAction.java b/java/code/src/com/redhat/rhn/frontend/action/LoginAction.java index 50e1904..304c53a 100644 --- a/java/code/src/com/redhat/rhn/frontend/action/LoginAction.java +++ b/java/code/src/com/redhat/rhn/frontend/action/LoginAction.java @@ -14,19 +14,17 @@ */ package com.redhat.rhn.frontend.action;
-import com.redhat.rhn.common.db.ConstraintViolationException; import com.redhat.rhn.common.messaging.MessageQueue; import com.redhat.rhn.domain.org.Org; import com.redhat.rhn.domain.user.User; import com.redhat.rhn.frontend.events.UpdateErrataCacheEvent; -import com.redhat.rhn.frontend.servlets.PxtSessionDelegate; import com.redhat.rhn.frontend.servlets.PxtSessionDelegateFactory; -import com.redhat.rhn.frontend.struts.RequestContext; import com.redhat.rhn.frontend.struts.RhnAction; import com.redhat.rhn.frontend.struts.RhnValidationHelper; import com.redhat.rhn.manager.satellite.CertificateManager; import com.redhat.rhn.manager.user.UserManager;
+import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.time.StopWatch; import org.apache.log4j.Logger; import org.apache.struts.action.ActionErrors; @@ -38,10 +36,12 @@ import org.apache.struts.action.ActionMessages; import org.apache.struts.action.DynaActionForm;
import java.io.IOException; +import java.util.Date;
import javax.security.auth.login.LoginException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession;
/** * LoginAction @@ -52,20 +52,6 @@ public class LoginAction extends RhnAction { private static Logger log = Logger.getLogger(LoginAction.class); public static final String DEFAULT_URL_BOUNCE = "/rhn/YourRhn.do";
- // It is OK to maintain a PxtSessionDelegate instance because PxtSessionDelegate - // objects do not maintain client state. - private PxtSessionDelegate pxtDelegate; - - /** - * Initialize the action. - */ - public LoginAction() { - PxtSessionDelegateFactory pxtDelegateFactory = - PxtSessionDelegateFactory.getInstance(); - - pxtDelegate = pxtDelegateFactory.newPxtSessionDelegate(); - } - /** {@inheritDoc} */ public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, @@ -92,96 +78,87 @@ public class LoginAction extends RhnAction { addErrors(request, errors); return mapping.findForward("failure"); } - String username = (String) f.get("username"); - String password = (String) f.get("password"); - String urlBounce = (String) f.get("url_bounce"); - String requestMethod = (String) f.get("request_method");
ActionErrors e = new ActionErrors(); - User user = loginUser(username, password, request, response, e); - RequestContext ctx = new RequestContext(request); + User user = loginUser((String) f.get("username"), (String) f.get("password"), + request, response, e);
if (e.isEmpty()) { - if (urlBounce == null || urlBounce.trim().equals("") || - urlBounce.equals("/rhn/")) { - if (log.isDebugEnabled()) { - log.debug("2 - url bounce is empty using [" + DEFAULT_URL_BOUNCE + "]"); - } - urlBounce = DEFAULT_URL_BOUNCE; - } - if (requestMethod.equals("POST")) { - if (log.isDebugEnabled()) { - log.debug("2 - POST method used, using default url bounce [" + - DEFAULT_URL_BOUNCE + "]"); - } - urlBounce = DEFAULT_URL_BOUNCE; - } - if (urlBounce.trim().endsWith("Logout.do")) { - if (log.isDebugEnabled()) { - log.debug(" - handling special case of url_bounce=Logout.do"); - } - urlBounce = DEFAULT_URL_BOUNCE; - } - if (!urlBounce.trim().startsWith("/")) { - if (log.isDebugEnabled()) { - log.debug("2 - url bounce is not local using [" + - DEFAULT_URL_BOUNCE + "]"); - } - urlBounce = DEFAULT_URL_BOUNCE; - } - if (user != null) { - try { - publishUpdateErrataCacheEvent(user.getOrg()); - } - catch (ConstraintViolationException ex) { - log.error(ex); - User loggedInUser = ctx.getLoggedInUser(); - if (loggedInUser != null) { - request.setAttribute("loggedInUser", loggedInUser.getLogin()); - } - ret = mapping.findForward("error"); - return ret; - } - - } + successfulLogin(request, response, user); + } + else { + performGracePeriodCheck(request); + addErrors(request, e); + ret = mapping.findForward("failure"); + }
- if (log.isDebugEnabled()) { - log.debug("5 - redirecting to [" + urlBounce + "]"); - } - if (user != null) { - pxtDelegate.updateWebUserId(request, response, user.getId()); + return ret; + }
- try { + /** static method shared by LoginAction and LoginSetupAction + * @param request actual request + * @param response actual reponse + * @param user logged in user + * @return returns true, if redirect + */ + public static boolean successfulLogin(HttpServletRequest request, + HttpServletResponse response, User user) { + // set last logged in + user.setLastLoggedIn(new Date()); + UserManager.storeUser(user); + // update session with actual user + PxtSessionDelegateFactory.getInstance().newPxtSessionDelegate(). + updateWebUserId(request, response, user.getId()); + + publishUpdateErrataCacheEvent(user.getOrg()); + // redirect, if url_bounce set + HttpSession ws = request.getSession(false); + if (ws != null) { + String urlBounce = LoginAction.updateUrlBounce( + (String) ws.getAttribute("url_bounce"), + (String) ws.getAttribute("request_method")); + try { + if (urlBounce != null) { + log.info("redirect: " + urlBounce); response.sendRedirect(urlBounce); - return null; - } - catch (IOException ioe) { - throw new RuntimeException( - "Exception while trying to redirect: " + ioe); + return true; } } + catch (IOException e) { + e.printStackTrace(); + } + } + return false; + } + + /** + * update url_bounce + * @param urlBounce url_bounce + * @param requestMethod request method + * @return updated url_bounce + */ + public static String updateUrlBounce(String urlBounce, String requestMethod) { + if (StringUtils.isBlank(urlBounce)) { + urlBounce = DEFAULT_URL_BOUNCE; } else { - if (log.isDebugEnabled()) { - log.debug("6 - forwarding to failure"); + String urlBounceTrimmed = urlBounce.trim(); + if (urlBounceTrimmed.equals("/rhn/") || + urlBounceTrimmed.endsWith("Logout.do") || + !urlBounceTrimmed.startsWith("/")) { + urlBounce = DEFAULT_URL_BOUNCE; } - - performGracePeriodCheck(request); - - addErrors(request, e); - request.setAttribute("url_bounce", urlBounce); - ret = mapping.findForward("failure"); } - if (log.isDebugEnabled()) { - log.debug("7 - returning"); + if (requestMethod != null && requestMethod.equals("POST")) { + urlBounce = DEFAULT_URL_BOUNCE; } - return ret; + return urlBounce; }
/** * @param orgIn */ - private void publishUpdateErrataCacheEvent(Org orgIn) { + private static void publishUpdateErrataCacheEvent(Org orgIn) { StopWatch sw = new StopWatch(); if (log.isDebugEnabled()) { log.debug("Updating errata cache"); diff --git a/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java b/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java index db5fb00..1c22370 100644 --- a/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java +++ b/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java @@ -23,7 +23,6 @@ import com.redhat.rhn.domain.org.Org; import com.redhat.rhn.domain.org.OrgFactory; import com.redhat.rhn.domain.user.User; import com.redhat.rhn.domain.user.UserFactory; -import com.redhat.rhn.frontend.servlets.PxtSessionDelegateFactory; import com.redhat.rhn.frontend.struts.RhnAction; import com.redhat.rhn.frontend.struts.RhnHelper; import com.redhat.rhn.manager.acl.AclManager; @@ -38,14 +37,13 @@ import org.apache.log4j.Logger; import org.apache.struts.action.ActionForm; import org.apache.struts.action.ActionForward; import org.apache.struts.action.ActionMapping; -import org.apache.struts.action.DynaActionForm;
import java.io.UnsupportedEncodingException; -import java.util.Date; import java.util.HashMap;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession;
/** * LoginSetupAction @@ -113,30 +111,6 @@ public class LoginSetupAction extends RhnAction { return mapping.findForward("loggedin"); }
- // ok handle the case where we're doing the ReLogin page - String urlBounce = (String) request.getAttribute("url_bounce"); - String requestMethod = (String) request.getAttribute("request_method"); - - if (!StringUtils.isEmpty(urlBounce)) { - - if (log.isDebugEnabled()) { - log.debug("request.getAttribute(url_bounce): " + urlBounce); - } - - DynaActionForm f = (DynaActionForm)form; - f.set("url_bounce", urlBounce); - } - - if (!StringUtils.isEmpty(requestMethod)) { - - if (log.isDebugEnabled()) { - log.debug("request.getAttribute(request_method): " + requestMethod); - } - - DynaActionForm f = (DynaActionForm)form; - f.set("request_method", requestMethod); - } - String remoteUserString = request.getRemoteUser(); if (remoteUserString != null) {
@@ -195,19 +169,25 @@ public class LoginSetupAction extends RhnAction { } } if (remoteUser != null) { - remoteUser.setLastLoggedIn(new Date()); - UserManager.storeUser(remoteUser); - - PxtSessionDelegateFactory.getInstance().newPxtSessionDelegate(). - updateWebUserId(request, response, remoteUser.getId()); if (remoteUser.getPassword().equals(DEFAULT_KERB_USER_PASSWORD)) { createMessage(request, "message.kerbuserlogged", new String [] {remoteUserString}); } + if (LoginAction.successfulLogin(request, response, remoteUser)) { + return null; + } return mapping.findForward("loggedin"); } }
+ // store url_bounce set by pxt pages + String urlBounce = request.getParameter("url_bounce"); + if (!StringUtils.isBlank(urlBounce)) { + HttpSession hs = request.getSession(); + if (hs != null) { + hs.setAttribute("url_bounce", urlBounce); + } + } return mapping.findForward(RhnHelper.DEFAULT_FORWARD); }
diff --git a/java/code/src/com/redhat/rhn/frontend/security/PxtAuthenticationService.java b/java/code/src/com/redhat/rhn/frontend/security/PxtAuthenticationService.java index ab21725..55c0947 100644 --- a/java/code/src/com/redhat/rhn/frontend/security/PxtAuthenticationService.java +++ b/java/code/src/com/redhat/rhn/frontend/security/PxtAuthenticationService.java @@ -21,15 +21,14 @@ import com.redhat.rhn.frontend.servlets.PxtSessionDelegate;
import org.apache.commons.collections.set.UnmodifiableSet; import org.apache.commons.lang.StringUtils; - import java.io.IOException; import java.util.Set; import java.util.TreeSet;
-import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession;
/** * PxtAuthenticationService @@ -203,24 +202,29 @@ public class PxtAuthenticationService extends BaseAuthenticationService { try { StringBuffer redirectURI = new StringBuffer(request.getRequestURI()); String params = ServletUtils.requestParamsToQueryString(request); - String requestMethod = request.getMethod(); // don't want to put the ? in the url if there are no params if (!StringUtils.isEmpty(params)) { redirectURI.append("?"); - redirectURI.append(ServletUtils.requestParamsToQueryString(request)); + redirectURI.append(params); } - + String urlBounce = redirectURI.toString(); if (redirectURI.length() > MAX_URL_LENGTH) { - request.setAttribute("url_bounce", LoginAction.DEFAULT_URL_BOUNCE); - } - else { - request.setAttribute("url_bounce", redirectURI.toString()); + urlBounce = LoginAction.DEFAULT_URL_BOUNCE; }
- request.setAttribute("request_method", requestMethod); + HttpSession hs = request.getSession(); + if (hs != null) { + hs.setAttribute("url_bounce", urlBounce); + hs.setAttribute("request_method", request.getMethod()); + }
- RequestDispatcher dispatcher = request.getRequestDispatcher("/ReLogin.do"); - dispatcher.forward(request, response); + // in case of logout, let's redirect to Login2.go + // not to be immediately logged in via Kerberos ticket + if (urlBounce.equals("/rhn/")) { + response.sendRedirect("/rhn/Login2.do"); + return; + } + response.sendRedirect("/rhn/Login.do"); } catch (IOException e) { throw new ServletException(e); diff --git a/java/code/webapp/WEB-INF/pages/common/relogin.jsp b/java/code/webapp/WEB-INF/pages/common/relogin.jsp index 3398046..047ef97 100644 --- a/java/code/webapp/WEB-INF/pages/common/relogin.jsp +++ b/java/code/webapp/WEB-INF/pages/common/relogin.jsp @@ -25,8 +25,6 @@ <html:form styleId="loginForm" styleClass="form-horizontal col-md-6 col-md-offset-3 text-left" action="/ReLoginSubmit"> <rhn:csrf /> <%@ include file="/WEB-INF/pages/common/fragments/login_form.jspf" %> - <html:hidden property="url_bounce" /> - <html:hidden property="request_method" /> </html:form>
<c:set var="legal_note" scope="page" value="${rhn:getConfig('java.legal_note')}" /> diff --git a/java/code/webapp/WEB-INF/struts-config.xml b/java/code/webapp/WEB-INF/struts-config.xml index d7da319..6b57639 100644 --- a/java/code/webapp/WEB-INF/struts-config.xml +++ b/java/code/webapp/WEB-INF/struts-config.xml @@ -9,8 +9,6 @@ type="org.apache.struts.action.DynaActionForm"> <form-property name="username" type="java.lang.String"/> <form-property name="password" type="java.lang.String"/> - <form-property name="url_bounce" type="java.lang.String"/> - <form-property name="request_method" type="java.lang.String"/> </form-bean> <form-bean name="activationKeyForm" type="com.redhat.rhn.frontend.struts.ScrubbingDynaActionForm">
commit 0c2e919c6e6e5e4b329e25a090c00a6add20461d Author: Tomas Lestach tlestach@redhat.com Date: Wed Nov 20 14:51:53 2013 +0100
support logins using Kerberos ticket
diff --git a/java/code/src/com/redhat/rhn/common/conf/ConfigDefaults.java b/java/code/src/com/redhat/rhn/common/conf/ConfigDefaults.java index 46a3aa3..979bd51 100644 --- a/java/code/src/com/redhat/rhn/common/conf/ConfigDefaults.java +++ b/java/code/src/com/redhat/rhn/common/conf/ConfigDefaults.java @@ -157,6 +157,7 @@ public class ConfigDefaults { public static final String LOOKUP_EXCEPT_SEND_EMAIL = "lookup_exception_email";
public static final String KS_PARTITION_DEFAULT = "kickstart.partition.default"; + public static final String IPA_DEFAULT_USER_ORG = "java.ipa.default_user_org";
/** * System Currency defaults @@ -616,4 +617,16 @@ public class ConfigDefaults { public int getTaskoChannelRepodataWorkers() { return Config.get().getInt(TASKOMATIC_CHANNEL_REPODATA_WORKERS, 1); } + + /** + * Returns Max taskomatic channel repodata workers + * @return Max taskomatic channel repodata workers + */ + public Long getIpaDefaultUserOrgId() { + Integer ipaDefaultUserOrg = Config.get().getInteger(IPA_DEFAULT_USER_ORG); + if (ipaDefaultUserOrg != null) { + return ipaDefaultUserOrg.longValue(); + } + throw new ConfigException(IPA_DEFAULT_USER_ORG + " not set!"); + } } diff --git a/java/code/src/com/redhat/rhn/domain/user/User.java b/java/code/src/com/redhat/rhn/domain/user/User.java index ee8148f..a2b6642 100644 --- a/java/code/src/com/redhat/rhn/domain/user/User.java +++ b/java/code/src/com/redhat/rhn/domain/user/User.java @@ -243,6 +243,12 @@ public interface User { void setPassword(String passwordIn);
/** + * Sets the value of password as is to new value, no encryption + * @param passwordIn New raw value for password + */ + void setRawPassword(String passwordIn); + + /** * Gets the current value of lastLoggedIn * @return Date the current value */ diff --git a/java/code/src/com/redhat/rhn/domain/user/legacy/UserImpl.java b/java/code/src/com/redhat/rhn/domain/user/legacy/UserImpl.java index e5c83c4..f9b9ae0 100644 --- a/java/code/src/com/redhat/rhn/domain/user/legacy/UserImpl.java +++ b/java/code/src/com/redhat/rhn/domain/user/legacy/UserImpl.java @@ -155,6 +155,14 @@ public class UserImpl extends BaseDomainHelper implements User { }
/** + * Sets the value of password as is to new value, no encryption + * @param passwordIn New raw value for password + */ + public void setRawPassword(String passwordIn) { + this.password = passwordIn; + } + + /** * Sets the value of password to new value * @param passwordIn New value for password */ diff --git a/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java b/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java index cc700c3..db5fb00 100644 --- a/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java +++ b/java/code/src/com/redhat/rhn/frontend/action/LoginSetupAction.java @@ -14,14 +14,23 @@ */ package com.redhat.rhn.frontend.action;
+import com.redhat.rhn.common.conf.ConfigDefaults; import com.redhat.rhn.common.db.datasource.DataResult; import com.redhat.rhn.common.db.datasource.ModeFactory; import com.redhat.rhn.common.db.datasource.SelectMode; +import com.redhat.rhn.common.hibernate.LookupException; +import com.redhat.rhn.domain.org.Org; +import com.redhat.rhn.domain.org.OrgFactory; +import com.redhat.rhn.domain.user.User; +import com.redhat.rhn.domain.user.UserFactory; +import com.redhat.rhn.frontend.servlets.PxtSessionDelegateFactory; import com.redhat.rhn.frontend.struts.RhnAction; import com.redhat.rhn.frontend.struts.RhnHelper; import com.redhat.rhn.manager.acl.AclManager; import com.redhat.rhn.manager.satellite.CertificateManager; import com.redhat.rhn.manager.satellite.SystemCommandExecutor; +import com.redhat.rhn.manager.user.CreateUserCommand; +import com.redhat.rhn.manager.user.UpdateUserCommand; import com.redhat.rhn.manager.user.UserManager;
import org.apache.commons.lang.StringUtils; @@ -31,6 +40,8 @@ import org.apache.struts.action.ActionForward; import org.apache.struts.action.ActionMapping; import org.apache.struts.action.DynaActionForm;
+import java.io.UnsupportedEncodingException; +import java.util.Date; import java.util.HashMap;
import javax.servlet.http.HttpServletRequest; @@ -44,6 +55,7 @@ public class LoginSetupAction extends RhnAction {
private static Logger log = Logger.getLogger(LoginSetupAction.class); public static final String HAS_EXPIRED = "hasExpired"; + private static final String DEFAULT_KERB_USER_PASSWORD = "0";
/** {@inheritDoc} */ public ActionForward execute(ActionMapping mapping, @@ -125,9 +137,90 @@ public class LoginSetupAction extends RhnAction { f.set("request_method", requestMethod); }
+ String remoteUserString = request.getRemoteUser(); + if (remoteUserString != null) { + + String firstname = decodeFromIso88591( + (String) request.getAttribute("REMOTE_USER_FIRSTNAME"), ""); + String lastname = decodeFromIso88591( + (String) request.getAttribute("REMOTE_USER_LASTNAME"), ""); + String email = decodeFromIso88591( + (String) request.getAttribute("REMOTE_USER_EMAIL"), null); + + User remoteUser = null; + try { + log.info("REMOTE_USER_CUSTOM_N: " + + request.getAttribute("REMOTE_USER_CUSTOM_N")); + log.info("REMOTE_USER_GECOS: " + + request.getAttribute("REMOTE_USER_GECOS")); + log.info("REMOTE_USER_GROUPS: " + + request.getAttribute("REMOTE_USER_GROUPS")); + + remoteUser = UserFactory.lookupByLogin(remoteUserString); + + if (remoteUser.isDisabled()) { + createErrorMessage(request, "account.user.disabled", remoteUserString); + remoteUser = null; + } + else { + UpdateUserCommand updateCmd = new UpdateUserCommand(remoteUser); + updateCmd.setFirstNames(firstname); + updateCmd.setLastName(lastname); + updateCmd.setEmail(email); + updateCmd.updateUser(); + log.warn("Kerberos login " + remoteUserString + " (" + firstname + " " + + lastname + ")"); + } + } + catch (LookupException le) { + Long defaultOrgId = ConfigDefaults.get().getIpaDefaultUserOrgId(); + Org defaultOrg = OrgFactory.lookupById(defaultOrgId); + if (defaultOrg == null) { + log.warn("Cannot find organization with id: " + defaultOrgId); + } + else { + CreateUserCommand createCmd = new CreateUserCommand(); + createCmd.setLogin(remoteUserString); + // set a password, that cannot really be used + createCmd.setRawPassword(DEFAULT_KERB_USER_PASSWORD); + createCmd.setFirstNames(firstname); + createCmd.setLastName(lastname); + createCmd.setEmail(email); + createCmd.setOrg(defaultOrg); + createCmd.validate(); + createCmd.storeNewUser(); + remoteUser = createCmd.getUser(); + log.warn("Kerberos login " + remoteUserString + " (" + firstname + " " + + lastname + ") created."); + } + } + if (remoteUser != null) { + remoteUser.setLastLoggedIn(new Date()); + UserManager.storeUser(remoteUser); + + PxtSessionDelegateFactory.getInstance().newPxtSessionDelegate(). + updateWebUserId(request, response, remoteUser.getId()); + if (remoteUser.getPassword().equals(DEFAULT_KERB_USER_PASSWORD)) { + createMessage(request, "message.kerbuserlogged", + new String [] {remoteUserString}); + } + return mapping.findForward("loggedin"); + } + } + return mapping.findForward(RhnHelper.DEFAULT_FORWARD); }
+ private String decodeFromIso88591(String string, String defaultString) { + try { + return new String(string.getBytes("ISO8859-1"), "UTF-8"); + } + catch (UnsupportedEncodingException e) { + log.warn("Unable to decode: " + string); + return defaultString; + } + } + private String getRpmSchemaVersion(String schemaName) { String[] rpmCommand = new String[4]; rpmCommand[0] = "rpm"; diff --git a/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml b/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml index 1f43de8..062a0ba 100644 --- a/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml +++ b/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml @@ -988,6 +988,12 @@ <context context-type="sourcefile">Login or Logout</context> </context-group> </trans-unit> + <trans-unit id="account.user.disabled"> + <source>Account {0} has been deactivated.</source> + <context-group name="ctx"> + <context context-type="sourcefile">Login or Logout</context> + </context-group> + </trans-unit> <trans-unit id="user.enable"> <source>Reactivated user <strong>{0}</strong>.</source> <context-group name="ctx"> @@ -5220,6 +5226,12 @@ user before attempting to deactivate their account.</source> <context context-type="sourcefile">Navigation Menu</context> </context-group> </trans-unit> + <trans-unit id="message.kerbuserlogged"> + <source>You've logged as <strong>{0}</strong> using the Kerberos ticket. To be able to login using this account without Kerberos ticket, please set your password on <a href="/rhn/account/UserDetails.do"><strong>{0} user page</strong></a>.</source> + <context-group name="ctx"> + <context context-type="sourcefile">Navigation Menu</context> + </context-group> + </trans-unit> <trans-unit id="satellite.expired"> <source>Your satellite certificate has expired. Please visit the following link for steps on how to request or generate a new certificate: <a href="https://access.redhat.com/knowledge/tools/satcert%22%3Ehttps://access.redhat...;</source> <context-group name="ctx"> diff --git a/java/code/src/com/redhat/rhn/manager/user/CreateUserCommand.java b/java/code/src/com/redhat/rhn/manager/user/CreateUserCommand.java index c0097a0..f375ed6 100644 --- a/java/code/src/com/redhat/rhn/manager/user/CreateUserCommand.java +++ b/java/code/src/com/redhat/rhn/manager/user/CreateUserCommand.java @@ -285,6 +285,14 @@ public class CreateUserCommand { }
/** + * @param passwordIn The raw password to set + */ + public void setRawPassword(String passwordIn) { + passwordErrors = new ArrayList(); //init password errors list + user.setRawPassword(passwordIn); + } + + /** * @param passwordIn The password to set */ public void setPassword(String passwordIn) {
spacewalk-commits@lists.fedorahosted.org