From 256e2c1356d1e23609bb6e18891d549cb15a1901 Mon Sep 17 00:00:00 2001 From: Robert Tansley Date: Fri, 26 Jul 2002 16:28:03 +0000 Subject: [PATCH] - Added registration and forgotten password pages. - Misc other fixes. git-svn-id: http://scm.dspace.org/svn/repo/trunk@242 9c30dcfa-912a-0410-8fc2-9e0234be79fd --- dspace/jsp/WEB-INF/web.xml | 28 + dspace/jsp/error/require-certificate.jsp | 62 +++ dspace/jsp/register/already-registered.jsp | 63 +++ dspace/jsp/register/edit-profile.jsp | 2 +- dspace/jsp/register/forgot-password.jsp | 100 ++++ dspace/jsp/register/inactive-account.jsp | 57 +++ dspace/jsp/register/invalid-token.jsp | 83 +++ dspace/jsp/register/new-password.jsp | 113 ++++ dspace/jsp/register/new-user.jsp | 110 ++++ dspace/jsp/register/password-changed.jsp | 56 ++ dspace/jsp/register/password-token-sent.jsp | 55 ++ dspace/jsp/register/registered.jsp | 70 +++ dspace/jsp/register/registration-form.jsp | 134 +++++ dspace/jsp/register/registration-sent.jsp | 55 ++ .../app/webui/servlet/PasswordServlet.java | 2 +- .../app/webui/servlet/RegisterServlet.java | 481 ++++++++++++++++++ .../webui/servlet/X509CertificateServlet.java | 2 +- .../org/dspace/eperson/AccountManager.java | 4 +- 18 files changed, 1472 insertions(+), 5 deletions(-) create mode 100644 dspace/jsp/error/require-certificate.jsp create mode 100644 dspace/jsp/register/already-registered.jsp create mode 100644 dspace/jsp/register/forgot-password.jsp create mode 100644 dspace/jsp/register/inactive-account.jsp create mode 100644 dspace/jsp/register/invalid-token.jsp create mode 100644 dspace/jsp/register/new-password.jsp create mode 100644 dspace/jsp/register/new-user.jsp create mode 100644 dspace/jsp/register/password-changed.jsp create mode 100644 dspace/jsp/register/password-token-sent.jsp create mode 100644 dspace/jsp/register/registered.jsp create mode 100644 dspace/jsp/register/registration-form.jsp create mode 100644 dspace/jsp/register/registration-sent.jsp create mode 100644 dspace/src/org/dspace/app/webui/servlet/RegisterServlet.java diff --git a/dspace/jsp/WEB-INF/web.xml b/dspace/jsp/WEB-INF/web.xml index 0b94ed751b..1d7e616c67 100644 --- a/dspace/jsp/WEB-INF/web.xml +++ b/dspace/jsp/WEB-INF/web.xml @@ -130,6 +130,15 @@ org.dspace.app.webui.servlet.FeedbackServlet + + forgot + org.dspace.app.webui.servlet.RegisterServlet + + register + false + + + items-by-author org.dspace.app.webui.servlet.ItemsByAuthorServlet @@ -160,6 +169,15 @@ org.dspace.app.webui.servlet.EditProfileServlet + + register + org.dspace.app.webui.servlet.RegisterServlet + + register + true + + + retrieve org.dspace.app.webui.servlet.RetrieveServlet @@ -213,6 +231,11 @@ /feedback + + forgot + /forgot + + items-by-author /items-by-author @@ -243,6 +266,11 @@ /profile + + register + /register + + retrieve /retrieve/* diff --git a/dspace/jsp/error/require-certificate.jsp b/dspace/jsp/error/require-certificate.jsp new file mode 100644 index 0000000000..27a2756d92 --- /dev/null +++ b/dspace/jsp/error/require-certificate.jsp @@ -0,0 +1,62 @@ +<%-- + - require-certificate.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Message informing MIT user they need to use a certificate to log in + - FIXME: MIT-specific message + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + + + +

Certificate Required

+ +

MIT users must log in using a valid MIT Web personal certificate. + See the MIT Information Systems + Web certificate information page.

+ +

If you are not an MIT user, or you feel that there are extenuating + circumstances that mean you should not be required to use a certificate, + please contact us.

+ + <%@ include file="/components/contact-info.jsp" %> + + diff --git a/dspace/jsp/register/already-registered.jsp b/dspace/jsp/register/already-registered.jsp new file mode 100644 index 0000000000..a34e41d33d --- /dev/null +++ b/dspace/jsp/register/already-registered.jsp @@ -0,0 +1,63 @@ +<%-- + - already-registered.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Message informing user who's tried to register that they're registered + - already + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + + + +

Already Registered

+ +

Our records show that you've already registered with DSpace and have + an active account with us.

+ +

If you are not an MIT user you can + set a new password if + you've forgotten it.

+ +

If you're having trouble logging in, please contact us.

+ + <%@ include file="/components/contact-info.jsp" %> + + diff --git a/dspace/jsp/register/edit-profile.jsp b/dspace/jsp/register/edit-profile.jsp index fb8fdf09c4..867cd23127 100644 --- a/dspace/jsp/register/edit-profile.jsp +++ b/dspace/jsp/register/edit-profile.jsp @@ -75,7 +75,7 @@ <% } - if( passwordProblem) + if (passwordProblem) { %>

The passwords you enter below must match, and need to be at diff --git a/dspace/jsp/register/forgot-password.jsp b/dspace/jsp/register/forgot-password.jsp new file mode 100644 index 0000000000..70fec266d6 --- /dev/null +++ b/dspace/jsp/register/forgot-password.jsp @@ -0,0 +1,100 @@ +<%-- + - forgot-password.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Forgotten password DSpace form + - + - Form where new users enter their email address to get a token to enter a + - new password. + - + - Attributes to pass in: + - retry - if set, this is a retry after the user entered an invalid email + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + +<%@ page import="org.dspace.app.webui.servlet.RegisterServlet" %> + +<% + boolean retry = (request.getAttribute("retry") != null); +%> + + + +

Forgotten Password

+ +<% + if (retry) + { +%> +

The e-mail address you entered was not recognised. Please + try again.

+<% + } +%> +

Please enter your e-mail + address in the box below and click "I Forgot My Password". You'll be sent + an e-mail which will allow you to set a new password.

+ +
+ + +
+ + + + +
+ + + + + + + + +
E-mail Address:
+ +
+
+
+
+ + diff --git a/dspace/jsp/register/inactive-account.jsp b/dspace/jsp/register/inactive-account.jsp new file mode 100644 index 0000000000..715e64c5e2 --- /dev/null +++ b/dspace/jsp/register/inactive-account.jsp @@ -0,0 +1,57 @@ +<%-- + - inactive-account.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Message informing user who said they'd forgot their password that their + - account is inactive. + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + + +

Inactive Account

+ +

The e-mail address you entered corresponds to an inactive account. + Perhaps you haven't yet + registered yet. Please feel free to contact the site administrators + with any queries.

+ + <%@ include file="/components/contact-info.jsp" %> + diff --git a/dspace/jsp/register/invalid-token.jsp b/dspace/jsp/register/invalid-token.jsp new file mode 100644 index 0000000000..b9f0f723e6 --- /dev/null +++ b/dspace/jsp/register/invalid-token.jsp @@ -0,0 +1,83 @@ +<%-- + - invalid-token.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + +<%-- + - Invalid token sent message. + --%> + + + +

Invalid Token

+ +

The registration or forgotten password "token" in the URL is invalid. + This may be because of one of the following reasons:

+ +
    +
  • A token is only valid for around two weeks after we mail it to you. + If it's been a while since you selected "Register" or "I forgot my + password", you should try again.
    • + +
  • The token might be incorrectly copied into the URL. Some e-mail + programs will "wrap" long lines of text in an email, so maybe it split + your special URL up into two lines, like this: + + 
    +<%= request.getContextPath() %>/register?token=ABCDEFGHIJK
+LMNOP
+
    + + If it has, you should copy and paste the first line into your browser's + address bar, then copy the second line, and paste into the address bar + just on the end of the first line, making sure there are no spaces. The + address bar should then contain something like: + + 
    +<%= request.getContextPath() %>/register?token=ABCDEFGHIJKLMNOP
+
    + + Then press return in the address bar, and the URL should work fine.
    • +
+ +

If you're still having trouble, please contact us.

+ + <%@ include file="/components/contact-info.jsp" %> + diff --git a/dspace/jsp/register/new-password.jsp b/dspace/jsp/register/new-password.jsp new file mode 100644 index 0000000000..00b2ff48f7 --- /dev/null +++ b/dspace/jsp/register/new-password.jsp @@ -0,0 +1,113 @@ +<%-- + - new-password.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - New password form + - + - Form where users can enter a new password, after having been sent a token + - because they forgot the old one. + - + - Attributes to pass in: + - eperson - the eperson + - key - the token key associated with this password setting + - password.problem - Boolean true if the user has already tried a password + - which is for some reason unnacceptible + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + +<%@ page import="org.dspace.app.webui.servlet.RegisterServlet" %> +<%@ page import="org.dspace.eperson.EPerson" %> + +<% + EPerson eperson = (EPerson) request.getAttribute("eperson"); + String key = (String) request.getAttribute( "key" ); + Boolean attr = (Boolean) request.getAttribute("password.problem"); + + boolean passwordProblem = (attr != null && attr.booleanValue()); +%> + + + +

Enter a New Password

+ +

Hello <%= eperson.getFullName() %>,

+ +<% + if (passwordProblem) + { +%> +

The passwords you enter below must match, and need to be at + least 6 characters long.

+<% + } +%> + +

Please enter a new password into the box below, and confirm it by typing it + again into the second box. It should be at least six characters long.

+ +
+ + + + +
+ + + + + + + + + + + + +
New Password:
Again to Confirm:
+ +
+
+ + + +
+ + diff --git a/dspace/jsp/register/new-user.jsp b/dspace/jsp/register/new-user.jsp new file mode 100644 index 0000000000..b37b5c059e --- /dev/null +++ b/dspace/jsp/register/new-user.jsp @@ -0,0 +1,110 @@ +<%-- + - new-user.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Register with DSpace form + - + - Form where new users enter their email address to get a token to access + - the personal info page. + - + - Attributes to pass in: + - retry - if set, this is a retry after the user entered an invalid email + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + +<%@ page import="org.dspace.app.webui.servlet.RegisterServlet" %> + +<% + boolean retry = (request.getAttribute("retry") != null); +%> + + + +

User Registration

+ +<% + if (retry) + { +%> +

The e-mail address you entered was not recognised. Please + try again. +<% + } + else + { +%> +

If you've never logged on to DSpace before, please enter your e-mail + address in the box below and click "Register". +<% + } +%> Note that currently, the + DSpace service is only available to users who have been already registered + to use the DSpace system by their group, department, or laboratory.

+ +
+ + + + + + + +
+ + + + + + + + +
E-mail Address:
+ +
+
+
+ +

If you or your department are interested in registering with DSpace, please + contact the DSpace site administrators.

+ + <%@ include file="/components/contact-info.jsp" %> + + diff --git a/dspace/jsp/register/password-changed.jsp b/dspace/jsp/register/password-changed.jsp new file mode 100644 index 0000000000..78d25c4951 --- /dev/null +++ b/dspace/jsp/register/password-changed.jsp @@ -0,0 +1,56 @@ +<%-- + - password-token-sent.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Password changed message + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + + + +

Password Changed

+ +

Thank you, your new password has been set and is active immediately.

+ +

Go to DSpace Home

+ + + diff --git a/dspace/jsp/register/password-token-sent.jsp b/dspace/jsp/register/password-token-sent.jsp new file mode 100644 index 0000000000..7077b68f9c --- /dev/null +++ b/dspace/jsp/register/password-token-sent.jsp @@ -0,0 +1,55 @@ +<%-- + - password-token-sent.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Forgot password token sent message. + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + + + +

New Password E-mail Sent

+ +

You have been sent an e-mail containing a special URL. When you visit + this URL, you will be able to set a new password to carry on using DSpace.

+ + + diff --git a/dspace/jsp/register/registered.jsp b/dspace/jsp/register/registered.jsp new file mode 100644 index 0000000000..672c399384 --- /dev/null +++ b/dspace/jsp/register/registered.jsp @@ -0,0 +1,70 @@ +<%-- + - registered.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Registered OK message + - + - Displays a message indicating that the user has registered OK. + - + - Attributes to pass in: + - eperson - eperson who's just registered + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + +<%@ page import="org.dspace.app.webui.servlet.RegisterServlet" %> +<%@ page import="org.dspace.eperson.EPerson" %> + +<% + EPerson eperson = (EPerson) request.getAttribute("eperson"); +%> + + + +

Registration Complete

+ +

Thank you <%= eperson.getFirstName() %>,

+ +

You're now registered to use the DSpace system. You can log into the + system, view areas of the site reserved for registered users, and start + submitting your work.

+ +

Return to DSpace Home

+ diff --git a/dspace/jsp/register/registration-form.jsp b/dspace/jsp/register/registration-form.jsp new file mode 100644 index 0000000000..fcf8d8f9e1 --- /dev/null +++ b/dspace/jsp/register/registration-form.jsp @@ -0,0 +1,134 @@ +<%-- + - registration-form.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Registration information form + - + - Form where new users enter their personal information and select a + - password. + - + - Attributes to pass in: + - + - eperson - the EPerson who's registering + - key - the token key they've been given for registering + - missing.fields - if a Boolean true, the user hasn't entered enough + - information on the form during a previous attempt + - password.problem - if a Boolean true, there's a problem with password + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + +<%@ page import="org.dspace.app.webui.servlet.RegisterServlet" %> +<%@ page import="org.dspace.eperson.EPerson" %> + +<% + EPerson eperson = (EPerson) request.getAttribute( "eperson" ); + String key = (String) request.getAttribute( "key" ); + + Boolean attr = (Boolean) request.getAttribute("missing.fields"); + boolean missingFields = (attr != null && attr.booleanValue()); + + attr = (Boolean) request.getAttribute("password.problem"); + boolean passwordProblem = (attr != null && attr.booleanValue()); +%> + + + +

Registration Information

+ +<% + if (missingFields) + { +%> +

Please fill out all of the required fields.

+<% + } + + if( passwordProblem) + { +%> +

The passwords you enter below must match, and need to be at + least 6 characters long.

+<% + } +%> + +

Please enter the following information. The fields marked with a * are + required.

+ +
+ + <%@ include file="/register/profile-form.jsp" %> + +<% + // Only show password update section if the user doesn't use + // certificates + if (eperson.getRequireCertificate() == false) + { +%> +

Please choose a password and enter it into the box below, and confirm it by typing it + again into the second box. It should be at least six characters long.

+ + + + + +
+ + + + + + + + + +
Password:
Again to Confirm:
+
+<% + } +%> + + + + +

+
+ diff --git a/dspace/jsp/register/registration-sent.jsp b/dspace/jsp/register/registration-sent.jsp new file mode 100644 index 0000000000..0050507f25 --- /dev/null +++ b/dspace/jsp/register/registration-sent.jsp @@ -0,0 +1,55 @@ +<%-- + - inactive-account.jsp + - + - Version: $Revision$ + - + - Date: $Date$ + - + - Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + - Institute of Technology. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - - Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - - Redistributions in binary form must reproduce the above copyright + - notice, this list of conditions and the following disclaimer in the + - documentation and/or other materials provided with the distribution. + - + - - Neither the name of the Hewlett-Packard Company nor the name of the + - Massachusetts Institute of Technology nor the names of their + - contributors may be used to endorse or promote products derived from + - this software without specific prior written permission. + - + - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + - ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + - HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + - INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + - OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + - ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + - TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + - DAMAGE. + --%> + +<%-- + - Registration token sent message. + --%> + +<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %> + + + +

Registration E-mail Sent

+ +

You have been sent an e-mail containing a special URL, or "token". When + you visit this URL, you will need to fill out some simple information. + After that, you'll be ready to submit your work to DSpace!

+ + diff --git a/dspace/src/org/dspace/app/webui/servlet/PasswordServlet.java b/dspace/src/org/dspace/app/webui/servlet/PasswordServlet.java index e4c82537fa..0fa0c38c60 100644 --- a/dspace/src/org/dspace/app/webui/servlet/PasswordServlet.java +++ b/dspace/src/org/dspace/app/webui/servlet/PasswordServlet.java @@ -102,7 +102,7 @@ public class PasswordServlet extends DSpaceServlet // they must use a certificate JSPManager.showJSP(request, response, - "/login/require-certificate.jsp"); + "/error/require-certificate.jsp"); return; } else if (eperson.checkPassword(password)) diff --git a/dspace/src/org/dspace/app/webui/servlet/RegisterServlet.java b/dspace/src/org/dspace/app/webui/servlet/RegisterServlet.java new file mode 100644 index 0000000000..43882fb550 --- /dev/null +++ b/dspace/src/org/dspace/app/webui/servlet/RegisterServlet.java @@ -0,0 +1,481 @@ +/* + * RegisterServlet.java + * + * Version: $Revision$ + * + * Date: $Date$ + * + * Copyright (c) 2001, Hewlett-Packard Company and Massachusetts + * Institute of Technology. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of the Hewlett-Packard Company nor the name of the + * Massachusetts Institute of Technology nor the names of their + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + */ + +package org.dspace.app.webui.servlet; + +import java.io.IOException; +import java.sql.SQLException; +import javax.mail.MessagingException; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.log4j.Logger; + +import org.dspace.app.webui.util.JSPManager; +import org.dspace.app.webui.util.UIUtil; +import org.dspace.authorize.AuthorizeException; +import org.dspace.core.Context; +import org.dspace.core.LogManager; +import org.dspace.eperson.AccountManager; +import org.dspace.eperson.EPerson; + + +/** + * Servlet for handling user registration and forgotten passwords. + *

+ * This servlet handles both forgotten passwords and initial registration of + * users. Which it handles depends on the initialisation parameter + * "register" - if it's "true", it is treated as an initial registration + * and the user is asked to input their personal information. + *

+ * The sequence of events is this: The user clicks on "register" or "I forgot + * my password." This servlet then displays the relevant "enter your e-mail" + * form. An e-mail address is POSTed back, and if this is valid, a token + * is created and e-mailed, otherwise an error is displayed, with another + * "enter your e-mail" form. + *

+ * When the user clicks on the token URL mailed to them, this servlet receives + * a GET with the token as the parameter "KEY". If this is a valid token, + * the servlet then displays the "edit profile" or "edit password" screen + * as appropriate. + */ +public class RegisterServlet extends DSpaceServlet +{ + + /** Logger */ + private static Logger log = Logger.getLogger(RegisterServlet.class); + + /** The "enter e-mail" step */ + public static final int ENTER_EMAIL_PAGE = 1; + + /** The "enter personal info" page */ + public static final int PERSONAL_INFO_PAGE = 2; + + /** The simple "enter new password" page */ + public static final int NEW_PASSWORD_PAGE = 3; + + /** true = registering users, false = forgotten passwords */ + private boolean registering; + + + public void init() + { + registering = getInitParameter("register").equalsIgnoreCase("true"); + } + + + protected void doDSGet(Context context, + HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException, SQLException, AuthorizeException + { + /* Respond to GETs. A simple GET with no parameters will display + * the relevant "type in your e-mail" form. A GET with a "key" + * parameter will go to the "enter personal info" or "enter new + * password" page as appropriate. + */ + + // Get the key + String key = request.getParameter("token"); + + if (key == null) + { + // Simple "enter your e-mail" page + if (registering) + { + // Registering a new user + JSPManager.showJSP(request, response, "/register/new-user.jsp"); + } + else + { + // User forgot their password + JSPManager.showJSP(request, + response, + "/register/forgot-password.jsp"); + } + } + else + { + // Find out who the key is for + EPerson eperson = AccountManager.getEPerson(context, key); + + /* Display an error if it's: + * An invalid token + * An active eperson is trying to register + * An active eperson who needs to use certs is trying to set a p/w + * An inactive (unregistered) eperson is trying to set a new p/w + */ + if (eperson == null || + (eperson.getActive() && registering) || + (eperson.getActive() && eperson.getRequireCertificate() && registering) || + (!registering && !eperson.getActive())) + { + // Invalid token + JSPManager.showJSP(request, + response, + "/register/invalid-token.jsp"); + return; + } + + // Both forms need an EPerson object + request.setAttribute("eperson", eperson); + + // And the token + request.setAttribute("key", key); + + // Put up the relevant form + if (registering) + { + JSPManager.showJSP(request, + response, + "/register/registration-form.jsp"); + } + else + { + JSPManager.showJSP(request, + response, + "/register/new-password.jsp"); + } + } + } + + + protected void doDSPost(Context context, + HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException, SQLException, AuthorizeException + { + /* + * POSTs are the result of entering an e-mail in the + * "forgot my password" or "new user" forms, or the "enter profile + * information" or "enter new password" forms. + */ + + // First get the step + int step = UIUtil.getIntParameter(request, "step"); + + switch (step) + { + case ENTER_EMAIL_PAGE: + processEnterEmail(context, request, response); + break; + + case PERSONAL_INFO_PAGE: + processPersonalInfo(context, request, response); + break; + + case NEW_PASSWORD_PAGE: + processNewPassword(context, request, response); + break; + + default: + log.warn(LogManager.getHeader(context, + "integrity_error", + UIUtil.getRequestLogInfo(request))); + JSPManager.showIntegrityError(request, response); + } + } + + /** + * Process information from the "enter e-mail" page. If the e-mail + * corresponds to a valid user of the system, a token is generated + * and sent to that user. + * + * @param context current DSpace context + * @param request current servlet request object + * @param response current servlet response object + */ + private void processEnterEmail(Context context, + HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException, SQLException, AuthorizeException + { + String email = request.getParameter("email"); + + EPerson eperson = EPerson.findByEmail(context, email); + + if (eperson != null) + { + // Can't register an already active user + if (eperson.getActive() && registering) + { + log.info(LogManager.getHeader(context, + "already_registered", + "email=" + email)); + + JSPManager.showJSP(request, + response, + "/register/already-registered.jsp"); + return; + } + + // Can't give new password to inactive user + if (!eperson.getActive() && !registering) + { + log.info(LogManager.getHeader(context, + "unregistered_forgot_password", + "email=" + email)); + + JSPManager.showJSP(request, + response, + "/register/inactive-account.jsp"); + return; + } + + // User that requires certificate can't get password + if (eperson.getRequireCertificate() && !registering) + { + log.info(LogManager.getHeader(context, + "certificate_user_forgot_password", + "email=" + email)); + + JSPManager.showJSP(request, + response, + "/error/require-certificate.jsp"); + return; + } + + // Now send info. + try + { + if (registering) + { + log.info(LogManager.getHeader(context, + "sendtoken_register", + "email=" + email)); + + AccountManager.sendRegistrationInfo(context, email); + JSPManager.showJSP(request, + response, + "/register/registration-sent.jsp"); + } + else + { + log.info(LogManager.getHeader(context, + "sendtoken_forgotpw", + "email=" + email)); + + AccountManager.sendForgotPasswordInfo(context, email); + JSPManager.showJSP(request, + response, + "/register/password-token-sent.jsp"); + } + + // Context needs completing to write registration data + context.complete(); + } + catch (MessagingException me) + { + log.info(LogManager.getHeader(context, + "error_emailing", + "email=" + email), + me); + + JSPManager.showInternalError(request, response); + } + } + else + { + log.info(LogManager.getHeader(context, + "unknown_email", + "email=" + email)); + + request.setAttribute("retry", new Boolean(true)); + + if (registering) + { + JSPManager.showJSP(request, + response, + "/register/new-user.jsp"); + } + else + { + JSPManager.showJSP(request, + response, + "/register/forgot-password.jsp"); + } + } + } + + /** + * Process information from "Personal information page" + * + * @param context current DSpace context + * @param request current servlet request object + * @param response current servlet response object + */ + private void processPersonalInfo(Context context, + HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException, SQLException, AuthorizeException + { + // Get the key + String key = request.getParameter("key"); + + // Get the eperson associated with the registration + EPerson eperson = AccountManager.getEPerson(context, key); + + // If the token isn't valid, show an error + if (eperson == null) + { + log.info(LogManager.getHeader(context, + "invalid_token", + "token=" + key)); + + // Invalid token + JSPManager.showJSP(request, + response, + "/register/invalid-token.jsp"); + return; + } + + // Set the user profile info + boolean infoOK = EditProfileServlet.updateUserProfile(eperson, request); + + boolean passwordOK = true; + + if (eperson.getRequireCertificate() == false) + { + passwordOK = EditProfileServlet.confirmAndSetPassword(eperson, + request); + } + + if (!infoOK) + { + request.setAttribute("missing.fields", new Boolean(true)); + } + + if (!passwordOK) + { + request.setAttribute("password.problem", new Boolean(true)); + } + + request.setAttribute("eperson", eperson); + + // Forward to appropriate page + if (infoOK && passwordOK) + { + log.info(LogManager.getHeader(context, + "usedtoken_register", + "email=" + eperson.getEmail())); + + // delete the token + AccountManager.deleteToken(context, key); + + // Set the user as active and update + eperson.setActive(true); + eperson.update(); + + JSPManager.showJSP(request, response, "/register/registered.jsp"); + context.complete(); + } + else + { + request.setAttribute("key", key); + + JSPManager.showJSP(request, + response, + "/register/registration-form.jsp"); + } + } + + + /** + * Process information from "enter new password" + * + * @param context current DSpace context + * @param request current servlet request object + * @param response current servlet response object + */ + private void processNewPassword(Context context, + HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException, SQLException, AuthorizeException + { + // Get the key + String key = request.getParameter("key"); + + // Get the eperson associated with the password change + EPerson eperson = AccountManager.getEPerson(context, key); + + // If the token isn't valid, show an error + if (eperson == null) + { + log.info(LogManager.getHeader(context, + "invalid_token", + "token=" + key)); + + // Invalid token + JSPManager.showJSP(request, + response, + "/register/invalid-token.jsp"); + return; + } + + // Confirm and set the password + boolean passwordOK = EditProfileServlet.confirmAndSetPassword( + eperson, request); + + if (passwordOK) + { + log.info(LogManager.getHeader(context, + "usedtoken_forgotpw", + "email=" + eperson.getEmail())); + + AccountManager.deleteToken(context, key); + + JSPManager.showJSP(request, + response, + "/register/password-changed.jsp"); + context.complete(); + } + else + { + request.setAttribute("password.problem", new Boolean(true)); + request.setAttribute("key", key); + + JSPManager.showJSP(request, + response, + "/register/new-password.jsp"); + } + } +} diff --git a/dspace/src/org/dspace/app/webui/servlet/X509CertificateServlet.java b/dspace/src/org/dspace/app/webui/servlet/X509CertificateServlet.java index 9cd32be45f..fe65154a5d 100644 --- a/dspace/src/org/dspace/app/webui/servlet/X509CertificateServlet.java +++ b/dspace/src/org/dspace/app/webui/servlet/X509CertificateServlet.java @@ -129,7 +129,7 @@ public class X509CertificateServlet extends DSpaceServlet EPerson eperson = X509Manager.getUser(context, certs[0]); // Do we have an e-person? - if (eperson != null) + if (eperson != null && eperson.getActive()) { // Everything OK - log them in. Authenticate.loggedIn(context, request, eperson); diff --git a/dspace/src/org/dspace/eperson/AccountManager.java b/dspace/src/org/dspace/eperson/AccountManager.java index 08821384d0..e389d5e6aa 100644 --- a/dspace/src/org/dspace/eperson/AccountManager.java +++ b/dspace/src/org/dspace/eperson/AccountManager.java @@ -220,7 +220,7 @@ public class AccountManager // So FIRST leave some breadcrumbs if (log.isDebugEnabled()) log.debug("Created callback " + - rd.getIntColumn("id") + + rd.getIntColumn("registrationdata_id") + " with token " + rd.getStringColumn("token") + " for eperson " + ep.getID() + " with email \"" + email + "\""); @@ -250,7 +250,7 @@ public class AccountManager TableRow rd) throws MessagingException, IOException { - String base = ConfigurationManager.getProperty("url.base"); + String base = ConfigurationManager.getProperty("dspace.url"); // Note change from "key=" to "token=" String specialLink = new StringBuffer()