diff options
author | Eike Stepper | 2013-10-25 07:36:28 +0000 |
---|---|---|
committer | Christian W. Damus | 2013-10-25 15:20:05 +0000 |
commit | 1851055a45b9e47e92949ff4a4dd6d99c831fdfb (patch) | |
tree | 25bfba9e6146d33316a48ead249305a479b7dfff | |
parent | 98dd1927de57f31ef26e6f265a2879eec3ba350c (diff) | |
download | cdo-1851055a45b9e47e92949ff4a4dd6d99c831fdfb.tar.gz cdo-1851055a45b9e47e92949ff4a4dd6d99c831fdfb.tar.xz cdo-1851055a45b9e47e92949ff4a4dd6d99c831fdfb.zip |
[399306] [Security] Add password management
https://bugs.eclipse.org/bugs/show_bug.cgi?id=399306
35 files changed, 266 insertions, 244 deletions
diff --git a/features/org.eclipse.emf.cdo-feature/feature.xml b/features/org.eclipse.emf.cdo-feature/feature.xml index 610fefc650..4b68bec29d 100644 --- a/features/org.eclipse.emf.cdo-feature/feature.xml +++ b/features/org.eclipse.emf.cdo-feature/feature.xml @@ -8,7 +8,7 @@ Contributors: Eike Stepper - initial API and implementation - Christian W. Damus (CEA LIST) - 399306 + Christian W. Damus (CEA LIST) - bug 399306 --> <feature id="org.eclipse.emf.cdo" diff --git a/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java b/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java index 7b61fe965e..547ff419c5 100644 --- a/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java +++ b/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java @@ -10,7 +10,7 @@ * Simon McDuff - bug 230832 * Simon McDuff - bug 233490 * Simon McDuff - bug 213402 - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.common.protocol; @@ -261,22 +261,22 @@ public interface CDOProtocolConstants public static final short SIGNAL_LOAD_PERMISSIONS = 55; /** - * Server's request to the client for new credentials. - * + * Client's request to the server to initiate a change-credentials operation. + * * @since 4.3 - * - * @see #SIGNAL_REQUEST_CHANGE_CREDENTIALS + * + * @see #SIGNAL_CREDENTIALS_CHALLENGE */ public static final short SIGNAL_CHANGE_CREDENTIALS = 56; /** - * Client's request to the server to initiate a change-credentials operation. - * + * Server's request to the client for new credentials. + * * @since 4.3 - * + * * @see #SIGNAL_CHANGE_CREDENTIALS */ - public static final short SIGNAL_REQUEST_CHANGE_CREDENTIALS = 57; + public static final short SIGNAL_CREDENTIALS_CHALLENGE = 57; // ////////////////////////////////////////////////////////////////////// // Session Refresh diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java index f57a31726c..1820111348 100644 --- a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java +++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java @@ -13,7 +13,7 @@ * Simon McDuff - bug 213402 * Victor Roldan Betancort - maintenance * Andre Dietisheim - bug 256649 - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.internal.net4j; @@ -297,17 +297,15 @@ public class CDONet4jSessionImpl extends CDOSessionImpl implements org.eclipse.e public void changeCredentials() { - // send a request to the server to initiate (from the server) the password change protocol + // Send a request to the server to initiate (from the server) the password change protocol CDOSessionProtocol sessionProtocol = getSessionProtocol(); - sessionProtocol.requestChangeCredentials(); } public void resetCredentials(String userID) { - // send a request to the server to initiate (from the server) the password reset protocol + // Send a request to the server to initiate (from the server) the password reset protocol CDOSessionProtocol sessionProtocol = getSessionProtocol(); - sessionProtocol.requestResetCredentials(userID); } diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java index f277396ae2..ef126d7433 100644 --- a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java +++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.internal.net4j.protocol; @@ -58,6 +58,7 @@ import org.eclipse.net4j.util.io.StringCompressor; import org.eclipse.net4j.util.io.StringIO; import org.eclipse.net4j.util.om.monitor.OMMonitor; import org.eclipse.net4j.util.om.trace.PerfTracer; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.emf.ecore.EClass; import org.eclipse.emf.ecore.EPackage; @@ -492,8 +493,8 @@ public class CDOClientProtocol extends SignalProtocol<CDOSession> implements CDO case SIGNAL_LOCK_NOTIFICATION: return new LockNotificationIndication(this); - case SIGNAL_CHANGE_CREDENTIALS: - return new ChangeCredentialsIndication(this); + case SIGNAL_CREDENTIALS_CHALLENGE: + return new CredentialsChallengeIndication(this); default: return super.createSignalReactor(signalID); @@ -567,11 +568,11 @@ public class CDOClientProtocol extends SignalProtocol<CDOSession> implements CDO public void requestChangeCredentials() { - send(new RequestChangeCredentialsRequest(this, RequestChangeCredentialsRequest.Operation.CHANGE_PASSWORD, null)); + send(new ChangeCredentialsRequest(this, CredentialsUpdateOperation.CHANGE_PASSWORD, null)); } public void requestResetCredentials(String userID) { - send(new RequestChangeCredentialsRequest(this, RequestChangeCredentialsRequest.Operation.RESET_PASSWORD, userID)); + send(new ChangeCredentialsRequest(this, CredentialsUpdateOperation.RESET_PASSWORD, userID)); } } diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/RequestChangeCredentialsRequest.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsRequest.java index f0575409eb..1c6d4d098a 100644 --- a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/RequestChangeCredentialsRequest.java +++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsRequest.java @@ -4,7 +4,7 @@ * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at * http://www.eclipse.org/legal/epl-v10.html - * + * * Contributors: * Christian W. Damus (CEA LIST) - initial API and implementation */ @@ -17,24 +17,27 @@ import org.eclipse.emf.cdo.internal.net4j.bundle.OM; import org.eclipse.net4j.util.om.monitor.OMMonitor; import org.eclipse.net4j.util.om.trace.ContextTracer; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import java.io.IOException; /** - * Request from the client to the server to initiate (from the server) the change-credentials protocol. + * Request from the client to the server to initiate (from the server) the change-credentials protocol. + * + * @author Christian W. Damus (CEA LIST) */ -public class RequestChangeCredentialsRequest extends CDOClientRequestWithMonitoring<Boolean> +public class ChangeCredentialsRequest extends CDOClientRequestWithMonitoring<Boolean> { private static final ContextTracer TRACER = new ContextTracer(OM.DEBUG_PROTOCOL, - RequestChangeCredentialsRequest.class); + ChangeCredentialsRequest.class); - private final Operation operation; + private final CredentialsUpdateOperation operation; private final String userID; - public RequestChangeCredentialsRequest(CDOClientProtocol protocol, Operation operation, String userID) + public ChangeCredentialsRequest(CDOClientProtocol protocol, CredentialsUpdateOperation operation, String userID) { - super(protocol, CDOProtocolConstants.SIGNAL_REQUEST_CHANGE_CREDENTIALS); + super(protocol, CDOProtocolConstants.SIGNAL_CHANGE_CREDENTIALS); this.operation = operation; this.userID = userID; @@ -57,27 +60,4 @@ public class RequestChangeCredentialsRequest extends CDOClientRequestWithMonitor { return in.readBoolean(); } - - // - // Nested types - // - - public static enum Operation - { - CHANGE_PASSWORD, RESET_PASSWORD; - - @Override - public String toString() - { - switch (this) - { - case CHANGE_PASSWORD: - return "change"; //$NON-NLS-1$ - case RESET_PASSWORD: - return "reset"; //$NON-NLS-1$ - } - - return super.toString(); - } - } } diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CredentialsChallengeIndication.java index 08c4d5f71c..3930db5b31 100644 --- a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java +++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CredentialsChallengeIndication.java @@ -13,7 +13,6 @@ package org.eclipse.emf.cdo.internal.net4j.protocol; import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants; import org.eclipse.emf.cdo.internal.net4j.bundle.OM; -import org.eclipse.emf.cdo.internal.net4j.protocol.RequestChangeCredentialsRequest.Operation; import org.eclipse.net4j.signal.IndicationWithMonitoring; import org.eclipse.net4j.signal.SignalProtocol; @@ -22,6 +21,7 @@ import org.eclipse.net4j.util.io.ExtendedDataInputStream; import org.eclipse.net4j.util.io.ExtendedDataOutputStream; import org.eclipse.net4j.util.om.monitor.OMMonitor; import org.eclipse.net4j.util.om.monitor.OMMonitor.Async; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.net4j.util.security.DiffieHellman; import org.eclipse.net4j.util.security.DiffieHellman.Client.Response; import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge; @@ -35,18 +35,20 @@ import java.io.ByteArrayOutputStream; /** * Implementation of the CDO client handler for the server-initiated change-credentials protocol. + * + * @author Christian W. Damus (CEA LIST) */ -public class ChangeCredentialsIndication extends IndicationWithMonitoring +public class CredentialsChallengeIndication extends IndicationWithMonitoring { private Challenge challenge; - private Operation operation; + private CredentialsUpdateOperation operation; private String userID; - public ChangeCredentialsIndication(SignalProtocol<?> protocol) + public CredentialsChallengeIndication(SignalProtocol<?> protocol) { - super(protocol, CDOProtocolConstants.SIGNAL_CHANGE_CREDENTIALS); + super(protocol, CDOProtocolConstants.SIGNAL_CREDENTIALS_CHALLENGE); } @Override @@ -63,8 +65,8 @@ public class ChangeCredentialsIndication extends IndicationWithMonitoring @Override protected void indicating(ExtendedDataInputStream in, OMMonitor monitor) throws Exception { - operation = in.readEnum(Operation.class); - userID = in.readString(); // may be null if operation is not reset + operation = in.readEnum(CredentialsUpdateOperation.class); + userID = in.readString(); // May be null if operation is not reset challenge = new Challenge(in); } @@ -83,23 +85,16 @@ public class ChangeCredentialsIndication extends IndicationWithMonitoring } IPasswordCredentialsUpdate credentials = ((IPasswordCredentialsUpdateProvider)credentialsProvider) - .getCredentialsUpdate(userID, operation == Operation.RESET_PASSWORD); + .getCredentialsUpdate(userID, operation); if (credentials == null) { - // user canceled. Fine + // User canceled. Fine out.writeBoolean(false); return; } String authUserID = credentials.getUserID(); - // don't require the current credentials because the user may not have any, yet - String authPassword = new String(credentials.getPassword()); - if (StringUtil.isEmpty(authPassword)) - { - throw new IllegalStateException("No password provided"); //$NON-NLS-1$ - } - String newPassword = new String(credentials.getNewPassword()); if (StringUtil.isEmpty(newPassword)) { @@ -107,7 +102,6 @@ public class ChangeCredentialsIndication extends IndicationWithMonitoring } ByteArrayOutputStream baos = new ByteArrayOutputStream(); - @SuppressWarnings("resource") ExtendedDataOutputStream stream = new ExtendedDataOutputStream(baos); switch (operation) diff --git a/plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java b/plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java index 81facee5ee..fb86908e43 100644 --- a/plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java +++ b/plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java @@ -4,7 +4,7 @@ * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at * http://www.eclipse.org/legal/epl-v10.html - * + * * Contributors: * Christian W. Damus (CEA LIST) - initial API and implementation */ @@ -14,16 +14,18 @@ import org.eclipse.emf.cdo.security.User; import org.eclipse.net4j.util.ui.actions.LongRunningActionDelegate; +import org.eclipse.emf.spi.cdo.InternalCDOSession; + import org.eclipse.core.runtime.IProgressMonitor; import org.eclipse.jface.viewers.ISelection; import org.eclipse.jface.viewers.IStructuredSelection; /** * Administrative password reset action on users in the security model. + * @author Christian W. Damus (CEA LIST) */ public class ResetPasswordActionDelegate extends LongRunningActionDelegate { - public ResetPasswordActionDelegate() { } @@ -35,13 +37,12 @@ public class ResetPasswordActionDelegate extends LongRunningActionDelegate if (selection instanceof IStructuredSelection) { Object selected = ((IStructuredSelection)selection).getFirstElement(); - if (selected instanceof User) { User user = (User)selected; - user.cdoView().getSession().resetCredentials(user.getId()); + InternalCDOSession session = (InternalCDOSession)user.cdoView().getSession(); + session.resetCredentials(user.getId()); } } } - } diff --git a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java index 480c86e508..cc483d5fec 100644 --- a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java +++ b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java @@ -11,7 +11,7 @@ * Simon McDuff - bug 230832 * Simon McDuff - bug 233490 * Simon McDuff - bug 213402 - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.server.internal.net4j.protocol; @@ -31,6 +31,7 @@ import org.eclipse.net4j.signal.SignalReactor; import org.eclipse.net4j.util.io.StringCompressor; import org.eclipse.net4j.util.io.StringIO; import org.eclipse.net4j.util.lifecycle.LifecycleUtil; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.net4j.util.security.DiffieHellman.Client.Response; import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge; @@ -96,9 +97,10 @@ public class CDOServerProtocol extends SignalProtocol<InternalSession> implement return new AuthenticationRequest(this, challenge).send(negotiationTimeout); } - public Response sendChangeCredentialsChallenge(Challenge challenge, String userID, boolean isReset) throws Exception + public Response sendCredentialsChallenge(Challenge challenge, String userID, + CredentialsUpdateOperation operation) throws Exception { - return new ChangeCredentialsRequest(this, challenge, userID, isReset).send(negotiationTimeout); + return new CredentialsChallengeRequest(this, challenge, userID, operation).send(negotiationTimeout); } public void sendRepositoryTypeNotification(CDOCommonRepository.Type oldType, CDOCommonRepository.Type newType) @@ -357,8 +359,8 @@ public class CDOServerProtocol extends SignalProtocol<InternalSession> implement case SIGNAL_LOAD_PERMISSIONS: return new LoadPermissionsIndication(this); - case SIGNAL_REQUEST_CHANGE_CREDENTIALS: - return new RequestChangeCredentialsIndication(this); + case SIGNAL_CHANGE_CREDENTIALS: + return new ChangeCredentialsIndication(this); default: return super.createSignalReactor(signalID); diff --git a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/RequestChangeCredentialsIndication.java b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsIndication.java index 819270c134..1da4debc74 100644 --- a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/RequestChangeCredentialsIndication.java +++ b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsIndication.java @@ -20,33 +20,35 @@ import org.eclipse.emf.cdo.spi.server.InternalSessionManager; import org.eclipse.net4j.util.om.monitor.OMMonitor; import org.eclipse.net4j.util.om.monitor.OMMonitor.Async; import org.eclipse.net4j.util.om.trace.ContextTracer; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; /** * Handles the request from a client to initiate the change-credentials protocol. + * + * @author Christian W. Damus (CEA LIST) */ -public class RequestChangeCredentialsIndication extends CDOServerIndicationWithMonitoring +public class ChangeCredentialsIndication extends CDOServerIndicationWithMonitoring { - private static final ContextTracer TRACER = new ContextTracer(OM.DEBUG_PROTOCOL, - RequestChangeCredentialsIndication.class); + private static final ContextTracer TRACER = new ContextTracer(OM.DEBUG_PROTOCOL, ChangeCredentialsIndication.class); - private Operation operation; + private CredentialsUpdateOperation operation; private String userID; - public RequestChangeCredentialsIndication(CDOServerProtocol protocol) + public ChangeCredentialsIndication(CDOServerProtocol protocol) { - super(protocol, CDOProtocolConstants.SIGNAL_REQUEST_CHANGE_CREDENTIALS); + super(protocol, CDOProtocolConstants.SIGNAL_CHANGE_CREDENTIALS); } @Override protected void indicating(CDODataInput in, OMMonitor monitor) throws Exception { - operation = in.readEnum(Operation.class); + operation = in.readEnum(CredentialsUpdateOperation.class); userID = in.readString(); if (TRACER.isEnabled()) { - TRACER.format("Initiating %s of user credentials", operation); //$NON-NLS-1$ + TRACER.format("Initiating {0} of user credentials", operation); //$NON-NLS-1$ } } @@ -65,8 +67,9 @@ public class RequestChangeCredentialsIndication extends CDOServerIndicationWithM switch (operation) { case CHANGE_PASSWORD: - sessionManager.changeUserCredentials(getProtocol()); + sessionManager.changeUserCredentials(getProtocol(), getSession().getUserID()); break; + case RESET_PASSWORD: sessionManager.resetUserCredentials(getProtocol(), userID); break; @@ -76,13 +79,13 @@ public class RequestChangeCredentialsIndication extends CDOServerIndicationWithM { TRACER.format("Credentials %s processed.", operation); //$NON-NLS-1$ } + out.writeBoolean(true); } catch (NotAuthenticatedException ex) { - // user has cancelled the authentication + // User has cancelled the authentication out.writeBoolean(false); - return; } } finally @@ -91,27 +94,4 @@ public class RequestChangeCredentialsIndication extends CDOServerIndicationWithM monitor.done(); } } - - // - // Nested types - // - - public static enum Operation - { - CHANGE_PASSWORD, RESET_PASSWORD; - - @Override - public String toString() - { - switch (this) - { - case CHANGE_PASSWORD: - return "change"; //$NON-NLS-1$ - case RESET_PASSWORD: - return "reset"; //$NON-NLS-1$ - } - - return super.toString(); - } - } } diff --git a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsRequest.java b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CredentialsChallengeRequest.java index 886e797a00..fa7c901df5 100644 --- a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsRequest.java +++ b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CredentialsChallengeRequest.java @@ -12,36 +12,38 @@ package org.eclipse.emf.cdo.server.internal.net4j.protocol; import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants; import org.eclipse.emf.cdo.common.util.NotAuthenticatedException; -import org.eclipse.emf.cdo.server.internal.net4j.protocol.RequestChangeCredentialsIndication.Operation; import org.eclipse.net4j.signal.RemoteException; import org.eclipse.net4j.signal.RequestWithMonitoring; import org.eclipse.net4j.util.io.ExtendedDataInputStream; import org.eclipse.net4j.util.io.ExtendedDataOutputStream; import org.eclipse.net4j.util.om.monitor.OMMonitor; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.net4j.util.security.DiffieHellman.Client.Response; import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge; /** * Server-initiated request to change the user's password. It incorporates and extends the * authentication challenge (the current credentials must be verified in the same operation). - * + * * @since 4.3 + * @author Christian W. Damus (CEA LIST) */ -public class ChangeCredentialsRequest extends RequestWithMonitoring<Response> +public class CredentialsChallengeRequest extends RequestWithMonitoring<Response> { private Challenge challenge; - private Operation operation; - private String userID; - public ChangeCredentialsRequest(CDOServerProtocol protocol, Challenge challenge, String userID, boolean isReset) + private CredentialsUpdateOperation operation; + + public CredentialsChallengeRequest(CDOServerProtocol protocol, Challenge challenge, String userID, + CredentialsUpdateOperation operation) { - super(protocol, CDOProtocolConstants.SIGNAL_CHANGE_CREDENTIALS); + super(protocol, CDOProtocolConstants.SIGNAL_CREDENTIALS_CHALLENGE); this.challenge = challenge; - operation = isReset ? Operation.RESET_PASSWORD : Operation.CHANGE_PASSWORD; this.userID = userID; + this.operation = operation; } @Override @@ -64,20 +66,20 @@ public class ChangeCredentialsRequest extends RequestWithMonitoring<Response> result = new Response(in); } } - catch (RemoteException e) + catch (RemoteException ex) { - // user may have cancelled the change-password operation - if (!(e.getCause() instanceof NotAuthenticatedException)) + // User may have cancelled the change-password operation + if (!(ex.getCause() instanceof NotAuthenticatedException)) { - throw e; + throw ex; } } - catch (Exception e) + catch (Exception ex) { - // user may have cancelled the change-password operation - if (!(e instanceof NotAuthenticatedException)) + // User may have cancelled the change-password operation + if (!(ex instanceof NotAuthenticatedException)) { - throw e; + throw ex; } } diff --git a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java index 9645bb3169..89fd03b71f 100644 --- a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java +++ b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.server.internal.security; @@ -797,19 +797,19 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage protected final boolean isAdministrator(User user) { - // an administrator is one that has write permission on the realm resource + // An administrator is one that has write permission on the realm resource Realm realm = getRealm(); - if (realm != null) { - // can't be an administrator if there isn't a realm + // Can't be an administrator if there isn't a realm CDORevision revision = realm.cdoRevision(); CDORevisionProvider revisionProvider = realm.cdoView(); CDOBranchPoint securityContext = realm.cdoView(); - for (Permission next : user.getAllPermissions()) + for (Permission permission : user.getAllPermissions()) { - if (next.getAccess() == Access.WRITE && next.isApplicable(revision, revisionProvider, securityContext)) + if (permission.getAccess() == Access.WRITE + && permission.isApplicable(revision, revisionProvider, securityContext)) { return true; } diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java index 051b538335..d680fec1ae 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.internal.server; diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java index ace06a84e2..55a37a517b 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java @@ -9,7 +9,7 @@ * Eike Stepper - initial API and implementation * Simon McDuff - bug 201266 * Simon McDuff - bug 202725 - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.internal.server; @@ -37,6 +37,7 @@ import org.eclipse.net4j.util.container.Container; import org.eclipse.net4j.util.io.ExtendedDataInputStream; import org.eclipse.net4j.util.lifecycle.LifecycleUtil; import org.eclipse.net4j.util.om.trace.ContextTracer; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.net4j.util.security.DiffieHellman; import org.eclipse.net4j.util.security.DiffieHellman.Client.Response; import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge; @@ -439,17 +440,18 @@ public class SessionManager extends Container<ISession> implements InternalSessi } } - public void changeUserCredentials(ISessionProtocol sessionProtocol) + public void changeUserCredentials(ISessionProtocol sessionProtocol, String userID) { - changeUserCredentials(sessionProtocol, null, false); + changeUserCredentials(sessionProtocol, userID, CredentialsUpdateOperation.CHANGE_PASSWORD); } public void resetUserCredentials(ISessionProtocol sessionProtocol, String userID) { - changeUserCredentials(sessionProtocol, userID, true); + changeUserCredentials(sessionProtocol, userID, CredentialsUpdateOperation.RESET_PASSWORD); } - protected void changeUserCredentials(ISessionProtocol sessionProtocol, String userID, boolean isReset) + protected void changeUserCredentials(ISessionProtocol sessionProtocol, String userID, + CredentialsUpdateOperation operation) { if (sessionProtocol == null) @@ -470,7 +472,7 @@ public class SessionManager extends Container<ISession> implements InternalSessi try { Challenge challenge = authenticationServer.getChallenge(); - Response response = sessionProtocol.sendChangeCredentialsChallenge(challenge, userID, isReset); + Response response = sessionProtocol.sendCredentialsChallenge(challenge, userID, operation); if (response == null) { throw new NotAuthenticatedException(); @@ -480,7 +482,7 @@ public class SessionManager extends Container<ISession> implements InternalSessi @SuppressWarnings("resource") ExtendedDataInputStream stream = new ExtendedDataInputStream(baos); - if (isReset) + if (operation == CredentialsUpdateOperation.RESET_PASSWORD) { String adminID = stream.readString(); char[] adminPassword = stream.readString().toCharArray(); diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java index 5f99a9df65..b8a3fb874c 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java @@ -8,7 +8,7 @@ * Contributors: * Eike Stepper - initial API and implementation * Andre Dietisheim - bug 256649 - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.internal.server.embedded; diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java index a2bbf9b669..1569e4f9a6 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.internal.server.embedded; diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java index deb256a718..94ecdf8819 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.internal.server.embedded; @@ -22,6 +22,7 @@ import org.eclipse.emf.cdo.spi.server.InternalRepository; import org.eclipse.emf.cdo.spi.server.InternalSession; import org.eclipse.net4j.util.lifecycle.Lifecycle; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.net4j.util.security.DiffieHellman.Client.Response; import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge; @@ -71,7 +72,8 @@ public class EmbeddedServerSessionProtocol extends Lifecycle implements ISession throw new UnsupportedOperationException(); } - public Response sendChangeCredentialsChallenge(Challenge challenge, String userID, boolean isReset) throws Exception + public Response sendCredentialsChallenge(Challenge challenge, String userID, + CredentialsUpdateOperation operation) throws Exception { throw new UnsupportedOperationException(); } diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java index 911b88c74b..b70749cd09 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.spi.server; @@ -19,6 +19,7 @@ import org.eclipse.emf.cdo.common.protocol.CDOProtocol; import org.eclipse.emf.cdo.session.remote.CDORemoteSessionMessage; import org.eclipse.emf.cdo.spi.common.branch.InternalCDOBranch; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.net4j.util.security.DiffieHellman.Client.Response; import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge; @@ -48,7 +49,8 @@ public interface ISessionProtocol extends CDOProtocol /** * @since 4.3 */ - public Response sendChangeCredentialsChallenge(Challenge challenge, String userID, boolean isReset) throws Exception; + public Response sendCredentialsChallenge(Challenge challenge, String userID, + CredentialsUpdateOperation operation) throws Exception; public void sendRepositoryTypeNotification(CDOCommonRepository.Type oldType, CDOCommonRepository.Type newType) throws Exception; diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java index 1623720a3b..f6c574a149 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.spi.server; @@ -67,15 +67,15 @@ public interface InternalSessionManager extends ISessionManager /** * Initiates the change-credentials protocol with the client and processes the * client response to update the user's credentials. - * + * * @since 4.3 */ - public void changeUserCredentials(ISessionProtocol sessionProtocol); + public void changeUserCredentials(ISessionProtocol sessionProtocol, String userID); /** * Initiates the administrative reset-credentials protocol with the client and * processes the client response to reset the specified {@code userID}'s credentials. - * + * * @since 4.3 */ public void resetUserCredentials(ISessionProtocol sessionProtocol, String userID); diff --git a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java index 131aeb24fa..b6d5b69c46 100644 --- a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java +++ b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java @@ -18,6 +18,8 @@ import org.eclipse.ui.IWorkbenchPage; /** * The "change password" action. + * + * @author Christian W. Damus (CEA LIST) */ public final class ChangePasswordAction extends SessionAction { diff --git a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties index 89e13762df..f47cc5f3d3 100644 --- a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties +++ b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties @@ -8,7 +8,7 @@ # Contributors: # Victor Roldan Betancort - initial API and implementation # Eike Stepper - maintenance -# Christian W. Damus (CEA LIST) - 399306 +# Christian W. Damus (CEA LIST) - bug 399306 # ============================================================================== # ============================================================================== diff --git a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java index a4f439cddc..61a43cddbf 100644 --- a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java +++ b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java @@ -8,7 +8,7 @@ * Contributors: * Eike Stepper - initial API and implementation * Victor Roldan Betancort - maintenance - * Christian W. Damus (CEA LIST) - 419805, 399306 + * Christian W. Damus (CEA LIST) - bug 419805, bug 399306 */ package org.eclipse.emf.cdo.ui; diff --git a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java index 5b420e8ce3..2b40a20498 100644 --- a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java +++ b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java @@ -10,7 +10,7 @@ * Simon McDuff - maintenance * Victor Roldan Betancort - maintenance * Andre Dietisheim - bug 256649 - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.cdo.session; @@ -64,7 +64,7 @@ import org.eclipse.emf.spi.cdo.CDOSessionProtocol; * have been received and processed. * <li> {@link CDOSessionLocksChangedEvent} after {@link CDOLock locks} have been acquired or released. * </ul> - * + * * @author Eike Stepper * @since 2.0 * @noextend This interface is not intended to be extended by clients. @@ -93,7 +93,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * Returns an instance of {@link CDORepositoryInfo} that describes the model repository this {@link CDOSession * session} is connected to. - * + * * @since 3.0 */ public CDORepositoryInfo getRepositoryInfo(); @@ -112,7 +112,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * Returns the CDO {@link CDOBranchManager branch manager} that manages the {@link CDOBranch branches} of the * repository of this session. - * + * * @since 3.0 */ public CDOBranchManager getBranchManager(); @@ -120,48 +120,26 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * Returns the CDO {@link CDORevisionManager revision manager} that manages the {@link CDORevision revisions} of the * repository of this session. - * + * * @since 3.0 */ public CDORevisionManager getRevisionManager(); /** * Returns the CDO {@link CDOFetchRuleManager fetch rule manager} of this session. - * + * * @since 3.0 */ public CDOFetchRuleManager getFetchRuleManager(); /** * Returns the {@link IPasswordCredentialsProvider credentials provider} of this session. - * + * * @since 4.3 */ public IPasswordCredentialsProvider getCredentialsProvider(); /** - * Initiates interactive changing of credentials for the user logged in in this session. - * This is an optional operation of the session. - * - * @since 4.3 - * - * @throws UnsupportedOperationException if the session implementation does not permit changing credentials - */ - public void changeCredentials(); - - /** - * Initiates interactive reset of credentials for the specified user. - * This is an optional operation of the session. - * - * @param userID the ID of the user for which to reset credentials - * - * @since 4.3 - * - * @throws UnsupportedOperationException if the session implementation does not permit resetting user credentials - */ - public void resetCredentials(String userID); - - /** * Returns the CDO {@link CDORemoteSessionManager remote session manager} that keeps track of the other remote * sessions served by the repository of this local session. */ @@ -169,7 +147,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * Returns the CDO {@link CDOCommitInfoManager commit info manager} of this session. - * + * * @since 3.0 */ public CDOCommitInfoManager getCommitInfoManager(); @@ -181,14 +159,14 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * Returns the CDO {@link CDOIDGenerator ID generator} of this session. - * + * * @since 4.1 */ public CDOIDGenerator getIDGenerator(); /** * Refreshes the object caches of all (non-historical) {@link CDOView views}. - * + * * @since 3.0 */ public long refresh(); @@ -213,6 +191,17 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti public CDOChangeSetData compareRevisions(CDOBranchPoint source, CDOBranchPoint target); /** + * Initiates (possibly interactive) changing of credentials for the user logged in in this session. + * This is an optional operation of the session. + * + * @throws UnsupportedOperationException if the session implementation does not permit changing credentials + * + * @since 4.3 + * @see #getCredentialsProvider() + */ + public void changeCredentials(); + + /** * Returns the {@link Options options} of this session. */ public Options options(); @@ -228,7 +217,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti * collection loading policy} has changed. * <li> {@link LobCacheEvent} after the {@link #setLobCache(CDOLobStore) large object cache} has changed. * </ul> - * + * * @author Simon McDuff * @noextend This interface is not intended to be extended by clients. * @noimplement This interface is not intended to be implemented by clients. @@ -242,7 +231,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti { /** * Returns the {@link CDOSession session} of this options object. - * + * * @since 4.0 */ public CDOSession getContainer(); @@ -277,28 +266,28 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * Returns the {@link CDOLobStore large object cache} currently being used by this session. - * + * * @since 4.0 */ public CDOLobStore getLobCache(); /** * Sets the {@link CDOLobStore large object cache} to be used by this session. - * + * * @since 4.0 */ public void setLobCache(CDOLobStore lobCache); /** * Returns the {@link CDOPermissionUpdater permission updater} currently being used by this session. - * + * * @since 4.3 */ public CDOPermissionUpdater getPermissionUpdater(); /** * Sets the {@link CDOPermissionUpdater permission updater} to be used by this session. - * + * * @since 4.3 */ public void setPermissionUpdater(CDOPermissionUpdater permissionUpdater); @@ -307,7 +296,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti * An {@link IOptionsEvent options event} fired when the * {@link Options#setGeneratedPackageEmulationEnabled(boolean) generated package emulation enabled} option of a * {@link CDOSession session} has changed. - * + * * @author Eike Stepper * @noextend This interface is not intended to be extended by clients. * @noimplement This interface is not intended to be implemented by clients. @@ -320,7 +309,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti * An {@link IOptionsEvent options event} fired when the * {@link Options#setCollectionLoadingPolicy(CDOCollectionLoadingPolicy) collection loading policy} option of a * {@link CDOSession session} has changed. - * + * * @author Eike Stepper * @noextend This interface is not intended to be extended by clients. * @noimplement This interface is not intended to be implemented by clients. @@ -332,7 +321,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * An {@link IOptionsEvent options event} fired when the {@link Options#setLobCache(CDOLobStore) large object cache} * option of a {@link CDOSession session} has changed. - * + * * @author Eike Stepper * @since 4.0 * @noextend This interface is not intended to be extended by clients. @@ -345,7 +334,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti /** * An {@link IOptionsEvent options event} fired when the {@link Options#setPermissionUpdater(CDOPermissionUpdater) permission updater} * option of a {@link CDOSession session} has changed. - * + * * @author Eike Stepper * @since 4.3 * @noextend This interface is not intended to be extended by clients. @@ -360,7 +349,7 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti * Handles {@link CDOSessionProtocol protocol} exceptions if * {@link CDOSessionConfiguration#setExceptionHandler(CDOSession.ExceptionHandler) configured} before the session has * been opened. - * + * * @author Eike Stepper */ public interface ExceptionHandler diff --git a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java index bf07366e0d..ce799628cb 100644 --- a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java +++ b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.internal.cdo.session; diff --git a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java index fdc4773336..2c47bfe14f 100644 --- a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java +++ b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.emf.spi.cdo; diff --git a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/InternalCDOSession.java b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/InternalCDOSession.java index e5b1ac73b5..4dd0cba18c 100644 --- a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/InternalCDOSession.java +++ b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/InternalCDOSession.java @@ -165,6 +165,18 @@ public interface InternalCDOSession extends CDOSession, PackageProcessor, Packag */ public void setLastUpdateTime(long lastUpdateTime); + /** + * Initiates (possibly interactive) reset of credentials for the specified user. + * This is an optional operation of the session and only available for administrators. + * + * @param userID the ID of the user for which to reset credentials + * @throws UnsupportedOperationException if the session implementation does not permit resetting user credentials + * + * @since 4.3 + * @see #getCredentialsProvider() + */ + public void resetCredentials(String userID); + public void viewDetached(InternalCDOView view); /** diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties index f467459428..2bc50e09de 100644 --- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties +++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties @@ -8,7 +8,7 @@ # Contributors: # Victor Roldan Betancort - initial API and implementation # Eike Stepper - maintenance -# Christian W. Damus (CEA LIST) - 399306 +# Christian W. Damus (CEA LIST) - bug 399306 # ============================================================================== # ============================================================================== diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java index e69b1e8df1..b82ef9100a 100644 --- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java +++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java @@ -7,7 +7,7 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.net4j.util.ui.security; @@ -44,7 +44,7 @@ public class CredentialsDialog extends BaseDialog<Viewer> private static final String MESSAGE = Messages.getString("CredentialsDialog_1"); //$NON-NLS-1$ - private static final int WIDTH = 310; + private static final int WIDTH = 400; private static final int HEIGHT = 225; @@ -99,7 +99,6 @@ public class CredentialsDialog extends BaseDialog<Viewer> protected void configureShell(Shell newShell) { super.configureShell(newShell); - configureShell(newShell, WIDTH, HEIGHT); } @@ -140,19 +139,7 @@ public class CredentialsDialog extends BaseDialog<Viewer> composite.setLayout(new GridLayout(2, false)); new Label(composite, SWT.NONE).setText(Messages.getString("CredentialsDialog_2")); //$NON-NLS-1$ - if (users.isEmpty()) - { - userIDControl = new Text(composite, SWT.BORDER); - } - else - { - Combo combo = new Combo(composite, SWT.BORDER); - combo.setItems(users.toArray(new String[users.size()])); - combo.setText(users.get(0)); - - userIDControl = combo; - } - + userIDControl = createUserIDControl(composite); userIDControl.setLayoutData(UIUtil.createGridData(true, false)); new Label(composite, SWT.NONE).setText(Messages.getString("CredentialsDialog_3")); //$NON-NLS-1$ @@ -167,6 +154,23 @@ public class CredentialsDialog extends BaseDialog<Viewer> return composite; } + /** + * @since 3.4 + */ + protected Control createUserIDControl(Composite composite) + { + if (users.isEmpty()) + { + return new Text(composite, SWT.BORDER); + } + + Combo combo = new Combo(composite, SWT.BORDER); + combo.setItems(users.toArray(new String[users.size()])); + combo.setText(users.get(0)); + + return combo; + } + @Override protected void okPressed() { diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java index de3d5d7671..72da7c1d55 100644 --- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java +++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java @@ -22,6 +22,7 @@ import java.text.MessageFormat; /** * @since 3.4 + * @author Christian W. Damus (CEA LIST) */ public class CredentialsResetDialog extends CredentialsDialog { @@ -68,5 +69,4 @@ public class CredentialsResetDialog extends CredentialsDialog return result; } - } diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java index c5068672a1..9a207e77f5 100644 --- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java +++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java @@ -10,6 +10,7 @@ */ package org.eclipse.net4j.util.ui.security; +import org.eclipse.net4j.util.StringUtil; import org.eclipse.net4j.util.internal.ui.messages.Messages; import org.eclipse.net4j.util.security.IPasswordCredentials; import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate; @@ -21,12 +22,14 @@ import org.eclipse.swt.SWT; import org.eclipse.swt.events.ModifyEvent; import org.eclipse.swt.events.ModifyListener; import org.eclipse.swt.widgets.Composite; +import org.eclipse.swt.widgets.Control; import org.eclipse.swt.widgets.Label; import org.eclipse.swt.widgets.Shell; import org.eclipse.swt.widgets.Text; /** * @since 3.4 + * @author Christian W. Damus (CEA LIST) */ public class CredentialsUpdateDialog extends CredentialsDialog { @@ -36,18 +39,21 @@ public class CredentialsUpdateDialog extends CredentialsDialog private static final int HEIGHT = 275; + private String userID; + private Text newPasswordControl; private Text repeatNewPasswordControl; public CredentialsUpdateDialog(Shell shell) { - this(shell, null); + this(shell, null, null); } - public CredentialsUpdateDialog(Shell shell, String realm) + public CredentialsUpdateDialog(Shell shell, String realm, String userID) { super(shell, realm, TITLE, MESSAGE); + this.userID = userID; } @Override @@ -76,7 +82,6 @@ public class CredentialsUpdateDialog extends CredentialsDialog ModifyListener newPasswordListener = new ModifyListener() { - public void modifyText(ModifyEvent e) { validateNewPassword(); @@ -97,10 +102,18 @@ public class CredentialsUpdateDialog extends CredentialsDialog } @Override + protected Control createUserIDControl(Composite composite) + { + Text text = new Text(composite, SWT.BORDER); + text.setText(StringUtil.safe(userID)); + text.setEnabled(false); + return text; + } + + @Override protected void createButtonsForButtonBar(Composite parent) { super.createButtonsForButtonBar(parent); - getButton(IDialogConstants.OK_ID).setEnabled(false); } @@ -135,5 +148,4 @@ public class CredentialsUpdateDialog extends CredentialsDialog setErrorMessage(message); getButton(IDialogConstants.OK_ID).setEnabled(message == null); } - } diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java index 97dbbb97ec..6770d05969 100644 --- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java +++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java @@ -7,11 +7,12 @@ * * Contributors: * Eike Stepper - initial API and implementation - * Christian W. Damus (CEA LIST) - 399306 + * Christian W. Damus (CEA LIST) - bug 399306 */ package org.eclipse.net4j.util.ui.security; import org.eclipse.net4j.util.internal.ui.messages.Messages; +import org.eclipse.net4j.util.security.CredentialsUpdateOperation; import org.eclipse.net4j.util.security.IPasswordCredentials; import org.eclipse.net4j.util.security.IPasswordCredentialsProvider2; import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate; @@ -88,15 +89,16 @@ public class InteractiveCredentialsProvider implements IPasswordCredentialsProvi /** * @since 3.4 */ - public IPasswordCredentialsUpdate getCredentialsUpdate(String userID, boolean isReset) + public IPasswordCredentialsUpdate getCredentialsUpdate(String userID, CredentialsUpdateOperation operation) { - return getCredentialsUpdate(null, userID, isReset); + return getCredentialsUpdate(null, userID, operation); } /** * @since 3.4 */ - public IPasswordCredentialsUpdate getCredentialsUpdate(final String realm, final String userID, final boolean isReset) + public IPasswordCredentialsUpdate getCredentialsUpdate(final String realm, final String userID, + final CredentialsUpdateOperation operation) { final IPasswordCredentialsUpdate[] update = { null }; final Display display = UIUtil.getDisplay(); @@ -116,10 +118,9 @@ public class InteractiveCredentialsProvider implements IPasswordCredentialsProvi shell = new Shell(display); } - if (!isReset) + if (operation == CredentialsUpdateOperation.CHANGE_PASSWORD) { - CredentialsUpdateDialog dialog = new CredentialsUpdateDialog(shell, realm); - + CredentialsUpdateDialog dialog = new CredentialsUpdateDialog(shell, realm, userID); if (dialog.open() == Window.OK) { update[0] = dialog.getCredentials(); @@ -147,12 +148,11 @@ public class InteractiveCredentialsProvider implements IPasswordCredentialsProvi if (buttonId == 0) { copyToClipboard(); - - // don't close the dialog + // Don't close the dialog } else { - // close the dialog in the usual way + // Close the dialog in the usual way super.buttonPressed(IDialogConstants.OK_ID); } } diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/CredentialsUpdateOperation.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/CredentialsUpdateOperation.java new file mode 100644 index 0000000000..13a4a7f4c6 --- /dev/null +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/CredentialsUpdateOperation.java @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2004-2013 Eike Stepper (Berlin, Germany) and others. + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v1.0 + * which accompanies this distribution, and is available at + * http://www.eclipse.org/legal/epl-v10.html + * + * Contributors: + * Eike Stepper - initial API and implementation + */ +package org.eclipse.net4j.util.security; + +/** + * @author Christian W. Damus (CEA LIST) + * @since 3.4 + */ +public enum CredentialsUpdateOperation +{ + CHANGE_PASSWORD, RESET_PASSWORD; + + @Override + public String toString() + { + switch (this) + { + case CHANGE_PASSWORD: + return "change"; //$NON-NLS-1$ + + case RESET_PASSWORD: + return "reset"; //$NON-NLS-1$ + } + + return super.toString(); + } +} diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java index fe8cc7031e..3f0a8215a7 100644 --- a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java @@ -4,7 +4,7 @@ * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at * http://www.eclipse.org/legal/epl-v10.html - * + * * Contributors: * Christian W. Damus (CEA LIST) - initial API and implementation */ @@ -12,8 +12,9 @@ package org.eclipse.net4j.util.security; /** * Extension interface for authenticators that can update user credentials in addition to authenticating them. - * + * * @since 3.4 + * @author Christian W. Damus (CEA LIST) */ public interface IAuthenticator2 extends IAuthenticator { @@ -22,26 +23,26 @@ public interface IAuthenticator2 extends IAuthenticator * Updates the password <em>stored</em> for the user identified by {@code userID}. The {@code oldPassword} is authenticated * {@linkplain IAuthenticator#authenticate(String, char[]) as per usual} and is replaced by the {@code newPassword} only * (and atomically) on success. - * + * * @param userID the ID of the user whose password is to be updated * @param oldPassword the user's current password attempt to verify against the <em>stored</em> password * @param newPassword the new password to replace the {@code oldPassword} - * + * * @throws SecurityException on any failure to authenticate the {@code oldPassword} or validate and/or set the {@code newPassword} */ - void updatePassword(String userID, char[] oldPassword, char[] newPassword); + public void updatePassword(String userID, char[] oldPassword, char[] newPassword); /** * Performs an administrative resets of the password <em>stored</em> for the user identified by {@code userID}. * The {@code adminID} and {@code adminPassword} must {@linkplain IAuthenticator#authenticate(String, char[]) authenticate} * to permit the {@code userID}'s password to be set to the {@code newPassword}. - * + * * @param adminID the ID of the administrator requesting the reset * @param adminPassword the administrator's password * @param userID the ID of the user whose password is to be reset * @param newPassword the new password to replace the user's old password - * + * * @throws SecurityException on any failure to authenticate the {@code oldPassword} or validate and/or set the {@code newPassword} */ - void resetPassword(String adminID, char[] adminPassword, String userID, char[] newPassword); + public void resetPassword(String adminID, char[] adminPassword, String userID, char[] newPassword); } diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java index 8e8fd5d105..6f67662bd6 100644 --- a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java @@ -15,6 +15,7 @@ package org.eclipse.net4j.util.security; * user ID and password for authentication of the password change. * * @since 3.4 + * @author Christian W. Damus (CEA LIST) */ public interface IPasswordCredentialsUpdate extends IPasswordCredentials { diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java index bcb77d6109..2aba0866f0 100644 --- a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java @@ -4,7 +4,7 @@ * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at * http://www.eclipse.org/legal/epl-v10.html - * + * * Contributors: * Christian W. Damus (CEA LIST) - initial API and implementation */ @@ -12,12 +12,14 @@ package org.eclipse.net4j.util.security; /** * Interface for providers of password credentials updates. - * + * * @since 3.4 + * @author Christian W. Damus (CEA LIST) */ public interface IPasswordCredentialsUpdateProvider { - public IPasswordCredentialsUpdate getCredentialsUpdate(String userID, boolean isReset); + public IPasswordCredentialsUpdate getCredentialsUpdate(String userID, CredentialsUpdateOperation operation); - public IPasswordCredentialsUpdate getCredentialsUpdate(String realm, String userID, boolean isReset); + public IPasswordCredentialsUpdate getCredentialsUpdate(String realm, String userID, + CredentialsUpdateOperation operation); } diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java index 8c1f468855..47cd31e027 100644 --- a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java @@ -14,10 +14,10 @@ package org.eclipse.net4j.util.security; * Default implementation of the {@link IPasswordCredentialsUpdate} interface. * * @since 3.4 + * @author Christian W. Damus (CEA LIST) */ public class PasswordCredentialsUpdate extends PasswordCredentials implements IPasswordCredentialsUpdate { - private char[] newPassword; public PasswordCredentialsUpdate(String userID, char[] oldPassword, char[] newPassword) |