Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristian W. Damus2013-10-18 20:55:32 +0000
committerChristian W. Damus2013-10-24 14:03:05 +0000
commitcf95334ebf588eaeee887bddcbee3c5aa82b133e (patch)
tree8fd859821e739cee9c0d2ad1344777cc12823976
parent69a6998c37f06a8cf1faaeffdc3f7567ace7857a (diff)
downloadcdo-cf95334ebf588eaeee887bddcbee3c5aa82b133e.tar.gz
cdo-cf95334ebf588eaeee887bddcbee3c5aa82b133e.tar.xz
cdo-cf95334ebf588eaeee887bddcbee3c5aa82b133e.zip
[399306] [Security] Add password management
https://bugs.eclipse.org/bugs/show_bug.cgi?id=399306 Initial implementation of Change Password signal in the CDO protocol: - client->server request to initiate password change - server->client request to change password, implemented via the Diffie-Hellman key agreement utility - optional API for pluggable credentials providers to provide updates to the user's credentials - updated default interactive credentials provider to use a new CredentialsUpdateDialog to get a new password from the user (with implicit authentication) And an administrative Change Password signal: - client->server request to initiate password reset - server->client request to reset password, implemented via the Diffie-Hellman key agreement utility - updated default interactive credentials provider to use a new CredentialsResetDialog to authenticate the administrator (regular users may not reset passwords) and generate a new password to return to the server. The password is then shown to the administrator in a dialog to share it with the user whose password was reset
-rw-r--r--features/org.eclipse.emf.cdo-feature/feature.xml8
-rw-r--r--plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java23
-rw-r--r--plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java17
-rw-r--r--plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java14
-rw-r--r--plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java147
-rw-r--r--plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/RequestChangeCredentialsRequest.java83
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.classpath7
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.project39
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.core.prefs412
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.launching.prefs3
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.ui.prefs119
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.ltk.core.refactoring.prefs3
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.tasks.ui.prefs4
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.team.ui.prefs3
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.api.tools.prefs95
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.prefs31
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/META-INF/MANIFEST.MF15
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/about.html28
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/build.properties24
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/copyright.txt8
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/plugin.properties14
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/plugin.xml34
-rw-r--r--plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java47
-rw-r--r--plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java9
-rw-r--r--plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsRequest.java86
-rw-r--r--plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/RequestChangeCredentialsIndication.java117
-rw-r--r--plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java47
-rw-r--r--plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java23
-rw-r--r--plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java83
-rw-r--r--plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java23
-rw-r--r--plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java19
-rw-r--r--plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java6
-rw-r--r--plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java6
-rw-r--r--plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java17
-rw-r--r--plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java38
-rw-r--r--plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties3
-rw-r--r--plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java4
-rw-r--r--plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java23
-rw-r--r--plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java35
-rw-r--r--plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java25
-rw-r--r--plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties12
-rw-r--r--plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java49
-rw-r--r--plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java72
-rw-r--r--plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java139
-rw-r--r--plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java111
-rw-r--r--plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java47
-rw-r--r--plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java27
-rw-r--r--plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java23
-rw-r--r--plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java48
49 files changed, 2258 insertions, 12 deletions
diff --git a/features/org.eclipse.emf.cdo-feature/feature.xml b/features/org.eclipse.emf.cdo-feature/feature.xml
index f10ca9c037..610fefc650 100644
--- a/features/org.eclipse.emf.cdo-feature/feature.xml
+++ b/features/org.eclipse.emf.cdo-feature/feature.xml
@@ -8,6 +8,7 @@
Contributors:
Eike Stepper - initial API and implementation
+ Christian W. Damus (CEA LIST) - 399306
-->
<feature
id="org.eclipse.emf.cdo"
@@ -140,6 +141,13 @@
unpack="false"/>
<plugin
+ id="org.eclipse.emf.cdo.security.ui"
+ download-size="0"
+ install-size="0"
+ version="0.0.0"
+ unpack="false"/>
+
+ <plugin
id="org.eclipse.emf.cdo.admin"
download-size="0"
install-size="0"
diff --git a/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java b/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java
index 2b2dd3bc92..7b61fe965e 100644
--- a/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java
+++ b/plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolConstants.java
@@ -10,6 +10,7 @@
* Simon McDuff - bug 230832
* Simon McDuff - bug 233490
* Simon McDuff - bug 213402
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.common.protocol;
@@ -28,9 +29,9 @@ public interface CDOProtocolConstants
/**
* @since 4.2
*/
- public static final int PROTOCOL_VERSION = 17; // Make query fail in sequence
+ public static final int PROTOCOL_VERSION = 18; // Password change protocol
- // public static final int PROTOCOL_VERSION = 16; // Last update for permission transfers
+ // public static final int PROTOCOL_VERSION = 17; // Last update for make query fail in sequence
// //////////////////////////////////////////////////////////////////////
// Signal IDs
@@ -259,6 +260,24 @@ public interface CDOProtocolConstants
*/
public static final short SIGNAL_LOAD_PERMISSIONS = 55;
+ /**
+ * Server's request to the client for new credentials.
+ *
+ * @since 4.3
+ *
+ * @see #SIGNAL_REQUEST_CHANGE_CREDENTIALS
+ */
+ public static final short SIGNAL_CHANGE_CREDENTIALS = 56;
+
+ /**
+ * Client's request to the server to initiate a change-credentials operation.
+ *
+ * @since 4.3
+ *
+ * @see #SIGNAL_CHANGE_CREDENTIALS
+ */
+ public static final short SIGNAL_REQUEST_CHANGE_CREDENTIALS = 57;
+
// //////////////////////////////////////////////////////////////////////
// Session Refresh
diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java
index 59e503531a..f57a31726c 100644
--- a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java
+++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/CDONet4jSessionImpl.java
@@ -13,6 +13,7 @@
* Simon McDuff - bug 213402
* Victor Roldan Betancort - maintenance
* Andre Dietisheim - bug 256649
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.internal.net4j;
@@ -294,6 +295,22 @@ public class CDONet4jSessionImpl extends CDOSessionImpl implements org.eclipse.e
getPackageRegistry().deactivate();
}
+ public void changeCredentials()
+ {
+ // send a request to the server to initiate (from the server) the password change protocol
+ CDOSessionProtocol sessionProtocol = getSessionProtocol();
+
+ sessionProtocol.requestChangeCredentials();
+ }
+
+ public void resetCredentials(String userID)
+ {
+ // send a request to the server to initiate (from the server) the password reset protocol
+ CDOSessionProtocol sessionProtocol = getSessionProtocol();
+
+ sessionProtocol.requestResetCredentials(userID);
+ }
+
/**
* @author Eike Stepper
*/
diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java
index 3096ef583f..f277396ae2 100644
--- a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java
+++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CDOClientProtocol.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.internal.net4j.protocol;
@@ -491,6 +492,9 @@ public class CDOClientProtocol extends SignalProtocol<CDOSession> implements CDO
case SIGNAL_LOCK_NOTIFICATION:
return new LockNotificationIndication(this);
+ case SIGNAL_CHANGE_CREDENTIALS:
+ return new ChangeCredentialsIndication(this);
+
default:
return super.createSignalReactor(signalID);
}
@@ -560,4 +564,14 @@ public class CDOClientProtocol extends SignalProtocol<CDOSession> implements CDO
{
return send(new LoadPermissionsRequest(this, revisions));
}
+
+ public void requestChangeCredentials()
+ {
+ send(new RequestChangeCredentialsRequest(this, RequestChangeCredentialsRequest.Operation.CHANGE_PASSWORD, null));
+ }
+
+ public void requestResetCredentials(String userID)
+ {
+ send(new RequestChangeCredentialsRequest(this, RequestChangeCredentialsRequest.Operation.RESET_PASSWORD, userID));
+ }
}
diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java
new file mode 100644
index 0000000000..08c4d5f71c
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java
@@ -0,0 +1,147 @@
+/*
+ * Copyright (c) 2009-2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - Adapted from AuthenticationIndication for 399306
+ */
+package org.eclipse.emf.cdo.internal.net4j.protocol;
+
+import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants;
+import org.eclipse.emf.cdo.internal.net4j.bundle.OM;
+import org.eclipse.emf.cdo.internal.net4j.protocol.RequestChangeCredentialsRequest.Operation;
+
+import org.eclipse.net4j.signal.IndicationWithMonitoring;
+import org.eclipse.net4j.signal.SignalProtocol;
+import org.eclipse.net4j.util.StringUtil;
+import org.eclipse.net4j.util.io.ExtendedDataInputStream;
+import org.eclipse.net4j.util.io.ExtendedDataOutputStream;
+import org.eclipse.net4j.util.om.monitor.OMMonitor;
+import org.eclipse.net4j.util.om.monitor.OMMonitor.Async;
+import org.eclipse.net4j.util.security.DiffieHellman;
+import org.eclipse.net4j.util.security.DiffieHellman.Client.Response;
+import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge;
+import org.eclipse.net4j.util.security.IPasswordCredentialsProvider;
+import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate;
+import org.eclipse.net4j.util.security.IPasswordCredentialsUpdateProvider;
+
+import org.eclipse.emf.spi.cdo.InternalCDOSession;
+
+import java.io.ByteArrayOutputStream;
+
+/**
+ * Implementation of the CDO client handler for the server-initiated change-credentials protocol.
+ */
+public class ChangeCredentialsIndication extends IndicationWithMonitoring
+{
+ private Challenge challenge;
+
+ private Operation operation;
+
+ private String userID;
+
+ public ChangeCredentialsIndication(SignalProtocol<?> protocol)
+ {
+ super(protocol, CDOProtocolConstants.SIGNAL_CHANGE_CREDENTIALS);
+ }
+
+ @Override
+ public CDOClientProtocol getProtocol()
+ {
+ return (CDOClientProtocol)super.getProtocol();
+ }
+
+ protected InternalCDOSession getSession()
+ {
+ return (InternalCDOSession)getProtocol().getSession();
+ }
+
+ @Override
+ protected void indicating(ExtendedDataInputStream in, OMMonitor monitor) throws Exception
+ {
+ operation = in.readEnum(Operation.class);
+ userID = in.readString(); // may be null if operation is not reset
+ challenge = new Challenge(in);
+ }
+
+ @Override
+ protected void responding(ExtendedDataOutputStream out, OMMonitor monitor) throws Exception
+ {
+ monitor.begin();
+ Async async = monitor.forkAsync();
+
+ try
+ {
+ IPasswordCredentialsProvider credentialsProvider = getSession().getCredentialsProvider();
+ if (!(credentialsProvider instanceof IPasswordCredentialsUpdateProvider))
+ {
+ throw new IllegalStateException("No credentials update provider configured"); //$NON-NLS-1$
+ }
+
+ IPasswordCredentialsUpdate credentials = ((IPasswordCredentialsUpdateProvider)credentialsProvider)
+ .getCredentialsUpdate(userID, operation == Operation.RESET_PASSWORD);
+ if (credentials == null)
+ {
+ // user canceled. Fine
+ out.writeBoolean(false);
+ return;
+ }
+
+ String authUserID = credentials.getUserID();
+ // don't require the current credentials because the user may not have any, yet
+
+ String authPassword = new String(credentials.getPassword());
+ if (StringUtil.isEmpty(authPassword))
+ {
+ throw new IllegalStateException("No password provided"); //$NON-NLS-1$
+ }
+
+ String newPassword = new String(credentials.getNewPassword());
+ if (StringUtil.isEmpty(newPassword))
+ {
+ throw new IllegalStateException("No new password provided"); //$NON-NLS-1$
+ }
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ @SuppressWarnings("resource")
+ ExtendedDataOutputStream stream = new ExtendedDataOutputStream(baos);
+
+ switch (operation)
+ {
+ case CHANGE_PASSWORD:
+ stream.writeString(authUserID);
+ stream.writeString(authPassword);
+ stream.writeString(newPassword);
+ break;
+ case RESET_PASSWORD:
+ stream.writeString(authUserID);
+ stream.writeString(authPassword);
+ stream.writeString(userID);
+ stream.writeString(newPassword);
+ break;
+ }
+
+ stream.flush();
+ byte[] clearText = baos.toByteArray();
+
+ DiffieHellman.Client client = new DiffieHellman.Client();
+ Response response = client.handleChallenge(challenge, clearText);
+ out.writeBoolean(true);
+ response.write(out);
+ }
+ catch (Throwable ex)
+ {
+ out.writeBoolean(false);
+ OM.LOG.error(ex);
+ }
+ finally
+ {
+ async.stop();
+ monitor.done();
+ }
+ }
+}
diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/RequestChangeCredentialsRequest.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/RequestChangeCredentialsRequest.java
new file mode 100644
index 0000000000..f0575409eb
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/RequestChangeCredentialsRequest.java
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.emf.cdo.internal.net4j.protocol;
+
+import org.eclipse.emf.cdo.common.protocol.CDODataInput;
+import org.eclipse.emf.cdo.common.protocol.CDODataOutput;
+import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants;
+import org.eclipse.emf.cdo.internal.net4j.bundle.OM;
+
+import org.eclipse.net4j.util.om.monitor.OMMonitor;
+import org.eclipse.net4j.util.om.trace.ContextTracer;
+
+import java.io.IOException;
+
+/**
+ * Request from the client to the server to initiate (from the server) the change-credentials protocol.
+ */
+public class RequestChangeCredentialsRequest extends CDOClientRequestWithMonitoring<Boolean>
+{
+ private static final ContextTracer TRACER = new ContextTracer(OM.DEBUG_PROTOCOL,
+ RequestChangeCredentialsRequest.class);
+
+ private final Operation operation;
+
+ private final String userID;
+
+ public RequestChangeCredentialsRequest(CDOClientProtocol protocol, Operation operation, String userID)
+ {
+ super(protocol, CDOProtocolConstants.SIGNAL_REQUEST_CHANGE_CREDENTIALS);
+
+ this.operation = operation;
+ this.userID = userID;
+ }
+
+ @Override
+ protected void requesting(CDODataOutput out, OMMonitor monitor) throws IOException
+ {
+ if (TRACER.isEnabled())
+ {
+ TRACER.format("Requesting %s of user credentials", operation); //$NON-NLS-1$
+ }
+
+ out.writeEnum(operation);
+ out.writeString(userID);
+ }
+
+ @Override
+ protected Boolean confirming(CDODataInput in, OMMonitor monitor) throws IOException
+ {
+ return in.readBoolean();
+ }
+
+ //
+ // Nested types
+ //
+
+ public static enum Operation
+ {
+ CHANGE_PASSWORD, RESET_PASSWORD;
+
+ @Override
+ public String toString()
+ {
+ switch (this)
+ {
+ case CHANGE_PASSWORD:
+ return "change"; //$NON-NLS-1$
+ case RESET_PASSWORD:
+ return "reset"; //$NON-NLS-1$
+ }
+
+ return super.toString();
+ }
+ }
+}
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.classpath b/plugins/org.eclipse.emf.cdo.security.ui/.classpath
new file mode 100644
index 0000000000..64c5e31b7a
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.classpath
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5"/>
+ <classpathentry kind="con" path="org.eclipse.pde.core.requiredPlugins"/>
+ <classpathentry kind="src" path="src"/>
+ <classpathentry kind="output" path="bin"/>
+</classpath>
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.project b/plugins/org.eclipse.emf.cdo.security.ui/.project
new file mode 100644
index 0000000000..262b0d85e9
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.project
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+ <name>org.eclipse.emf.cdo.security.ui</name>
+ <comment></comment>
+ <projects>
+ </projects>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>org.eclipse.pde.ManifestBuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>org.eclipse.pde.api.tools.apiAnalysisBuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>org.eclipse.emf.cdo.releng.version.VersionBuilder</name>
+ <arguments>
+ <dictionary>
+ <key>release.path</key>
+ <value>/org.eclipse.emf.cdo.releng.release/release.xml</value>
+ </dictionary>
+ </arguments>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.pde.PluginNature</nature>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ <nature>org.eclipse.pde.api.tools.apiAnalysisNature</nature>
+ <nature>org.eclipse.emf.cdo.releng.version.VersionNature</nature>
+ </natures>
+</projectDescription>
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.core.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.core.prefs
new file mode 100644
index 0000000000..303d2d75e1
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.core.prefs
@@ -0,0 +1,412 @@
+eclipse.preferences.version=1
+org.eclipse.jdt.core.builder.cleanOutputFolder=clean
+org.eclipse.jdt.core.builder.duplicateResourceTask=warning
+org.eclipse.jdt.core.builder.invalidClasspath=abort
+org.eclipse.jdt.core.builder.recreateModifiedClassFileInOutputFolder=ignore
+org.eclipse.jdt.core.builder.resourceCopyExclusionFilter=*.launch,*.ucls,doc-files/,package.html,package-info.java
+org.eclipse.jdt.core.circularClasspath=error
+org.eclipse.jdt.core.classpath.exclusionPatterns=enabled
+org.eclipse.jdt.core.classpath.multipleOutputLocations=enabled
+org.eclipse.jdt.core.codeComplete.argumentPrefixes=
+org.eclipse.jdt.core.codeComplete.argumentSuffixes=
+org.eclipse.jdt.core.codeComplete.fieldPrefixes=
+org.eclipse.jdt.core.codeComplete.fieldSuffixes=
+org.eclipse.jdt.core.codeComplete.localPrefixes=
+org.eclipse.jdt.core.codeComplete.localSuffixes=
+org.eclipse.jdt.core.codeComplete.staticFieldPrefixes=
+org.eclipse.jdt.core.codeComplete.staticFieldSuffixes=
+org.eclipse.jdt.core.codeComplete.staticFinalFieldPrefixes=
+org.eclipse.jdt.core.codeComplete.staticFinalFieldSuffixes=
+org.eclipse.jdt.core.compiler.annotation.missingNonNullByDefaultAnnotation=ignore
+org.eclipse.jdt.core.compiler.annotation.nonnull=org.eclipse.jdt.annotation.NonNull
+org.eclipse.jdt.core.compiler.annotation.nonnullbydefault=org.eclipse.jdt.annotation.NonNullByDefault
+org.eclipse.jdt.core.compiler.annotation.nullable=org.eclipse.jdt.annotation.Nullable
+org.eclipse.jdt.core.compiler.annotation.nullanalysis=disabled
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
+org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
+org.eclipse.jdt.core.compiler.compliance=1.5
+org.eclipse.jdt.core.compiler.debug.lineNumber=generate
+org.eclipse.jdt.core.compiler.debug.localVariable=generate
+org.eclipse.jdt.core.compiler.debug.sourceFile=generate
+org.eclipse.jdt.core.compiler.doc.comment.support=enabled
+org.eclipse.jdt.core.compiler.maxProblemPerUnit=100
+org.eclipse.jdt.core.compiler.problem.annotationSuperInterface=warning
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.autoboxing=ignore
+org.eclipse.jdt.core.compiler.problem.comparingIdentical=warning
+org.eclipse.jdt.core.compiler.problem.deadCode=warning
+org.eclipse.jdt.core.compiler.problem.deprecation=warning
+org.eclipse.jdt.core.compiler.problem.deprecationInDeprecatedCode=disabled
+org.eclipse.jdt.core.compiler.problem.deprecationWhenOverridingDeprecatedMethod=enabled
+org.eclipse.jdt.core.compiler.problem.discouragedReference=warning
+org.eclipse.jdt.core.compiler.problem.emptyStatement=warning
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.problem.explicitlyClosedAutoCloseable=ignore
+org.eclipse.jdt.core.compiler.problem.fallthroughCase=warning
+org.eclipse.jdt.core.compiler.problem.fatalOptionalError=disabled
+org.eclipse.jdt.core.compiler.problem.fieldHiding=ignore
+org.eclipse.jdt.core.compiler.problem.finalParameterBound=warning
+org.eclipse.jdt.core.compiler.problem.finallyBlockNotCompletingNormally=warning
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=error
+org.eclipse.jdt.core.compiler.problem.hiddenCatchBlock=warning
+org.eclipse.jdt.core.compiler.problem.includeNullInfoFromAsserts=disabled
+org.eclipse.jdt.core.compiler.problem.incompatibleNonInheritedInterfaceMethod=warning
+org.eclipse.jdt.core.compiler.problem.incompleteEnumSwitch=ignore
+org.eclipse.jdt.core.compiler.problem.indirectStaticAccess=ignore
+org.eclipse.jdt.core.compiler.problem.invalidJavadoc=warning
+org.eclipse.jdt.core.compiler.problem.invalidJavadocTags=enabled
+org.eclipse.jdt.core.compiler.problem.invalidJavadocTagsDeprecatedRef=disabled
+org.eclipse.jdt.core.compiler.problem.invalidJavadocTagsNotVisibleRef=disabled
+org.eclipse.jdt.core.compiler.problem.invalidJavadocTagsVisibility=public
+org.eclipse.jdt.core.compiler.problem.localVariableHiding=ignore
+org.eclipse.jdt.core.compiler.problem.methodWithConstructorName=warning
+org.eclipse.jdt.core.compiler.problem.missingDefaultCase=ignore
+org.eclipse.jdt.core.compiler.problem.missingDeprecatedAnnotation=warning
+org.eclipse.jdt.core.compiler.problem.missingEnumCaseDespiteDefault=disabled
+org.eclipse.jdt.core.compiler.problem.missingHashCodeMethod=warning
+org.eclipse.jdt.core.compiler.problem.missingJavadocComments=ignore
+org.eclipse.jdt.core.compiler.problem.missingJavadocCommentsOverriding=disabled
+org.eclipse.jdt.core.compiler.problem.missingJavadocCommentsVisibility=public
+org.eclipse.jdt.core.compiler.problem.missingJavadocTagDescription=return_tag
+org.eclipse.jdt.core.compiler.problem.missingJavadocTags=ignore
+org.eclipse.jdt.core.compiler.problem.missingJavadocTagsOverriding=disabled
+org.eclipse.jdt.core.compiler.problem.missingJavadocTagsVisibility=public
+org.eclipse.jdt.core.compiler.problem.missingOverrideAnnotation=warning
+org.eclipse.jdt.core.compiler.problem.missingOverrideAnnotationForInterfaceMethodImplementation=enabled
+org.eclipse.jdt.core.compiler.problem.missingSerialVersion=warning
+org.eclipse.jdt.core.compiler.problem.missingSynchronizedOnInheritedMethod=warning
+org.eclipse.jdt.core.compiler.problem.noEffectAssignment=warning
+org.eclipse.jdt.core.compiler.problem.noImplicitStringConversion=warning
+org.eclipse.jdt.core.compiler.problem.nonExternalizedStringLiteral=ignore
+org.eclipse.jdt.core.compiler.problem.nullAnnotationInferenceConflict=error
+org.eclipse.jdt.core.compiler.problem.nullReference=warning
+org.eclipse.jdt.core.compiler.problem.nullSpecViolation=error
+org.eclipse.jdt.core.compiler.problem.nullUncheckedConversion=warning
+org.eclipse.jdt.core.compiler.problem.overridingPackageDefaultMethod=warning
+org.eclipse.jdt.core.compiler.problem.parameterAssignment=ignore
+org.eclipse.jdt.core.compiler.problem.possibleAccidentalBooleanAssignment=warning
+org.eclipse.jdt.core.compiler.problem.potentialNullReference=ignore
+org.eclipse.jdt.core.compiler.problem.potentiallyUnclosedCloseable=ignore
+org.eclipse.jdt.core.compiler.problem.rawTypeReference=warning
+org.eclipse.jdt.core.compiler.problem.redundantNullAnnotation=warning
+org.eclipse.jdt.core.compiler.problem.redundantNullCheck=warning
+org.eclipse.jdt.core.compiler.problem.redundantSpecificationOfTypeArguments=ignore
+org.eclipse.jdt.core.compiler.problem.redundantSuperinterface=warning
+org.eclipse.jdt.core.compiler.problem.reportMethodCanBePotentiallyStatic=ignore
+org.eclipse.jdt.core.compiler.problem.reportMethodCanBeStatic=ignore
+org.eclipse.jdt.core.compiler.problem.specialParameterHidingField=disabled
+org.eclipse.jdt.core.compiler.problem.staticAccessReceiver=warning
+org.eclipse.jdt.core.compiler.problem.suppressOptionalErrors=disabled
+org.eclipse.jdt.core.compiler.problem.suppressWarnings=enabled
+org.eclipse.jdt.core.compiler.problem.syntheticAccessEmulation=ignore
+org.eclipse.jdt.core.compiler.problem.typeParameterHiding=warning
+org.eclipse.jdt.core.compiler.problem.unavoidableGenericTypeProblems=enabled
+org.eclipse.jdt.core.compiler.problem.uncheckedTypeOperation=warning
+org.eclipse.jdt.core.compiler.problem.unclosedCloseable=warning
+org.eclipse.jdt.core.compiler.problem.undocumentedEmptyBlock=ignore
+org.eclipse.jdt.core.compiler.problem.unhandledWarningToken=warning
+org.eclipse.jdt.core.compiler.problem.unnecessaryElse=ignore
+org.eclipse.jdt.core.compiler.problem.unnecessaryTypeCheck=ignore
+org.eclipse.jdt.core.compiler.problem.unqualifiedFieldAccess=ignore
+org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownException=ignore
+org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownExceptionExemptExceptionAndThrowable=enabled
+org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownExceptionIncludeDocCommentReference=enabled
+org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownExceptionWhenOverriding=disabled
+org.eclipse.jdt.core.compiler.problem.unusedImport=warning
+org.eclipse.jdt.core.compiler.problem.unusedLabel=warning
+org.eclipse.jdt.core.compiler.problem.unusedLocal=warning
+org.eclipse.jdt.core.compiler.problem.unusedObjectAllocation=ignore
+org.eclipse.jdt.core.compiler.problem.unusedParameter=ignore
+org.eclipse.jdt.core.compiler.problem.unusedParameterIncludeDocCommentReference=enabled
+org.eclipse.jdt.core.compiler.problem.unusedParameterWhenImplementingAbstract=disabled
+org.eclipse.jdt.core.compiler.problem.unusedParameterWhenOverridingConcrete=disabled
+org.eclipse.jdt.core.compiler.problem.unusedPrivateMember=warning
+org.eclipse.jdt.core.compiler.problem.unusedWarningToken=warning
+org.eclipse.jdt.core.compiler.problem.varargsArgumentNeedCast=warning
+org.eclipse.jdt.core.compiler.source=1.5
+org.eclipse.jdt.core.compiler.taskCaseSensitive=enabled
+org.eclipse.jdt.core.compiler.taskPriorities=NORMAL,HIGH,HIGH,LOW,LOW,LOW,LOW,LOW
+org.eclipse.jdt.core.compiler.taskTags=TODO,FIXME,XXX,PERF,MEM,POLISH,@generated NOT,@ADDED
+org.eclipse.jdt.core.formatter.align_type_members_on_columns=false
+org.eclipse.jdt.core.formatter.alignment_for_arguments_in_allocation_expression=16
+org.eclipse.jdt.core.formatter.alignment_for_arguments_in_annotation=0
+org.eclipse.jdt.core.formatter.alignment_for_arguments_in_enum_constant=16
+org.eclipse.jdt.core.formatter.alignment_for_arguments_in_explicit_constructor_call=16
+org.eclipse.jdt.core.formatter.alignment_for_arguments_in_method_invocation=16
+org.eclipse.jdt.core.formatter.alignment_for_arguments_in_qualified_allocation_expression=16
+org.eclipse.jdt.core.formatter.alignment_for_assignment=0
+org.eclipse.jdt.core.formatter.alignment_for_binary_expression=16
+org.eclipse.jdt.core.formatter.alignment_for_compact_if=16
+org.eclipse.jdt.core.formatter.alignment_for_conditional_expression=80
+org.eclipse.jdt.core.formatter.alignment_for_enum_constants=0
+org.eclipse.jdt.core.formatter.alignment_for_expressions_in_array_initializer=16
+org.eclipse.jdt.core.formatter.alignment_for_method_declaration=0
+org.eclipse.jdt.core.formatter.alignment_for_multiple_fields=16
+org.eclipse.jdt.core.formatter.alignment_for_parameters_in_constructor_declaration=16
+org.eclipse.jdt.core.formatter.alignment_for_parameters_in_method_declaration=16
+org.eclipse.jdt.core.formatter.alignment_for_resources_in_try=80
+org.eclipse.jdt.core.formatter.alignment_for_selector_in_method_invocation=16
+org.eclipse.jdt.core.formatter.alignment_for_superclass_in_type_declaration=16
+org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_enum_declaration=16
+org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_type_declaration=16
+org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_constructor_declaration=16
+org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_method_declaration=16
+org.eclipse.jdt.core.formatter.alignment_for_union_type_in_multicatch=16
+org.eclipse.jdt.core.formatter.blank_lines_after_imports=1
+org.eclipse.jdt.core.formatter.blank_lines_after_package=1
+org.eclipse.jdt.core.formatter.blank_lines_before_field=1
+org.eclipse.jdt.core.formatter.blank_lines_before_first_class_body_declaration=0
+org.eclipse.jdt.core.formatter.blank_lines_before_imports=1
+org.eclipse.jdt.core.formatter.blank_lines_before_member_type=1
+org.eclipse.jdt.core.formatter.blank_lines_before_method=1
+org.eclipse.jdt.core.formatter.blank_lines_before_new_chunk=1
+org.eclipse.jdt.core.formatter.blank_lines_before_package=0
+org.eclipse.jdt.core.formatter.blank_lines_between_import_groups=1
+org.eclipse.jdt.core.formatter.blank_lines_between_type_declarations=1
+org.eclipse.jdt.core.formatter.brace_position_for_annotation_type_declaration=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_anonymous_type_declaration=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_array_initializer=end_of_line
+org.eclipse.jdt.core.formatter.brace_position_for_block=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_block_in_case=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_constructor_declaration=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_enum_constant=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_enum_declaration=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_method_declaration=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_switch=next_line
+org.eclipse.jdt.core.formatter.brace_position_for_type_declaration=next_line
+org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_block_comment=true
+org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_javadoc_comment=true
+org.eclipse.jdt.core.formatter.comment.format_block_comments=true
+org.eclipse.jdt.core.formatter.comment.format_header=false
+org.eclipse.jdt.core.formatter.comment.format_html=true
+org.eclipse.jdt.core.formatter.comment.format_javadoc_comments=false
+org.eclipse.jdt.core.formatter.comment.format_line_comments=true
+org.eclipse.jdt.core.formatter.comment.format_source_code=true
+org.eclipse.jdt.core.formatter.comment.indent_parameter_description=true
+org.eclipse.jdt.core.formatter.comment.indent_root_tags=true
+org.eclipse.jdt.core.formatter.comment.insert_new_line_before_root_tags=insert
+org.eclipse.jdt.core.formatter.comment.insert_new_line_for_parameter=insert
+org.eclipse.jdt.core.formatter.comment.line_length=120
+org.eclipse.jdt.core.formatter.comment.new_lines_at_block_boundaries=true
+org.eclipse.jdt.core.formatter.comment.new_lines_at_javadoc_boundaries=true
+org.eclipse.jdt.core.formatter.comment.preserve_white_space_between_code_and_line_comments=false
+org.eclipse.jdt.core.formatter.compact_else_if=true
+org.eclipse.jdt.core.formatter.continuation_indentation=2
+org.eclipse.jdt.core.formatter.continuation_indentation_for_array_initializer=2
+org.eclipse.jdt.core.formatter.disabling_tag=@formatter\:off
+org.eclipse.jdt.core.formatter.enabling_tag=@formatter\:on
+org.eclipse.jdt.core.formatter.format_guardian_clause_on_one_line=false
+org.eclipse.jdt.core.formatter.format_line_comment_starting_on_first_column=true
+org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_annotation_declaration_header=true
+org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_constant_header=true
+org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_declaration_header=true
+org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_type_header=true
+org.eclipse.jdt.core.formatter.indent_breaks_compare_to_cases=true
+org.eclipse.jdt.core.formatter.indent_empty_lines=false
+org.eclipse.jdt.core.formatter.indent_statements_compare_to_block=true
+org.eclipse.jdt.core.formatter.indent_statements_compare_to_body=true
+org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_cases=true
+org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_switch=false
+org.eclipse.jdt.core.formatter.indentation.size=2
+org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_field=insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_local_variable=insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_method=insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_package=insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_parameter=do not insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_type=insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_label=do not insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_opening_brace_in_array_initializer=do not insert
+org.eclipse.jdt.core.formatter.insert_new_line_at_end_of_file_if_missing=insert
+org.eclipse.jdt.core.formatter.insert_new_line_before_catch_in_try_statement=insert
+org.eclipse.jdt.core.formatter.insert_new_line_before_closing_brace_in_array_initializer=do not insert
+org.eclipse.jdt.core.formatter.insert_new_line_before_else_in_if_statement=insert
+org.eclipse.jdt.core.formatter.insert_new_line_before_finally_in_try_statement=insert
+org.eclipse.jdt.core.formatter.insert_new_line_before_while_in_do_statement=do not insert
+org.eclipse.jdt.core.formatter.insert_new_line_in_empty_annotation_declaration=insert
+org.eclipse.jdt.core.formatter.insert_new_line_in_empty_anonymous_type_declaration=insert
+org.eclipse.jdt.core.formatter.insert_new_line_in_empty_block=insert
+org.eclipse.jdt.core.formatter.insert_new_line_in_empty_enum_constant=insert
+org.eclipse.jdt.core.formatter.insert_new_line_in_empty_enum_declaration=insert
+org.eclipse.jdt.core.formatter.insert_new_line_in_empty_method_body=insert
+org.eclipse.jdt.core.formatter.insert_new_line_in_empty_type_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_after_and_in_type_parameter=insert
+org.eclipse.jdt.core.formatter.insert_space_after_assignment_operator=insert
+org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation_type_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_binary_operator=insert
+org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_arguments=insert
+org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_parameters=insert
+org.eclipse.jdt.core.formatter.insert_space_after_closing_brace_in_block=insert
+org.eclipse.jdt.core.formatter.insert_space_after_closing_paren_in_cast=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_colon_in_assert=insert
+org.eclipse.jdt.core.formatter.insert_space_after_colon_in_case=insert
+org.eclipse.jdt.core.formatter.insert_space_after_colon_in_conditional=insert
+org.eclipse.jdt.core.formatter.insert_space_after_colon_in_for=insert
+org.eclipse.jdt.core.formatter.insert_space_after_colon_in_labeled_statement=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_allocation_expression=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_annotation=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_array_initializer=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_parameters=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_throws=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_constant_arguments=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_declarations=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_explicitconstructorcall_arguments=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_increments=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_inits=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_parameters=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_throws=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_invocation_arguments=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_field_declarations=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_local_declarations=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_parameterized_type_reference=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_superinterfaces=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_arguments=insert
+org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_parameters=insert
+org.eclipse.jdt.core.formatter.insert_space_after_ellipsis=insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_parameterized_type_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_arguments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_parameters=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_brace_in_array_initializer=insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_allocation_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_annotation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_cast=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_catch=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_constructor_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_enum_constant=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_for=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_if=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_invocation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_parenthesized_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_switch=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_synchronized=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_try=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_while=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_postfix_operator=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_prefix_operator=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_question_in_conditional=insert
+org.eclipse.jdt.core.formatter.insert_space_after_question_in_wildcard=do not insert
+org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_for=insert
+org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_try_resources=insert
+org.eclipse.jdt.core.formatter.insert_space_after_unary_operator=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_and_in_type_parameter=insert
+org.eclipse.jdt.core.formatter.insert_space_before_assignment_operator=insert
+org.eclipse.jdt.core.formatter.insert_space_before_at_in_annotation_type_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_before_binary_operator=insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_parameterized_type_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_arguments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_parameters=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_brace_in_array_initializer=insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_allocation_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_annotation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_cast=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_catch=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_constructor_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_enum_constant=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_for=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_if=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_invocation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_parenthesized_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_switch=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_synchronized=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_try=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_while=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_colon_in_assert=insert
+org.eclipse.jdt.core.formatter.insert_space_before_colon_in_case=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_colon_in_conditional=insert
+org.eclipse.jdt.core.formatter.insert_space_before_colon_in_default=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_colon_in_for=insert
+org.eclipse.jdt.core.formatter.insert_space_before_colon_in_labeled_statement=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_allocation_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_annotation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_array_initializer=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_parameters=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_throws=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_constant_arguments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_declarations=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_explicitconstructorcall_arguments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_increments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_inits=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_parameters=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_throws=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_invocation_arguments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_field_declarations=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_local_declarations=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_parameterized_type_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_superinterfaces=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_arguments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_parameters=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_ellipsis=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_parameterized_type_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_arguments=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_parameters=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_annotation_type_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_anonymous_type_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_array_initializer=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_block=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_constructor_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_constant=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_method_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_switch=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_type_declaration=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_allocation_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_type_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation_type_member_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_catch=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_constructor_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_enum_constant=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_for=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_if=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_invocation=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_parenthesized_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_switch=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_synchronized=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_try=insert
+org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_while=insert
+org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_return=insert
+org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_throw=insert
+org.eclipse.jdt.core.formatter.insert_space_before_postfix_operator=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_prefix_operator=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_question_in_conditional=insert
+org.eclipse.jdt.core.formatter.insert_space_before_question_in_wildcard=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_semicolon=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_for=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_try_resources=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_unary_operator=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_brackets_in_array_type_reference=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_empty_braces_in_array_initializer=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_empty_brackets_in_array_allocation_expression=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_annotation_type_member_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_constructor_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_enum_constant=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_declaration=do not insert
+org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_invocation=do not insert
+org.eclipse.jdt.core.formatter.join_lines_in_comments=true
+org.eclipse.jdt.core.formatter.join_wrapped_lines=true
+org.eclipse.jdt.core.formatter.keep_else_statement_on_same_line=false
+org.eclipse.jdt.core.formatter.keep_empty_array_initializer_on_one_line=false
+org.eclipse.jdt.core.formatter.keep_imple_if_on_one_line=false
+org.eclipse.jdt.core.formatter.keep_then_statement_on_same_line=false
+org.eclipse.jdt.core.formatter.lineSplit=120
+org.eclipse.jdt.core.formatter.never_indent_block_comments_on_first_column=false
+org.eclipse.jdt.core.formatter.never_indent_line_comments_on_first_column=false
+org.eclipse.jdt.core.formatter.number_of_blank_lines_at_beginning_of_method_body=0
+org.eclipse.jdt.core.formatter.number_of_empty_lines_to_preserve=1
+org.eclipse.jdt.core.formatter.put_empty_statement_on_new_line=true
+org.eclipse.jdt.core.formatter.tabulation.char=space
+org.eclipse.jdt.core.formatter.tabulation.size=2
+org.eclipse.jdt.core.formatter.use_on_off_tags=false
+org.eclipse.jdt.core.formatter.use_tabs_only_for_leading_indentations=false
+org.eclipse.jdt.core.formatter.wrap_before_binary_operator=true
+org.eclipse.jdt.core.formatter.wrap_before_or_operator_multicatch=true
+org.eclipse.jdt.core.formatter.wrap_outer_expressions_when_nested=true
+org.eclipse.jdt.core.incompatibleJDKLevel=ignore
+org.eclipse.jdt.core.incompleteClasspath=error
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.launching.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.launching.prefs
new file mode 100644
index 0000000000..556ed07a3c
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.launching.prefs
@@ -0,0 +1,3 @@
+#Fri Sep 02 05:38:34 CEST 2011
+eclipse.preferences.version=1
+org.eclipse.jdt.launching.PREF_STRICTLY_COMPATIBLE_JRE_NOT_AVAILABLE=ignore
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.ui.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.ui.prefs
new file mode 100644
index 0000000000..3fc140fcdc
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.jdt.ui.prefs
@@ -0,0 +1,119 @@
+cleanup.add_default_serial_version_id=true
+cleanup.add_generated_serial_version_id=false
+cleanup.add_missing_annotations=true
+cleanup.add_missing_deprecated_annotations=true
+cleanup.add_missing_methods=false
+cleanup.add_missing_nls_tags=false
+cleanup.add_missing_override_annotations=true
+cleanup.add_missing_override_annotations_interface_methods=true
+cleanup.add_serial_version_id=true
+cleanup.always_use_blocks=true
+cleanup.always_use_parentheses_in_expressions=false
+cleanup.always_use_this_for_non_static_field_access=false
+cleanup.always_use_this_for_non_static_method_access=false
+cleanup.convert_to_enhanced_for_loop=false
+cleanup.correct_indentation=true
+cleanup.format_source_code=true
+cleanup.format_source_code_changes_only=false
+cleanup.make_local_variable_final=true
+cleanup.make_parameters_final=false
+cleanup.make_private_fields_final=true
+cleanup.make_type_abstract_if_missing_method=false
+cleanup.make_variable_declarations_final=false
+cleanup.never_use_blocks=false
+cleanup.never_use_parentheses_in_expressions=true
+cleanup.organize_imports=true
+cleanup.qualify_static_field_accesses_with_declaring_class=false
+cleanup.qualify_static_member_accesses_through_instances_with_declaring_class=true
+cleanup.qualify_static_member_accesses_through_subtypes_with_declaring_class=true
+cleanup.qualify_static_member_accesses_with_declaring_class=false
+cleanup.qualify_static_method_accesses_with_declaring_class=false
+cleanup.remove_private_constructors=true
+cleanup.remove_trailing_whitespaces=true
+cleanup.remove_trailing_whitespaces_all=true
+cleanup.remove_trailing_whitespaces_ignore_empty=false
+cleanup.remove_unnecessary_casts=true
+cleanup.remove_unnecessary_nls_tags=true
+cleanup.remove_unused_imports=true
+cleanup.remove_unused_local_variables=false
+cleanup.remove_unused_private_fields=true
+cleanup.remove_unused_private_members=false
+cleanup.remove_unused_private_methods=true
+cleanup.remove_unused_private_types=true
+cleanup.sort_members=false
+cleanup.sort_members_all=false
+cleanup.use_blocks=true
+cleanup.use_blocks_only_for_return_and_throw=false
+cleanup.use_parentheses_in_expressions=true
+cleanup.use_this_for_non_static_field_access=true
+cleanup.use_this_for_non_static_field_access_only_if_necessary=true
+cleanup.use_this_for_non_static_method_access=true
+cleanup.use_this_for_non_static_method_access_only_if_necessary=true
+cleanup_profile=_EMFT
+cleanup_settings_version=2
+eclipse.preferences.version=1
+editor_save_participant_org.eclipse.jdt.ui.postsavelistener.cleanup=true
+formatter_profile=_EMFT
+formatter_settings_version=12
+org.eclipse.jdt.ui.exception.name=ex
+org.eclipse.jdt.ui.gettersetter.use.is=true
+org.eclipse.jdt.ui.ignorelowercasenames=true
+org.eclipse.jdt.ui.importorder=org.eclipse.emf.cdo;org.eclipse.emf.internal.cdo;org.eclipse.net4j;org.eclipse.internal.net4j;org.eclipse.emf;org.eclipse;com;org;javax;java;
+org.eclipse.jdt.ui.javadoc=true
+org.eclipse.jdt.ui.keywordthis=false
+org.eclipse.jdt.ui.ondemandthreshold=99
+org.eclipse.jdt.ui.overrideannotation=true
+org.eclipse.jdt.ui.staticondemandthreshold=99
+org.eclipse.jdt.ui.text.custom_code_templates=<?xml version\="1.0" encoding\="UTF-8" standalone\="no"?><templates><template autoinsert\="false" context\="gettercomment_context" deleted\="false" description\="Comment for getter method" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.gettercomment" name\="gettercomment"/><template autoinsert\="false" context\="settercomment_context" deleted\="false" description\="Comment for setter method" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.settercomment" name\="settercomment"/><template autoinsert\="false" context\="constructorcomment_context" deleted\="false" description\="Comment for created constructors" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.constructorcomment" name\="constructorcomment"/><template autoinsert\="false" context\="filecomment_context" deleted\="false" description\="Comment for created Java files" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.filecomment" name\="filecomment">/*\r\n * Copyright (c) 2004-2013 Eike Stepper (Berlin, Germany) and others.\r\n * All rights reserved. This program and the accompanying materials\r\n * are made available under the terms of the Eclipse Public License v1.0\r\n * which accompanies this distribution, and is available at\r\n * http\://www.eclipse.org/legal/epl-v10.html\r\n * \r\n * Contributors\:\r\n * Eike Stepper - initial API and implementation\r\n */</template><template autoinsert\="false" context\="typecomment_context" deleted\="false" description\="Comment for created types" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.typecomment" name\="typecomment">/**\r\n * @author Eike Stepper\r\n */</template><template autoinsert\="false" context\="fieldcomment_context" deleted\="false" description\="Comment for fields" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.fieldcomment" name\="fieldcomment"/><template autoinsert\="false" context\="methodcomment_context" deleted\="false" description\="Comment for non-overriding methods" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.methodcomment" name\="methodcomment"/><template autoinsert\="false" context\="overridecomment_context" deleted\="false" description\="Comment for overriding methods" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.overridecomment" name\="overridecomment"/><template autoinsert\="false" context\="delegatecomment_context" deleted\="false" description\="Comment for delegate methods" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.delegatecomment" name\="delegatecomment"/><template autoinsert\="true" context\="newtype_context" deleted\="false" description\="Newly created files" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.newtype" name\="newtype">${filecomment}\r\n${package_declaration}\r\n\r\n${typecomment}\r\n${type_declaration}</template><template autoinsert\="true" context\="classbody_context" deleted\="false" description\="Code in new class type bodies" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.classbody" name\="classbody">\r\n</template><template autoinsert\="true" context\="interfacebody_context" deleted\="false" description\="Code in new interface type bodies" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.interfacebody" name\="interfacebody">\r\n</template><template autoinsert\="true" context\="enumbody_context" deleted\="false" description\="Code in new enum type bodies" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.enumbody" name\="enumbody">\r\n</template><template autoinsert\="true" context\="annotationbody_context" deleted\="false" description\="Code in new annotation type bodies" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.annotationbody" name\="annotationbody">\r\n</template><template autoinsert\="false" context\="catchblock_context" deleted\="false" description\="Code in new catch blocks" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.catchblock" name\="catchblock">${exception_var}.printStackTrace();</template><template autoinsert\="false" context\="methodbody_context" deleted\="false" description\="Code in created method stubs" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.methodbody" name\="methodbody">${body_statement}</template><template autoinsert\="false" context\="constructorbody_context" deleted\="false" description\="Code in created constructor stubs" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.constructorbody" name\="constructorbody">${body_statement}</template><template autoinsert\="true" context\="getterbody_context" deleted\="false" description\="Code in created getters" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.getterbody" name\="getterbody">return ${field};</template><template autoinsert\="true" context\="setterbody_context" deleted\="false" description\="Code in created setters" enabled\="true" id\="org.eclipse.jdt.ui.text.codetemplates.setterbody" name\="setterbody">${field} \= ${param};</template></templates>
+sp_cleanup.add_default_serial_version_id=true
+sp_cleanup.add_generated_serial_version_id=false
+sp_cleanup.add_missing_annotations=true
+sp_cleanup.add_missing_deprecated_annotations=true
+sp_cleanup.add_missing_methods=false
+sp_cleanup.add_missing_nls_tags=false
+sp_cleanup.add_missing_override_annotations=true
+sp_cleanup.add_missing_override_annotations_interface_methods=false
+sp_cleanup.add_serial_version_id=false
+sp_cleanup.always_use_blocks=true
+sp_cleanup.always_use_parentheses_in_expressions=false
+sp_cleanup.always_use_this_for_non_static_field_access=false
+sp_cleanup.always_use_this_for_non_static_method_access=false
+sp_cleanup.convert_to_enhanced_for_loop=false
+sp_cleanup.correct_indentation=true
+sp_cleanup.format_source_code=true
+sp_cleanup.format_source_code_changes_only=false
+sp_cleanup.make_local_variable_final=false
+sp_cleanup.make_parameters_final=false
+sp_cleanup.make_private_fields_final=true
+sp_cleanup.make_type_abstract_if_missing_method=false
+sp_cleanup.make_variable_declarations_final=false
+sp_cleanup.never_use_blocks=false
+sp_cleanup.never_use_parentheses_in_expressions=true
+sp_cleanup.on_save_use_additional_actions=true
+sp_cleanup.organize_imports=true
+sp_cleanup.qualify_static_field_accesses_with_declaring_class=false
+sp_cleanup.qualify_static_member_accesses_through_instances_with_declaring_class=true
+sp_cleanup.qualify_static_member_accesses_through_subtypes_with_declaring_class=true
+sp_cleanup.qualify_static_member_accesses_with_declaring_class=false
+sp_cleanup.qualify_static_method_accesses_with_declaring_class=false
+sp_cleanup.remove_private_constructors=true
+sp_cleanup.remove_trailing_whitespaces=true
+sp_cleanup.remove_trailing_whitespaces_all=true
+sp_cleanup.remove_trailing_whitespaces_ignore_empty=false
+sp_cleanup.remove_unnecessary_casts=true
+sp_cleanup.remove_unnecessary_nls_tags=true
+sp_cleanup.remove_unused_imports=true
+sp_cleanup.remove_unused_local_variables=false
+sp_cleanup.remove_unused_private_fields=true
+sp_cleanup.remove_unused_private_members=false
+sp_cleanup.remove_unused_private_methods=true
+sp_cleanup.remove_unused_private_types=true
+sp_cleanup.sort_members=false
+sp_cleanup.sort_members_all=false
+sp_cleanup.use_blocks=true
+sp_cleanup.use_blocks_only_for_return_and_throw=false
+sp_cleanup.use_parentheses_in_expressions=true
+sp_cleanup.use_this_for_non_static_field_access=true
+sp_cleanup.use_this_for_non_static_field_access_only_if_necessary=true
+sp_cleanup.use_this_for_non_static_method_access=true
+sp_cleanup.use_this_for_non_static_method_access_only_if_necessary=true
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.ltk.core.refactoring.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.ltk.core.refactoring.prefs
new file mode 100644
index 0000000000..864e30fe5d
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.ltk.core.refactoring.prefs
@@ -0,0 +1,3 @@
+#Thu Feb 04 09:44:24 CET 2010
+eclipse.preferences.version=1
+org.eclipse.ltk.core.refactoring.enable.project.refactoring.history=false
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.tasks.ui.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.tasks.ui.prefs
new file mode 100644
index 0000000000..b050639a54
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.tasks.ui.prefs
@@ -0,0 +1,4 @@
+#Thu Feb 04 09:44:24 CET 2010
+eclipse.preferences.version=1
+project.repository.kind=bugzilla
+project.repository.url=https\://bugs.eclipse.org/bugs
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.team.ui.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.team.ui.prefs
new file mode 100644
index 0000000000..2f50f36c0c
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.mylyn.team.ui.prefs
@@ -0,0 +1,3 @@
+#Thu Feb 04 09:44:24 CET 2010
+commit.comment.template=[${task.id}] ${task.description} \r\n${task.url}
+eclipse.preferences.version=1
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.api.tools.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.api.tools.prefs
new file mode 100644
index 0000000000..0c17d59e45
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.api.tools.prefs
@@ -0,0 +1,95 @@
+#Thu Feb 04 09:44:24 CET 2010
+ANNOTATION_ELEMENT_TYPE_ADDED_METHOD_WITHOUT_DEFAULT_VALUE=Error
+ANNOTATION_ELEMENT_TYPE_CHANGED_TYPE_CONVERSION=Error
+ANNOTATION_ELEMENT_TYPE_REMOVED_FIELD=Error
+ANNOTATION_ELEMENT_TYPE_REMOVED_METHOD=Error
+ANNOTATION_ELEMENT_TYPE_REMOVED_TYPE_MEMBER=Error
+API_COMPONENT_ELEMENT_TYPE_REMOVED_API_TYPE=Error
+API_COMPONENT_ELEMENT_TYPE_REMOVED_REEXPORTED_API_TYPE=Error
+API_COMPONENT_ELEMENT_TYPE_REMOVED_REEXPORTED_TYPE=Error
+API_COMPONENT_ELEMENT_TYPE_REMOVED_TYPE=Error
+CLASS_ELEMENT_TYPE_ADDED_METHOD=Error
+CLASS_ELEMENT_TYPE_ADDED_RESTRICTIONS=Error
+CLASS_ELEMENT_TYPE_ADDED_TYPE_PARAMETER=Error
+CLASS_ELEMENT_TYPE_CHANGED_CONTRACTED_SUPERINTERFACES_SET=Error
+CLASS_ELEMENT_TYPE_CHANGED_DECREASE_ACCESS=Error
+CLASS_ELEMENT_TYPE_CHANGED_NON_ABSTRACT_TO_ABSTRACT=Error
+CLASS_ELEMENT_TYPE_CHANGED_NON_FINAL_TO_FINAL=Error
+CLASS_ELEMENT_TYPE_CHANGED_TYPE_CONVERSION=Error
+CLASS_ELEMENT_TYPE_REMOVED_CONSTRUCTOR=Error
+CLASS_ELEMENT_TYPE_REMOVED_FIELD=Error
+CLASS_ELEMENT_TYPE_REMOVED_METHOD=Error
+CLASS_ELEMENT_TYPE_REMOVED_SUPERCLASS=Error
+CLASS_ELEMENT_TYPE_REMOVED_TYPE_MEMBER=Error
+CLASS_ELEMENT_TYPE_REMOVED_TYPE_PARAMETER=Error
+CONSTRUCTOR_ELEMENT_TYPE_ADDED_TYPE_PARAMETER=Error
+CONSTRUCTOR_ELEMENT_TYPE_CHANGED_DECREASE_ACCESS=Error
+CONSTRUCTOR_ELEMENT_TYPE_CHANGED_VARARGS_TO_ARRAY=Error
+CONSTRUCTOR_ELEMENT_TYPE_REMOVED_TYPE_PARAMETER=Error
+ENUM_ELEMENT_TYPE_CHANGED_CONTRACTED_SUPERINTERFACES_SET=Error
+ENUM_ELEMENT_TYPE_CHANGED_TYPE_CONVERSION=Error
+ENUM_ELEMENT_TYPE_REMOVED_ENUM_CONSTANT=Error
+ENUM_ELEMENT_TYPE_REMOVED_FIELD=Error
+ENUM_ELEMENT_TYPE_REMOVED_METHOD=Error
+ENUM_ELEMENT_TYPE_REMOVED_TYPE_MEMBER=Error
+FIELD_ELEMENT_TYPE_ADDED_VALUE=Error
+FIELD_ELEMENT_TYPE_CHANGED_DECREASE_ACCESS=Error
+FIELD_ELEMENT_TYPE_CHANGED_FINAL_TO_NON_FINAL_STATIC_CONSTANT=Error
+FIELD_ELEMENT_TYPE_CHANGED_NON_FINAL_TO_FINAL=Error
+FIELD_ELEMENT_TYPE_CHANGED_NON_STATIC_TO_STATIC=Error
+FIELD_ELEMENT_TYPE_CHANGED_STATIC_TO_NON_STATIC=Error
+FIELD_ELEMENT_TYPE_CHANGED_TYPE=Error
+FIELD_ELEMENT_TYPE_CHANGED_VALUE=Error
+FIELD_ELEMENT_TYPE_REMOVED_TYPE_ARGUMENT=Error
+FIELD_ELEMENT_TYPE_REMOVED_VALUE=Error
+ILLEGAL_EXTEND=Warning
+ILLEGAL_IMPLEMENT=Warning
+ILLEGAL_INSTANTIATE=Warning
+ILLEGAL_OVERRIDE=Warning
+ILLEGAL_REFERENCE=Warning
+INTERFACE_ELEMENT_TYPE_ADDED_FIELD=Error
+INTERFACE_ELEMENT_TYPE_ADDED_METHOD=Error
+INTERFACE_ELEMENT_TYPE_ADDED_RESTRICTIONS=Error
+INTERFACE_ELEMENT_TYPE_ADDED_SUPER_INTERFACE_WITH_METHODS=Error
+INTERFACE_ELEMENT_TYPE_ADDED_TYPE_PARAMETER=Error
+INTERFACE_ELEMENT_TYPE_CHANGED_CONTRACTED_SUPERINTERFACES_SET=Error
+INTERFACE_ELEMENT_TYPE_CHANGED_TYPE_CONVERSION=Error
+INTERFACE_ELEMENT_TYPE_REMOVED_FIELD=Error
+INTERFACE_ELEMENT_TYPE_REMOVED_METHOD=Error
+INTERFACE_ELEMENT_TYPE_REMOVED_TYPE_MEMBER=Error
+INTERFACE_ELEMENT_TYPE_REMOVED_TYPE_PARAMETER=Error
+INVALID_JAVADOC_TAG=Ignore
+INVALID_REFERENCE_IN_SYSTEM_LIBRARIES=Error
+MISSING_EE_DESCRIPTIONS=Warning
+LEAK_EXTEND=Warning
+LEAK_FIELD_DECL=Warning
+LEAK_IMPLEMENT=Warning
+LEAK_METHOD_PARAM=Warning
+LEAK_METHOD_RETURN_TYPE=Warning
+METHOD_ELEMENT_TYPE_ADDED_RESTRICTIONS=Error
+METHOD_ELEMENT_TYPE_ADDED_TYPE_PARAMETER=Error
+METHOD_ELEMENT_TYPE_CHANGED_DECREASE_ACCESS=Error
+METHOD_ELEMENT_TYPE_CHANGED_NON_ABSTRACT_TO_ABSTRACT=Error
+METHOD_ELEMENT_TYPE_CHANGED_NON_FINAL_TO_FINAL=Error
+METHOD_ELEMENT_TYPE_CHANGED_NON_STATIC_TO_STATIC=Error
+METHOD_ELEMENT_TYPE_CHANGED_STATIC_TO_NON_STATIC=Error
+METHOD_ELEMENT_TYPE_CHANGED_VARARGS_TO_ARRAY=Error
+METHOD_ELEMENT_TYPE_REMOVED_ANNOTATION_DEFAULT_VALUE=Error
+METHOD_ELEMENT_TYPE_REMOVED_TYPE_PARAMETER=Error
+TYPE_PARAMETER_ELEMENT_TYPE_ADDED_CLASS_BOUND=Error
+TYPE_PARAMETER_ELEMENT_TYPE_ADDED_INTERFACE_BOUND=Error
+TYPE_PARAMETER_ELEMENT_TYPE_CHANGED_CLASS_BOUND=Error
+TYPE_PARAMETER_ELEMENT_TYPE_CHANGED_INTERFACE_BOUND=Error
+TYPE_PARAMETER_ELEMENT_TYPE_REMOVED_CLASS_BOUND=Error
+TYPE_PARAMETER_ELEMENT_TYPE_REMOVED_INTERFACE_BOUND=Error
+UNUSED_PROBLEM_FILTERS=Ignore
+automatically_removed_unused_problem_filters=Disabled
+eclipse.preferences.version=1
+incompatible_api_component_version=Error
+incompatible_api_component_version_include_major_without_breaking_change=Disabled
+incompatible_api_component_version_include_minor_without_api_change=Disabled
+invalid_since_tag_version=Error
+malformed_since_tag=Error
+missing_since_tag=Error
+report_api_breakage_when_major_version_incremented=Disabled
+report_resolution_errors_api_component=Warning
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.prefs b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.prefs
new file mode 100644
index 0000000000..fe01bb701d
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/.settings/org.eclipse.pde.prefs
@@ -0,0 +1,31 @@
+#Thu Feb 04 09:44:24 CET 2010
+compilers.f.unresolved-features=1
+compilers.f.unresolved-plugins=1
+compilers.incompatible-environment=1
+compilers.p.build=1
+compilers.p.build.bin.includes=1
+compilers.p.build.java.compliance=1
+compilers.p.build.missing.output=2
+compilers.p.build.output.library=1
+compilers.p.build.source.library=1
+compilers.p.build.src.includes=1
+compilers.p.deprecated=2
+compilers.p.discouraged-class=1
+compilers.p.internal=1
+compilers.p.missing-packages=1
+compilers.p.missing-version-export-package=1
+compilers.p.missing-version-import-package=1
+compilers.p.missing-version-require-bundle=1
+compilers.p.no-required-att=0
+compilers.p.not-externalized-att=2
+compilers.p.unknown-attribute=1
+compilers.p.unknown-class=1
+compilers.p.unknown-element=1
+compilers.p.unknown-identifier=1
+compilers.p.unknown-resource=1
+compilers.p.unresolved-ex-points=0
+compilers.p.unresolved-import=0
+compilers.s.create-docs=false
+compilers.s.doc-folder=doc
+compilers.s.open-tags=1
+eclipse.preferences.version=1
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/META-INF/MANIFEST.MF b/plugins/org.eclipse.emf.cdo.security.ui/META-INF/MANIFEST.MF
new file mode 100644
index 0000000000..5183f356ab
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/META-INF/MANIFEST.MF
@@ -0,0 +1,15 @@
+Manifest-Version: 1.0
+Bundle-ManifestVersion: 2
+Bundle-SymbolicName: org.eclipse.emf.cdo.security.ui;singleton:=true
+Bundle-Version: 1.0.0.qualifier
+Bundle-Localization: plugin
+Bundle-Name: %pluginName
+Bundle-Vendor: %providerName
+Bundle-ClassPath: .
+Bundle-RequiredExecutionEnvironment: J2SE-1.5
+Export-Package: org.eclipse.emf.cdo.security.internal.ui.actions;version="1.0.0";x-internal:=true
+Require-Bundle: org.eclipse.emf.cdo.security.edit;bundle-version="[4.1.0,5.0.0)",
+ org.eclipse.net4j.util.ui;bundle-version="[3.4.0,4.0.0)",
+ org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)";resolution:=optional,
+ org.eclipse.emf.cdo.ui.shared;bundle-version="[4.0.0,5.0.0)"
+Bundle-ActivationPolicy: lazy
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/about.html b/plugins/org.eclipse.emf.cdo.security.ui/about.html
new file mode 100644
index 0000000000..d35d5aed64
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/about.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
+<title>About</title>
+</head>
+<body lang="EN-US">
+<h2>About This Content</h2>
+
+<p>June 5, 2007</p>
+<h3>License</h3>
+
+<p>The Eclipse Foundation makes available all content in this plug-in (&quot;Content&quot;). Unless otherwise
+indicated below, the Content is provided to you under the terms and conditions of the
+Eclipse Public License Version 1.0 (&quot;EPL&quot;). A copy of the EPL is available
+at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>.
+For purposes of the EPL, &quot;Program&quot; will mean the Content.</p>
+
+<p>If you did not receive this Content directly from the Eclipse Foundation, the Content is
+being redistributed by another party (&quot;Redistributor&quot;) and different terms and conditions may
+apply to your use of any object code in the Content. Check the Redistributor's license that was
+provided with the Content. If no such license exists, contact the Redistributor. Unless otherwise
+indicated below, the terms and conditions of the EPL still apply to any source code in the Content
+and such source code may be obtained at <a href="http://www.eclipse.org/">http://www.eclipse.org</a>.</p>
+
+</body>
+</html>
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/build.properties b/plugins/org.eclipse.emf.cdo.security.ui/build.properties
new file mode 100644
index 0000000000..6817fd0c88
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/build.properties
@@ -0,0 +1,24 @@
+# Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+# Contributors:
+# Christian W. Damus (CEA LIST) - initial API and implementation
+
+# NLS_MESSAGEFORMAT_VAR
+
+bin.includes = .,\
+ META-INF/,\
+ plugin.xml,\
+ plugin.properties,\
+ about.html,\
+ copyright.txt
+jars.compile.order = .
+source.. = src/
+output.. = bin/
+src.includes = about.html,\
+ copyright.txt
+
+generateSourceReferences = true
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/copyright.txt b/plugins/org.eclipse.emf.cdo.security.ui/copyright.txt
new file mode 100644
index 0000000000..4109ec2dea
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/copyright.txt
@@ -0,0 +1,8 @@
+Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+All rights reserved. This program and the accompanying materials
+are made available under the terms of the Eclipse Public License v1.0
+which accompanies this distribution, and is available at
+http://www.eclipse.org/legal/epl-v10.html
+
+Contributors:
+ Christian W. Damus (CEA LIST) - initial API and implementation
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/plugin.properties b/plugins/org.eclipse.emf.cdo.security.ui/plugin.properties
new file mode 100644
index 0000000000..1fa94d8aef
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/plugin.properties
@@ -0,0 +1,14 @@
+# Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+# Contributors:
+# Christian W. Damus (CEA LIST) - initial API and implementation
+
+pluginName = CDO Model Repository Security UI
+providerName = Eclipse Modeling Project
+
+action.label = Reset Password...
+action.tooltip = Reset the user's password (must be an administrator) \ No newline at end of file
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/plugin.xml b/plugins/org.eclipse.emf.cdo.security.ui/plugin.xml
new file mode 100644
index 0000000000..b790a81016
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/plugin.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?eclipse version="3.4"?>
+<!--
+ Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ All rights reserved. This program and the accompanying materials
+ are made available under the terms of the Eclipse Public License v1.0
+ which accompanies this distribution, and is available at
+ http://www.eclipse.org/legal/epl-v10.html
+
+ Contributors:
+ Christian W. Damus (CEA LIST) - initial API and implementation
+-->
+
+<plugin>
+
+ <extension
+ point="org.eclipse.ui.popupMenus">
+ <objectContribution
+ adaptable="true"
+ id="org.eclipse.emf.cdo.security.ui.UserActions"
+ objectClass="org.eclipse.emf.cdo.security.User">
+ <action
+ class="org.eclipse.emf.cdo.security.internal.ui.actions.ResetPasswordActionDelegate"
+ id="org.eclipse.emf.cdo.security.ui.ResetPassword"
+ label="%action.label"
+ tooltip="%action.tooltip">
+ </action>
+ <enablement>
+ <test property="org.eclipse.emf.cdo.object.writable" value="true"/>
+ </enablement>
+ </objectContribution>
+ </extension>
+
+</plugin>
diff --git a/plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java b/plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java
new file mode 100644
index 0000000000..81facee5ee
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.security.ui/src/org/eclipse/emf/cdo/security/internal/ui/actions/ResetPasswordActionDelegate.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.emf.cdo.security.internal.ui.actions;
+
+import org.eclipse.emf.cdo.security.User;
+
+import org.eclipse.net4j.util.ui.actions.LongRunningActionDelegate;
+
+import org.eclipse.core.runtime.IProgressMonitor;
+import org.eclipse.jface.viewers.ISelection;
+import org.eclipse.jface.viewers.IStructuredSelection;
+
+/**
+ * Administrative password reset action on users in the security model.
+ */
+public class ResetPasswordActionDelegate extends LongRunningActionDelegate
+{
+
+ public ResetPasswordActionDelegate()
+ {
+ }
+
+ @Override
+ protected void doRun(IProgressMonitor progressMonitor) throws Exception
+ {
+ ISelection selection = getSelection();
+ if (selection instanceof IStructuredSelection)
+ {
+ Object selected = ((IStructuredSelection)selection).getFirstElement();
+
+ if (selected instanceof User)
+ {
+ User user = (User)selected;
+ user.cdoView().getSession().resetCredentials(user.getId());
+ }
+ }
+ }
+
+}
diff --git a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java
index 64cf2cf4b4..480c86e508 100644
--- a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java
+++ b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/CDOServerProtocol.java
@@ -11,6 +11,7 @@
* Simon McDuff - bug 230832
* Simon McDuff - bug 233490
* Simon McDuff - bug 213402
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.server.internal.net4j.protocol;
@@ -95,6 +96,11 @@ public class CDOServerProtocol extends SignalProtocol<InternalSession> implement
return new AuthenticationRequest(this, challenge).send(negotiationTimeout);
}
+ public Response sendChangeCredentialsChallenge(Challenge challenge, String userID, boolean isReset) throws Exception
+ {
+ return new ChangeCredentialsRequest(this, challenge, userID, isReset).send(negotiationTimeout);
+ }
+
public void sendRepositoryTypeNotification(CDOCommonRepository.Type oldType, CDOCommonRepository.Type newType)
throws Exception
{
@@ -351,6 +357,9 @@ public class CDOServerProtocol extends SignalProtocol<InternalSession> implement
case SIGNAL_LOAD_PERMISSIONS:
return new LoadPermissionsIndication(this);
+ case SIGNAL_REQUEST_CHANGE_CREDENTIALS:
+ return new RequestChangeCredentialsIndication(this);
+
default:
return super.createSignalReactor(signalID);
}
diff --git a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsRequest.java b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsRequest.java
new file mode 100644
index 0000000000..886e797a00
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/ChangeCredentialsRequest.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.emf.cdo.server.internal.net4j.protocol;
+
+import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants;
+import org.eclipse.emf.cdo.common.util.NotAuthenticatedException;
+import org.eclipse.emf.cdo.server.internal.net4j.protocol.RequestChangeCredentialsIndication.Operation;
+
+import org.eclipse.net4j.signal.RemoteException;
+import org.eclipse.net4j.signal.RequestWithMonitoring;
+import org.eclipse.net4j.util.io.ExtendedDataInputStream;
+import org.eclipse.net4j.util.io.ExtendedDataOutputStream;
+import org.eclipse.net4j.util.om.monitor.OMMonitor;
+import org.eclipse.net4j.util.security.DiffieHellman.Client.Response;
+import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge;
+
+/**
+ * Server-initiated request to change the user's password. It incorporates and extends the
+ * authentication challenge (the current credentials must be verified in the same operation).
+ *
+ * @since 4.3
+ */
+public class ChangeCredentialsRequest extends RequestWithMonitoring<Response>
+{
+ private Challenge challenge;
+
+ private Operation operation;
+
+ private String userID;
+
+ public ChangeCredentialsRequest(CDOServerProtocol protocol, Challenge challenge, String userID, boolean isReset)
+ {
+ super(protocol, CDOProtocolConstants.SIGNAL_CHANGE_CREDENTIALS);
+ this.challenge = challenge;
+ operation = isReset ? Operation.RESET_PASSWORD : Operation.CHANGE_PASSWORD;
+ this.userID = userID;
+ }
+
+ @Override
+ protected void requesting(ExtendedDataOutputStream out, OMMonitor monitor) throws Exception
+ {
+ out.writeEnum(operation);
+ out.writeString(userID);
+ challenge.write(out);
+ }
+
+ @Override
+ protected Response confirming(ExtendedDataInputStream in, OMMonitor monitor) throws Exception
+ {
+ Response result = null;
+
+ try
+ {
+ if (in.readBoolean())
+ {
+ result = new Response(in);
+ }
+ }
+ catch (RemoteException e)
+ {
+ // user may have cancelled the change-password operation
+ if (!(e.getCause() instanceof NotAuthenticatedException))
+ {
+ throw e;
+ }
+ }
+ catch (Exception e)
+ {
+ // user may have cancelled the change-password operation
+ if (!(e instanceof NotAuthenticatedException))
+ {
+ throw e;
+ }
+ }
+
+ return result;
+ }
+}
diff --git a/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/RequestChangeCredentialsIndication.java b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/RequestChangeCredentialsIndication.java
new file mode 100644
index 0000000000..819270c134
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.server.net4j/src/org/eclipse/emf/cdo/server/internal/net4j/protocol/RequestChangeCredentialsIndication.java
@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.emf.cdo.server.internal.net4j.protocol;
+
+import org.eclipse.emf.cdo.common.protocol.CDODataInput;
+import org.eclipse.emf.cdo.common.protocol.CDODataOutput;
+import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants;
+import org.eclipse.emf.cdo.common.util.NotAuthenticatedException;
+import org.eclipse.emf.cdo.server.internal.net4j.bundle.OM;
+import org.eclipse.emf.cdo.spi.server.InternalSessionManager;
+
+import org.eclipse.net4j.util.om.monitor.OMMonitor;
+import org.eclipse.net4j.util.om.monitor.OMMonitor.Async;
+import org.eclipse.net4j.util.om.trace.ContextTracer;
+
+/**
+ * Handles the request from a client to initiate the change-credentials protocol.
+ */
+public class RequestChangeCredentialsIndication extends CDOServerIndicationWithMonitoring
+{
+ private static final ContextTracer TRACER = new ContextTracer(OM.DEBUG_PROTOCOL,
+ RequestChangeCredentialsIndication.class);
+
+ private Operation operation;
+
+ private String userID;
+
+ public RequestChangeCredentialsIndication(CDOServerProtocol protocol)
+ {
+ super(protocol, CDOProtocolConstants.SIGNAL_REQUEST_CHANGE_CREDENTIALS);
+ }
+
+ @Override
+ protected void indicating(CDODataInput in, OMMonitor monitor) throws Exception
+ {
+ operation = in.readEnum(Operation.class);
+ userID = in.readString();
+
+ if (TRACER.isEnabled())
+ {
+ TRACER.format("Initiating %s of user credentials", operation); //$NON-NLS-1$
+ }
+ }
+
+ @Override
+ protected void responding(CDODataOutput out, OMMonitor monitor) throws Exception
+ {
+ monitor.begin();
+ Async async = monitor.forkAsync();
+
+ try
+ {
+ try
+ {
+ InternalSessionManager sessionManager = getRepository().getSessionManager();
+
+ switch (operation)
+ {
+ case CHANGE_PASSWORD:
+ sessionManager.changeUserCredentials(getProtocol());
+ break;
+ case RESET_PASSWORD:
+ sessionManager.resetUserCredentials(getProtocol(), userID);
+ break;
+ }
+
+ if (TRACER.isEnabled())
+ {
+ TRACER.format("Credentials %s processed.", operation); //$NON-NLS-1$
+ }
+ out.writeBoolean(true);
+ }
+ catch (NotAuthenticatedException ex)
+ {
+ // user has cancelled the authentication
+ out.writeBoolean(false);
+ return;
+ }
+ }
+ finally
+ {
+ async.stop();
+ monitor.done();
+ }
+ }
+
+ //
+ // Nested types
+ //
+
+ public static enum Operation
+ {
+ CHANGE_PASSWORD, RESET_PASSWORD;
+
+ @Override
+ public String toString()
+ {
+ switch (this)
+ {
+ case CHANGE_PASSWORD:
+ return "change"; //$NON-NLS-1$
+ case RESET_PASSWORD:
+ return "reset"; //$NON-NLS-1$
+ }
+
+ return super.toString();
+ }
+ }
+}
diff --git a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java
index fc4e8d5595..9645bb3169 100644
--- a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java
+++ b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.server.internal.security;
@@ -76,6 +77,7 @@ import org.eclipse.net4j.util.lifecycle.LifecycleEventAdapter;
import org.eclipse.net4j.util.lifecycle.LifecycleUtil;
import org.eclipse.net4j.util.om.monitor.OMMonitor;
import org.eclipse.net4j.util.security.IAuthenticator;
+import org.eclipse.net4j.util.security.IAuthenticator2;
import org.eclipse.net4j.util.security.IPasswordCredentials;
import org.eclipse.emf.common.util.EList;
@@ -793,6 +795,30 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage
}
}
+ protected final boolean isAdministrator(User user)
+ {
+ // an administrator is one that has write permission on the realm resource
+ Realm realm = getRealm();
+
+ if (realm != null)
+ {
+ // can't be an administrator if there isn't a realm
+ CDORevision revision = realm.cdoRevision();
+ CDORevisionProvider revisionProvider = realm.cdoView();
+ CDOBranchPoint securityContext = realm.cdoView();
+
+ for (Permission next : user.getAllPermissions())
+ {
+ if (next.getAccess() == Access.WRITE && next.isApplicable(revision, revisionProvider, securityContext))
+ {
+ return true;
+ }
+ }
+ }
+
+ return false;
+ }
+
@Override
protected void doActivate() throws Exception
{
@@ -856,7 +882,7 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage
/**
* @author Eike Stepper
*/
- private final class Authenticator implements IAuthenticator
+ private final class Authenticator implements IAuthenticator2
{
public void authenticate(String userID, char[] password) throws SecurityException
{
@@ -872,6 +898,25 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage
}
}
}
+
+ public void updatePassword(String userID, char[] oldPassword, char[] newPassword)
+ {
+ authenticate(userID, oldPassword);
+ setPassword(userID, new String(newPassword));
+ }
+
+ public void resetPassword(String adminID, char[] adminPassword, String userID, char[] newPassword)
+ {
+ authenticate(adminID, adminPassword);
+
+ User admin = getUser(adminID);
+ if (!isAdministrator(admin))
+ {
+ throw new SecurityException("Password reset requires administrator privilege"); //$NON-NLS-1$
+ }
+
+ setPassword(userID, new String(newPassword));
+ }
}
/**
diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java
index 4a52229b93..051b538335 100644
--- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java
+++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/ServerCDOView.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.internal.server;
@@ -517,6 +518,28 @@ public class ServerCDOView extends AbstractCDOView implements org.eclipse.emf.cd
throw new UnsupportedOperationException();
}
+ /**
+ * Server sessions may not be used to change the user's credentials: it must
+ * be done client-side by interaction with the user.
+ *
+ * @since 4.3
+ */
+ public void changeCredentials()
+ {
+ throw new UnsupportedOperationException();
+ }
+
+ /**
+ * Server sessions may not be used to reset a user's credentials: it must
+ * be done client-side by interaction with an adminstrator.
+ *
+ * @since 4.3
+ */
+ public void resetCredentials(String userID)
+ {
+ throw new UnsupportedOperationException();
+ }
+
public InternalCDORevisionManager getRevisionManager()
{
return repository.getRevisionManager();
diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java
index 11c168bc33..ace06a84e2 100644
--- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java
+++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java
@@ -9,6 +9,7 @@
* Eike Stepper - initial API and implementation
* Simon McDuff - bug 201266
* Simon McDuff - bug 202725
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.internal.server;
@@ -31,6 +32,7 @@ import org.eclipse.emf.cdo.spi.server.InternalRepository;
import org.eclipse.emf.cdo.spi.server.InternalSession;
import org.eclipse.emf.cdo.spi.server.InternalSessionManager;
+import org.eclipse.net4j.util.ObjectUtil;
import org.eclipse.net4j.util.container.Container;
import org.eclipse.net4j.util.io.ExtendedDataInputStream;
import org.eclipse.net4j.util.lifecycle.LifecycleUtil;
@@ -39,6 +41,7 @@ import org.eclipse.net4j.util.security.DiffieHellman;
import org.eclipse.net4j.util.security.DiffieHellman.Client.Response;
import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge;
import org.eclipse.net4j.util.security.IAuthenticator;
+import org.eclipse.net4j.util.security.IAuthenticator2;
import org.eclipse.net4j.util.security.IUserManager;
import org.eclipse.net4j.util.security.UserManagerAuthenticator;
@@ -436,6 +439,86 @@ public class SessionManager extends Container<ISession> implements InternalSessi
}
}
+ public void changeUserCredentials(ISessionProtocol sessionProtocol)
+ {
+ changeUserCredentials(sessionProtocol, null, false);
+ }
+
+ public void resetUserCredentials(ISessionProtocol sessionProtocol, String userID)
+ {
+ changeUserCredentials(sessionProtocol, userID, true);
+ }
+
+ protected void changeUserCredentials(ISessionProtocol sessionProtocol, String userID, boolean isReset)
+ {
+
+ if (sessionProtocol == null)
+ {
+ return;
+ }
+
+ if (authenticationServer == null || authenticator == null)
+ {
+ return;
+ }
+
+ if (!(authenticator instanceof IAuthenticator2))
+ {
+ throw new SecurityException("Current authenticator does not permit password updates"); //$NON-NLS-1$
+ }
+
+ try
+ {
+ Challenge challenge = authenticationServer.getChallenge();
+ Response response = sessionProtocol.sendChangeCredentialsChallenge(challenge, userID, isReset);
+ if (response == null)
+ {
+ throw new NotAuthenticatedException();
+ }
+
+ ByteArrayInputStream baos = new ByteArrayInputStream(authenticationServer.handleResponse(response));
+ @SuppressWarnings("resource")
+ ExtendedDataInputStream stream = new ExtendedDataInputStream(baos);
+
+ if (isReset)
+ {
+ String adminID = stream.readString();
+ char[] adminPassword = stream.readString().toCharArray();
+ if (!ObjectUtil.equals(userID, stream.readString()))
+ {
+ throw new SecurityException("Attempt to reset password of a different user than requested"); //$NON-NLS-1$
+ }
+ char[] newPassword = stream.readString().toCharArray();
+
+ // this will throw if the current credentials are not authenticated as an administrator
+ ((IAuthenticator2)authenticator).resetPassword(adminID, adminPassword, userID, newPassword);
+ }
+ else
+ {
+ userID = stream.readString(); // user can change any password that she can authenticate on the old password
+ char[] password = stream.readString().toCharArray();
+ char[] newPassword = stream.readString().toCharArray();
+
+ // this will throw if the "old password" provided by the user is not correct
+ ((IAuthenticator2)authenticator).updatePassword(userID, password, newPassword);
+ }
+ }
+ catch (SecurityException ex)
+ {
+ throw ex;
+ }
+ catch (Exception ex)
+ {
+ Throwable cause = ex.getCause();
+ if (cause instanceof SecurityException)
+ {
+ throw (SecurityException)cause;
+ }
+
+ throw new SecurityException(ex);
+ }
+ }
+
@Override
protected void doActivate() throws Exception
{
diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java
index b2e1abda80..5f99a9df65 100644
--- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java
+++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSession.java
@@ -8,6 +8,7 @@
* Contributors:
* Eike Stepper - initial API and implementation
* Andre Dietisheim - bug 256649
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.internal.server.embedded;
@@ -66,6 +67,28 @@ public class EmbeddedClientSession extends CDOSessionImpl implements CDOSession
throw new UnsupportedOperationException();
}
+ /**
+ * Changing the user's password in an embedded client session is not supported:
+ * it must be done interactively with the user in a client session.
+ *
+ * @since 4.3
+ */
+ public void changeCredentials()
+ {
+ throw new UnsupportedOperationException();
+ }
+
+ /**
+ * Resetting a user's password in an embedded client session is not supported:
+ * it must be done interactively in a client session.
+ *
+ * @since 4.3
+ */
+ public void resetCredentials(String userID)
+ {
+ throw new UnsupportedOperationException();
+ }
+
@Override
protected void doActivate() throws Exception
{
diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java
index 07e6bbb346..a2bbf9b669 100644
--- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java
+++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedClientSessionProtocol.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.internal.server.embedded;
@@ -595,6 +596,24 @@ public class EmbeddedClientSessionProtocol extends Lifecycle implements CDOSessi
return result;
}
+ /**
+ * Change of credentials may not be requested by embedded client sessions, only by
+ * interactive user client sessions.
+ */
+ public void requestChangeCredentials()
+ {
+ throw new UnsupportedOperationException();
+ }
+
+ /**
+ * Reset of credentials may not be requested by embedded client sessions, only by
+ * interactive client sessions.
+ */
+ public void requestResetCredentials(String userID)
+ {
+ throw new UnsupportedOperationException();
+ }
+
@Override
protected void doActivate() throws Exception
{
diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java
index 98425e1119..deb256a718 100644
--- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java
+++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/embedded/EmbeddedServerSessionProtocol.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.internal.server.embedded;
@@ -70,6 +71,11 @@ public class EmbeddedServerSessionProtocol extends Lifecycle implements ISession
throw new UnsupportedOperationException();
}
+ public Response sendChangeCredentialsChallenge(Challenge challenge, String userID, boolean isReset) throws Exception
+ {
+ throw new UnsupportedOperationException();
+ }
+
public void sendRepositoryTypeNotification(CDOCommonRepository.Type oldType, CDOCommonRepository.Type newType)
{
EmbeddedClientSession clientSession = clientSessionProtocol.getSession();
diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java
index d23bef2ca1..911b88c74b 100644
--- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java
+++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/ISessionProtocol.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.spi.server;
@@ -44,6 +45,11 @@ public interface ISessionProtocol extends CDOProtocol
*/
public Response sendAuthenticationChallenge(Challenge challenge) throws Exception;
+ /**
+ * @since 4.3
+ */
+ public Response sendChangeCredentialsChallenge(Challenge challenge, String userID, boolean isReset) throws Exception;
+
public void sendRepositoryTypeNotification(CDOCommonRepository.Type oldType, CDOCommonRepository.Type newType)
throws Exception;
diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java
index 0f30df3bcd..1623720a3b 100644
--- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java
+++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/spi/server/InternalSessionManager.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.spi.server;
@@ -64,6 +65,22 @@ public interface InternalSessionManager extends ISessionManager
public void setAuthenticationServer(DiffieHellman.Server authenticationServer);
/**
+ * Initiates the change-credentials protocol with the client and processes the
+ * client response to update the user's credentials.
+ *
+ * @since 4.3
+ */
+ public void changeUserCredentials(ISessionProtocol sessionProtocol);
+
+ /**
+ * Initiates the administrative reset-credentials protocol with the client and
+ * processes the client response to reset the specified {@code userID}'s credentials.
+ *
+ * @since 4.3
+ */
+ public void resetUserCredentials(ISessionProtocol sessionProtocol, String userID);
+
+ /**
* @since 4.1
*/
public IPermissionManager getPermissionManager();
diff --git a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java
new file mode 100644
index 0000000000..131aeb24fa
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/actions/ChangePasswordAction.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.emf.cdo.internal.ui.actions;
+
+import org.eclipse.emf.cdo.internal.ui.messages.Messages;
+import org.eclipse.emf.cdo.session.CDOSession;
+
+import org.eclipse.core.runtime.IProgressMonitor;
+import org.eclipse.ui.IWorkbenchPage;
+
+/**
+ * The "change password" action.
+ */
+public final class ChangePasswordAction extends SessionAction
+{
+ private static final String TITLE = Messages.getString("ChangePasswordAction_0"); //$NON-NLS-1$
+
+ private static final String TOOL_TIP = Messages.getString("ChangePasswordAction_1"); //$NON-NLS-1$
+
+ public ChangePasswordAction(IWorkbenchPage page, CDOSession session)
+ {
+ super(page, TITLE, TOOL_TIP, null, session);
+ }
+
+ @Override
+ protected void doRun(IProgressMonitor progressMonitor) throws Exception
+ {
+ getSession().changeCredentials();
+ }
+}
diff --git a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties
index 79a136db80..89e13762df 100644
--- a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties
+++ b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/internal/ui/messages/messages.properties
@@ -8,6 +8,7 @@
# Contributors:
# Victor Roldan Betancort - initial API and implementation
# Eike Stepper - maintenance
+# Christian W. Damus (CEA LIST) - 399306
# ==============================================================================
# ==============================================================================
@@ -88,6 +89,8 @@ CDOWatchListView.7=Remove all subscriptions
CDOWatchListView.8=Reset Changes
CDOWatchListView.9=Reset all change notifications from the selected subscriptions
ChangePassiveUpdateAction.1=Passive Updates
+ChangePasswordAction_0=Change Password...
+ChangePasswordAction_1=Change the connected user's password
CloseSessionAction.0=Close
CloseSessionAction.1=Close the CDO session
CloseSessionAction.2=You have uncommitted changes. Do you want to discard them?
diff --git a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java
index 7277905256..a4f439cddc 100644
--- a/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java
+++ b/plugins/org.eclipse.emf.cdo.ui/src/org/eclipse/emf/cdo/ui/CDOItemProvider.java
@@ -8,7 +8,7 @@
* Contributors:
* Eike Stepper - initial API and implementation
* Victor Roldan Betancort - maintenance
- * Christian W. Damus (CEA LIST) - 419805
+ * Christian W. Damus (CEA LIST) - 419805, 399306
*/
package org.eclipse.emf.cdo.ui;
@@ -26,6 +26,7 @@ import org.eclipse.emf.cdo.eresource.CDOResourceFolder;
import org.eclipse.emf.cdo.eresource.CDOResourceLeaf;
import org.eclipse.emf.cdo.eresource.CDOResourceNode;
import org.eclipse.emf.cdo.eresource.CDOTextResource;
+import org.eclipse.emf.cdo.internal.ui.actions.ChangePasswordAction;
import org.eclipse.emf.cdo.internal.ui.actions.CloseSessionAction;
import org.eclipse.emf.cdo.internal.ui.actions.CloseViewAction;
import org.eclipse.emf.cdo.internal.ui.actions.CommitTransactionAction;
@@ -526,6 +527,7 @@ public class CDOItemProvider extends ContainerItemProvider<IContainer<Object>>
}
manager.add(new Separator());
+ manager.add(new ChangePasswordAction(page, session));
manager.add(new CloseSessionAction(page, session));
}
diff --git a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java
index 33f6081e6c..5b420e8ce3 100644
--- a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java
+++ b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/cdo/session/CDOSession.java
@@ -10,6 +10,7 @@
* Simon McDuff - maintenance
* Victor Roldan Betancort - maintenance
* Andre Dietisheim - bug 256649
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.cdo.session;
@@ -139,6 +140,28 @@ public interface CDOSession extends CDOCommonSession, CDOUpdatable, CDOTransacti
public IPasswordCredentialsProvider getCredentialsProvider();
/**
+ * Initiates interactive changing of credentials for the user logged in in this session.
+ * This is an optional operation of the session.
+ *
+ * @since 4.3
+ *
+ * @throws UnsupportedOperationException if the session implementation does not permit changing credentials
+ */
+ public void changeCredentials();
+
+ /**
+ * Initiates interactive reset of credentials for the specified user.
+ * This is an optional operation of the session.
+ *
+ * @param userID the ID of the user for which to reset credentials
+ *
+ * @since 4.3
+ *
+ * @throws UnsupportedOperationException if the session implementation does not permit resetting user credentials
+ */
+ public void resetCredentials(String userID);
+
+ /**
* Returns the CDO {@link CDORemoteSessionManager remote session manager} that keeps track of the other remote
* sessions served by the repository of this local session.
*/
diff --git a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java
index f4354f4949..bf07366e0d 100644
--- a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java
+++ b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/internal/cdo/session/DelegatingSessionProtocol.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.internal.cdo.session;
@@ -933,6 +934,40 @@ public class DelegatingSessionProtocol extends Lifecycle implements CDOSessionPr
}
}
+ public void requestChangeCredentials()
+ {
+ int attempt = 0;
+ for (;;)
+ {
+ try
+ {
+ delegate.requestChangeCredentials();
+ return;
+ }
+ catch (Exception ex)
+ {
+ handleException(++attempt, ex);
+ }
+ }
+ }
+
+ public void requestResetCredentials(String userID)
+ {
+ int attempt = 0;
+ for (;;)
+ {
+ try
+ {
+ delegate.requestResetCredentials(userID);
+ return;
+ }
+ catch (Exception ex)
+ {
+ handleException(++attempt, ex);
+ }
+ }
+ }
+
@Override
protected void doActivate() throws Exception
{
diff --git a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java
index c655a31c50..fdc4773336 100644
--- a/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java
+++ b/plugins/org.eclipse.emf.cdo/src/org/eclipse/emf/spi/cdo/CDOSessionProtocol.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.emf.spi.cdo;
@@ -297,6 +298,30 @@ public interface CDOSessionProtocol extends CDOProtocol, PackageLoader, BranchLo
public Map<CDORevision, CDOPermission> loadPermissions(InternalCDORevision[] revisions);
/**
+ * Requests that the server initiate the change-credentials protocol.
+ * This is an optional session protocol operation.
+ *
+ * @since 4.3
+ *
+ * @throws UnsupportedOperationException if the session protocol implementation does
+ * not support requesting change of credentials
+ */
+ public void requestChangeCredentials();
+
+ /**
+ * Requests that the server initiate the reset-credentials protocol.
+ * This is an optional session protocol operation.
+ *
+ * @param userID the ID of the user whose credentials are to be reset
+ *
+ * @since 4.3
+ *
+ * @throws UnsupportedOperationException if the session protocol implementation does
+ * not support requesting reset of credentials
+ */
+ public void requestResetCredentials(String userID);
+
+ /**
* If the meaning of this type isn't clear, there really should be more of a description here...
*
* @author Eike Stepper
diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties
index ba8ca548ef..f467459428 100644
--- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties
+++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/internal/ui/messages/messages.properties
@@ -8,6 +8,7 @@
# Contributors:
# Victor Roldan Betancort - initial API and implementation
# Eike Stepper - maintenance
+# Christian W. Damus (CEA LIST) - 399306
# ==============================================================================
# ==============================================================================
@@ -22,6 +23,17 @@ CredentialsDialog_1=Enter your user ID and password.
CredentialsDialog_2=User ID:
CredentialsDialog_3=Password:
CredentialsDialog_0=Login
+CredentialsResetDialog_0=Reset Password
+CredentialsResetDialog_1=Provide your administrator login to reset the password for user "{0}".
+CredentialsUpdateDialog_0=Change Password
+CredentialsUpdateDialog_1=Authenticate and enter your new password.
+CredentialsUpdateDialog_2=New Password:
+CredentialsUpdateDialog_3=Repeat Password:
+CredentialsUpdateDialog_4=New password is required.
+CredentialsUpdateDialog_5=Repeated password does not match the new password.
+InteractiveCredentialsProvider.0=Temporary Password
+InteractiveCredentialsProvider.1=The password for user "{0}" will be set to "{1}" (without the quotes) as soon as possible.
+InteractiveCredentialsProvider.2=Copy to Clipboard
IntrospectAction_0=Introspect
MasterDetailsView_2=Refresh
MasterDetailsView_3=Refresh
diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java
index 5ca332b2f7..e69b1e8df1 100644
--- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java
+++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java
@@ -7,6 +7,7 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.net4j.util.ui.security;
@@ -67,8 +68,16 @@ public class CredentialsDialog extends BaseDialog<Viewer>
*/
public CredentialsDialog(Shell shell, String realm)
{
- super(shell, DEFAULT_SHELL_STYLE | SWT.APPLICATION_MODAL, TITLE, MESSAGE, OM.Activator.INSTANCE.getDialogSettings(), OM
- .getImageDescriptor("icons/credentials_wiz.gif"));
+ this(shell, realm, TITLE, MESSAGE);
+ }
+
+ /**
+ * @since 3.4
+ */
+ public CredentialsDialog(Shell shell, String realm, String title, String message)
+ {
+ super(shell, DEFAULT_SHELL_STYLE | SWT.APPLICATION_MODAL, title, message,
+ OM.Activator.INSTANCE.getDialogSettings(), OM.getImageDescriptor("icons/credentials_wiz.gif")); //$NON-NLS-1$
this.realm = realm;
users = loadUsers();
}
@@ -91,25 +100,41 @@ public class CredentialsDialog extends BaseDialog<Viewer>
{
super.configureShell(newShell);
+ configureShell(newShell, WIDTH, HEIGHT);
+ }
+
+ /**
+ * @since 3.4
+ */
+ protected void configureShell(Shell newShell, int width, int height)
+ {
Composite parent = newShell.getParent();
if (parent != null)
{
Rectangle bounds = parent.getBounds();
- int x = bounds.x + (bounds.width >> 1) - (WIDTH >> 1);
- int y = bounds.y + (bounds.height >> 1) - (HEIGHT >> 1);
+ int x = bounds.x + (bounds.width >> 1) - (width >> 1);
+ int y = bounds.y + (bounds.height >> 1) - (height >> 1);
- newShell.setBounds(x, y, WIDTH, HEIGHT);
+ newShell.setBounds(x, y, width, height);
}
else
{
- newShell.setSize(WIDTH, HEIGHT);
+ newShell.setSize(width, height);
}
}
@Override
protected void createUI(Composite parent)
{
+ createCredentialsArea(parent);
+ }
+
+ /**
+ * @since 3.4
+ */
+ protected Composite createCredentialsArea(Composite parent)
+ {
Composite composite = new Composite(parent, SWT.NONE);
composite.setLayoutData(UIUtil.createGridData());
composite.setLayout(new GridLayout(2, false));
@@ -138,6 +163,8 @@ public class CredentialsDialog extends BaseDialog<Viewer>
{
passwordControl.setFocus();
}
+
+ return composite;
}
@Override
@@ -154,7 +181,7 @@ public class CredentialsDialog extends BaseDialog<Viewer>
}
String password = passwordControl.getText();
- credentials = new PasswordCredentials(userID, password.toCharArray());
+ credentials = createCredentials(userID, password.toCharArray());
users.remove(userID);
users.add(0, userID);
@@ -166,6 +193,14 @@ public class CredentialsDialog extends BaseDialog<Viewer>
/**
* @since 3.4
*/
+ protected IPasswordCredentials createCredentials(String userID, char[] password)
+ {
+ return new PasswordCredentials(userID, password);
+ }
+
+ /**
+ * @since 3.4
+ */
protected List<String> loadUsers()
{
List<String> result = new ArrayList<String>();
diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java
new file mode 100644
index 0000000000..de3d5d7671
--- /dev/null
+++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsResetDialog.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.net4j.util.ui.security;
+
+import org.eclipse.net4j.util.internal.ui.messages.Messages;
+import org.eclipse.net4j.util.security.IPasswordCredentials;
+import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate;
+import org.eclipse.net4j.util.security.PasswordCredentialsUpdate;
+
+import org.eclipse.swt.widgets.Shell;
+
+import java.security.SecureRandom;
+import java.text.MessageFormat;
+
+/**
+ * @since 3.4
+ */
+public class CredentialsResetDialog extends CredentialsDialog
+{
+ private static final String TITLE = Messages.getString("CredentialsResetDialog_0"); //$NON-NLS-1$
+
+ private static final String MESSAGE = Messages.getString("CredentialsResetDialog_1"); //$NON-NLS-1$
+
+ private static final SecureRandom RANDOM = new SecureRandom();
+
+ public CredentialsResetDialog(Shell shell, String userID)
+ {
+ this(shell, null, userID);
+ }
+
+ public CredentialsResetDialog(Shell shell, String realm, String userID)
+ {
+ super(shell, realm, TITLE, MessageFormat.format(MESSAGE, userID));
+ }
+
+ @Override
+ public IPasswordCredentialsUpdate getCredentials()
+ {
+ return (IPasswordCredentialsUpdate)super.getCredentials();
+ }
+
+ @Override
+ protected IPasswordCredentials createCredentials(String userID, char[] password)
+ {
+ char[] newPassword = generatePassword();
+ return new PasswordCredentialsUpdate(userID, password, newPassword);
+ }
+
+ char[] generatePassword()
+ {
+ char[] result = new char[8];
+
+ int base = Character.valueOf('!');
+ int max = Character.valueOf('~') - base;
+
+ for (int i = 0; i < result.length; i++)
+ {
+ result[i] = (char)(base + RANDOM.nextInt(max));
+ }
+
+ return result;
+ }
+
+}
diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java
new file mode 100644
index 0000000000..c5068672a1
--- /dev/null
+++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsUpdateDialog.java
@@ -0,0 +1,139 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.net4j.util.ui.security;
+
+import org.eclipse.net4j.util.internal.ui.messages.Messages;
+import org.eclipse.net4j.util.security.IPasswordCredentials;
+import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate;
+import org.eclipse.net4j.util.security.PasswordCredentialsUpdate;
+import org.eclipse.net4j.util.ui.UIUtil;
+
+import org.eclipse.jface.dialogs.IDialogConstants;
+import org.eclipse.swt.SWT;
+import org.eclipse.swt.events.ModifyEvent;
+import org.eclipse.swt.events.ModifyListener;
+import org.eclipse.swt.widgets.Composite;
+import org.eclipse.swt.widgets.Label;
+import org.eclipse.swt.widgets.Shell;
+import org.eclipse.swt.widgets.Text;
+
+/**
+ * @since 3.4
+ */
+public class CredentialsUpdateDialog extends CredentialsDialog
+{
+ private static final String TITLE = Messages.getString("CredentialsUpdateDialog_0"); //$NON-NLS-1$
+
+ private static final String MESSAGE = Messages.getString("CredentialsUpdateDialog_1"); //$NON-NLS-1$
+
+ private static final int HEIGHT = 275;
+
+ private Text newPasswordControl;
+
+ private Text repeatNewPasswordControl;
+
+ public CredentialsUpdateDialog(Shell shell)
+ {
+ this(shell, null);
+ }
+
+ public CredentialsUpdateDialog(Shell shell, String realm)
+ {
+ super(shell, realm, TITLE, MESSAGE);
+ }
+
+ @Override
+ protected void configureShell(Shell newShell, int width, int height)
+ {
+ super.configureShell(newShell, width, HEIGHT);
+ }
+
+ @Override
+ public IPasswordCredentialsUpdate getCredentials()
+ {
+ return (IPasswordCredentialsUpdate)super.getCredentials();
+ }
+
+ @Override
+ protected IPasswordCredentials createCredentials(String userID, char[] password)
+ {
+ String newPassword = newPasswordControl.getText();
+ return new PasswordCredentialsUpdate(userID, password, newPassword.toCharArray());
+ }
+
+ @Override
+ protected Composite createCredentialsArea(Composite parent)
+ {
+ Composite result = super.createCredentialsArea(parent);
+
+ ModifyListener newPasswordListener = new ModifyListener()
+ {
+
+ public void modifyText(ModifyEvent e)
+ {
+ validateNewPassword();
+ }
+ };
+
+ new Label(result, SWT.NONE).setText(Messages.getString("CredentialsUpdateDialog_2")); //$NON-NLS-1$
+ newPasswordControl = new Text(result, SWT.BORDER | SWT.PASSWORD);
+ newPasswordControl.setLayoutData(UIUtil.createGridData(true, false));
+ newPasswordControl.addModifyListener(newPasswordListener);
+
+ new Label(result, SWT.NONE).setText(Messages.getString("CredentialsUpdateDialog_3")); //$NON-NLS-1$
+ repeatNewPasswordControl = new Text(result, SWT.BORDER | SWT.PASSWORD);
+ repeatNewPasswordControl.setLayoutData(UIUtil.createGridData(true, false));
+ repeatNewPasswordControl.addModifyListener(newPasswordListener);
+
+ return result;
+ }
+
+ @Override
+ protected void createButtonsForButtonBar(Composite parent)
+ {
+ super.createButtonsForButtonBar(parent);
+
+ getButton(IDialogConstants.OK_ID).setEnabled(false);
+ }
+
+ void validateNewPassword()
+ {
+ String newPassword = newPasswordControl.getText().trim();
+ if (newPassword.length() == 0)
+ {
+ error(Messages.getString("CredentialsUpdateDialog_4")); //$NON-NLS-1$
+ return;
+ }
+
+ String verify = repeatNewPasswordControl.getText().trim();
+ if (verify.length() == 0)
+ {
+ error(null);
+ getButton(IDialogConstants.OK_ID).setEnabled(false);
+ return;
+ }
+
+ if (!verify.equals(newPassword))
+ {
+ error(Messages.getString("CredentialsUpdateDialog_5")); //$NON-NLS-1$
+ return;
+ }
+
+ error(null);
+ }
+
+ void error(String message)
+ {
+ setErrorMessage(message);
+ getButton(IDialogConstants.OK_ID).setEnabled(message == null);
+ }
+
+}
diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java
index 9f5da6a175..97dbbb97ec 100644
--- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java
+++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java
@@ -7,22 +7,35 @@
*
* Contributors:
* Eike Stepper - initial API and implementation
+ * Christian W. Damus (CEA LIST) - 399306
*/
package org.eclipse.net4j.util.ui.security;
+import org.eclipse.net4j.util.internal.ui.messages.Messages;
import org.eclipse.net4j.util.security.IPasswordCredentials;
import org.eclipse.net4j.util.security.IPasswordCredentialsProvider2;
+import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate;
+import org.eclipse.net4j.util.security.IPasswordCredentialsUpdateProvider;
import org.eclipse.net4j.util.ui.UIUtil;
+import org.eclipse.jface.dialogs.IDialogConstants;
+import org.eclipse.jface.dialogs.MessageDialog;
+import org.eclipse.jface.window.Window;
+import org.eclipse.swt.dnd.Clipboard;
+import org.eclipse.swt.dnd.TextTransfer;
+import org.eclipse.swt.dnd.Transfer;
import org.eclipse.swt.widgets.Display;
import org.eclipse.swt.widgets.Shell;
import org.eclipse.ui.IWorkbenchWindow;
+import java.text.MessageFormat;
+
/**
* @author Eike Stepper
* @since 2.0
*/
-public class InteractiveCredentialsProvider implements IPasswordCredentialsProvider2
+public class InteractiveCredentialsProvider implements IPasswordCredentialsProvider2,
+ IPasswordCredentialsUpdateProvider
{
public InteractiveCredentialsProvider()
{
@@ -71,4 +84,100 @@ public class InteractiveCredentialsProvider implements IPasswordCredentialsProvi
return credentials[0];
}
+
+ /**
+ * @since 3.4
+ */
+ public IPasswordCredentialsUpdate getCredentialsUpdate(String userID, boolean isReset)
+ {
+ return getCredentialsUpdate(null, userID, isReset);
+ }
+
+ /**
+ * @since 3.4
+ */
+ public IPasswordCredentialsUpdate getCredentialsUpdate(final String realm, final String userID, final boolean isReset)
+ {
+ final IPasswordCredentialsUpdate[] update = { null };
+ final Display display = UIUtil.getDisplay();
+ display.syncExec(new Runnable()
+ {
+ public void run()
+ {
+ Shell shell;
+
+ try
+ {
+ IWorkbenchWindow window = UIUtil.getActiveWorkbenchWindow();
+ shell = window.getShell();
+ }
+ catch (Exception ex)
+ {
+ shell = new Shell(display);
+ }
+
+ if (!isReset)
+ {
+ CredentialsUpdateDialog dialog = new CredentialsUpdateDialog(shell, realm);
+
+ if (dialog.open() == Window.OK)
+ {
+ update[0] = dialog.getCredentials();
+ }
+ }
+ else
+ {
+ CredentialsResetDialog dialog = new CredentialsResetDialog(shell, realm, userID);
+ if (dialog.open() == Window.OK)
+ {
+ update[0] = dialog.getCredentials();
+ final String newPassword = new String(update[0].getNewPassword());
+
+ MessageDialog msg = new MessageDialog(shell,
+ Messages.getString("InteractiveCredentialsProvider.0"), null, MessageFormat.format( //$NON-NLS-1$
+ Messages.getString("InteractiveCredentialsProvider.1"), //$NON-NLS-1$
+ userID, newPassword), MessageDialog.INFORMATION, new String[] {
+ Messages.getString("InteractiveCredentialsProvider.2"), //$NON-NLS-1$
+ IDialogConstants.OK_LABEL }, 0)
+ {
+
+ @Override
+ protected void buttonPressed(int buttonId)
+ {
+ if (buttonId == 0)
+ {
+ copyToClipboard();
+
+ // don't close the dialog
+ }
+ else
+ {
+ // close the dialog in the usual way
+ super.buttonPressed(IDialogConstants.OK_ID);
+ }
+ }
+
+ private void copyToClipboard()
+ {
+ Clipboard clipboard = new Clipboard(getShell().getDisplay());
+
+ try
+ {
+ clipboard.setContents(new Object[] { newPassword }, new Transfer[] { TextTransfer.getInstance() });
+ }
+ finally
+ {
+ clipboard.dispose();
+ }
+ }
+ };
+
+ msg.open();
+ }
+ }
+ }
+ });
+
+ return update[0];
+ }
}
diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java
new file mode 100644
index 0000000000..fe8cc7031e
--- /dev/null
+++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.net4j.util.security;
+
+/**
+ * Extension interface for authenticators that can update user credentials in addition to authenticating them.
+ *
+ * @since 3.4
+ */
+public interface IAuthenticator2 extends IAuthenticator
+{
+
+ /**
+ * Updates the password <em>stored</em> for the user identified by {@code userID}. The {@code oldPassword} is authenticated
+ * {@linkplain IAuthenticator#authenticate(String, char[]) as per usual} and is replaced by the {@code newPassword} only
+ * (and atomically) on success.
+ *
+ * @param userID the ID of the user whose password is to be updated
+ * @param oldPassword the user's current password attempt to verify against the <em>stored</em> password
+ * @param newPassword the new password to replace the {@code oldPassword}
+ *
+ * @throws SecurityException on any failure to authenticate the {@code oldPassword} or validate and/or set the {@code newPassword}
+ */
+ void updatePassword(String userID, char[] oldPassword, char[] newPassword);
+
+ /**
+ * Performs an administrative resets of the password <em>stored</em> for the user identified by {@code userID}.
+ * The {@code adminID} and {@code adminPassword} must {@linkplain IAuthenticator#authenticate(String, char[]) authenticate}
+ * to permit the {@code userID}'s password to be set to the {@code newPassword}.
+ *
+ * @param adminID the ID of the administrator requesting the reset
+ * @param adminPassword the administrator's password
+ * @param userID the ID of the user whose password is to be reset
+ * @param newPassword the new password to replace the user's old password
+ *
+ * @throws SecurityException on any failure to authenticate the {@code oldPassword} or validate and/or set the {@code newPassword}
+ */
+ void resetPassword(String adminID, char[] adminPassword, String userID, char[] newPassword);
+}
diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java
new file mode 100644
index 0000000000..8e8fd5d105
--- /dev/null
+++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdate.java
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.net4j.util.security;
+
+/**
+ * Password credentials with an update (new password) in addition to the usual
+ * user ID and password for authentication of the password change.
+ *
+ * @since 3.4
+ */
+public interface IPasswordCredentialsUpdate extends IPasswordCredentials
+{
+ /**
+ * Queries the new password to be set for the {@linkplain IUserAware#getUserID() user}.
+ * It is the responsibility of the provider of an update to verify that this is actually
+ * the new password intended by the user.
+ */
+ public char[] getNewPassword();
+}
diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java
new file mode 100644
index 0000000000..bcb77d6109
--- /dev/null
+++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsUpdateProvider.java
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.net4j.util.security;
+
+/**
+ * Interface for providers of password credentials updates.
+ *
+ * @since 3.4
+ */
+public interface IPasswordCredentialsUpdateProvider
+{
+ public IPasswordCredentialsUpdate getCredentialsUpdate(String userID, boolean isReset);
+
+ public IPasswordCredentialsUpdate getCredentialsUpdate(String realm, String userID, boolean isReset);
+}
diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java
new file mode 100644
index 0000000000..8c1f468855
--- /dev/null
+++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/PasswordCredentialsUpdate.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Christian W. Damus (CEA LIST) - initial API and implementation
+ */
+package org.eclipse.net4j.util.security;
+
+/**
+ * Default implementation of the {@link IPasswordCredentialsUpdate} interface.
+ *
+ * @since 3.4
+ */
+public class PasswordCredentialsUpdate extends PasswordCredentials implements IPasswordCredentialsUpdate
+{
+
+ private char[] newPassword;
+
+ public PasswordCredentialsUpdate(String userID, char[] oldPassword, char[] newPassword)
+ {
+ super(userID, oldPassword);
+ this.newPassword = newPassword;
+ }
+
+ public PasswordCredentialsUpdate(String userID, String password, String newPassword)
+ {
+ this(userID, password.toCharArray(), newPassword.toCharArray());
+ }
+
+ public PasswordCredentialsUpdate(String userID)
+ {
+ super(userID);
+ }
+
+ public char[] getNewPassword()
+ {
+ return newPassword;
+ }
+
+ public void setNewPassword(char[] newPassword)
+ {
+ this.newPassword = newPassword;
+ }
+}

Back to the top