ResetPasswordHandler (JCMS API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.jalios.jcms.handler
Class ResetPasswordHandler

java.lang.Object
  com.jalios.jcms.context.JcmsContext
      com.jalios.jcms.context.JcmsJspContext
          com.jalios.jcms.handler.JcmsFormHandler
              com.jalios.jcms.handler.ResetPasswordHandler

All Implemented Interfaces:: JcmsConstants, JaliosConstants

public class ResetPasswordHandler
extends JcmsFormHandler
extends JcmsFormHandler

Handle lost password request from end user.

Also provides API to obtain valid password reset link for user : getPasswordResetUrl(HttpServletRequest, Member)

Since:: jcms-7.1

Field Summary

Fields inherited from class com.jalios.jcms.handler.JcmsFormHandler
`contextMap, editFieldSet, noRedirect, noSendRedirect, popupEdition, redirect, redirectOnClosePopup, REVISION, workspaceForced`

Fields inherited from class com.jalios.jcms.context.JcmsJspContext
`AJAX_REQUEST_ATTRIBUTES, BODY_HEADER, CSS_HEADER, cssboMap, cssfoMap, CUSTOM_HEADER, editIcon, HTTPEQUIV_HEADER, httpequivMap, HTTPNAME_HEADER, httpnameMap, initEditIcon, JAVASCRIPT_CODE_SET_ATTRIBUTE, JAVASCRIPT_SET_ATTRIBUTE, jsboSet, jsfoSet, out, pageContext, SHOW_EDIT_ICON, STYLE_HEADER`

Fields inherited from class com.jalios.jcms.context.JcmsContext
`browser, caddy, channel, inFO, initDone, initWorkspace, isAdmin, isAjaxRequest, isDBMember, isDebug, isLogged, loggedMember, request, response, userCountry, userLang, userLocale, workspace`

Fields inherited from interface com.jalios.jcms.JcmsConstants
ADATE_SEARCH, ADMIN_NOTES_PROP, ADVANCED_TAB, ARCHIVES_DIR, ASCII_WIDTH, CATEGORY_TAB, CDATE_SEARCH, COMMON_ALARM, CONTENT_TAB, COOKIE_MAX_AGE, CTRL_TOPIC_INTERNAL, CTRL_TOPIC_REF, CTRL_TOPIC_VALUE, CTRL_TOPIC_WRITE, CUSTOM_PROP, DOCCHOOSER_HEIGHT, DOCCHOOSER_WIDTH, DOCS_DIR, EDATE_SEARCH, EMAIL_REGEXP, ERROR_MSG, FORBIDDEN_FILE_ACCESS, FORBIDDEN_REDIRECT, FORCE_REDIRECT, ICON_ARCHIVE, ICON_LOCK, ICON_LOCK_STRONG, ICON_WARN, ICON_WH_BOOK_CLOSED, ICON_WH_BOOK_OPEN, INFORMATION_MSG, JALIOS_JUNIT_PROP, JCMS_CADDY, JCMS_MSG_LIST, JSYNC_DOWNLOAD_DIR, JSYNC_SYNC_ALARM, LOG_FILE, LOG_TOPIC_SECURITY, LOGGER_PROP, LOGGER_XMLPROP, MBR_PHOTO_DIR, MDATE_SEARCH, MONITOR_XML, OP_CREATE, OP_DEEP_COPY, OP_DEEP_DELETE, OP_DELETE, OP_MERGE, OP_UPDATE, PDATE_SEARCH, PHOTO_DIR, PHOTO_ICON, PHOTO_ICON_HEIGHT, PHOTO_ICON_WIDTH, PHOTO_LARGE, PHOTO_LARGE_HEIGHT, PHOTO_LARGE_WIDTH, PHOTO_NORMAL, PHOTO_NORMAL_HEIGHT, PHOTO_NORMAL_WIDTH, PHOTO_SMALL, PHOTO_SMALL_HEIGHT, PHOTO_SMALL_WIDTH, PHOTO_TINY, PHOTO_TINY_HEIGHT, PHOTO_TINY_WIDTH, PREVIOUS_TAB, PRINT_VIEW, PRIVATE_FILE_ACCESS, PUBLIC_FILE_ACCESS, READ_RIGHT_TAB, SDATE_SEARCH, SEARCHENGINE_ALARM, SESSION_AUTHORIZED_FILENAMES_SET, STATS_REPORT_DIR, STATUS_PROP, STORE_XML, TEMPLATE_TAB, THUMBNAIL_LARGE_HEIGHT, THUMBNAIL_LARGE_WIDTH, THUMBNAIL_SMALL_HEIGHT, THUMBNAIL_SMALL_WIDTH, UDATE_SEARCH, UPDATE_RIGHT_TAB, UPLOAD_DIR, URL_REGEXP, WARNING_MSG, WEBAPP_PROP, WFEXPRESS_ALARM, WFREMINDER_ALARM, WORKFLOW_TAB, WORKFLOW_XML

Fields inherited from interface com.jalios.jcms.JcmsConstants

ADATE_SEARCH, ADMIN_NOTES_PROP, ADVANCED_TAB, ARCHIVES_DIR, ASCII_WIDTH, CATEGORY_TAB, CDATE_SEARCH, COMMON_ALARM, CONTENT_TAB, COOKIE_MAX_AGE, CTRL_TOPIC_INTERNAL, CTRL_TOPIC_REF, CTRL_TOPIC_VALUE, CTRL_TOPIC_WRITE, CUSTOM_PROP, DOCCHOOSER_HEIGHT, DOCCHOOSER_WIDTH, DOCS_DIR, EDATE_SEARCH, EMAIL_REGEXP, ERROR_MSG, FORBIDDEN_FILE_ACCESS, FORBIDDEN_REDIRECT, FORCE_REDIRECT, ICON_ARCHIVE, ICON_LOCK, ICON_LOCK_STRONG, ICON_WARN, ICON_WH_BOOK_CLOSED, ICON_WH_BOOK_OPEN, INFORMATION_MSG, JALIOS_JUNIT_PROP, JCMS_CADDY, JCMS_MSG_LIST, JSYNC_DOWNLOAD_DIR, JSYNC_SYNC_ALARM, LOG_FILE, LOG_TOPIC_SECURITY, LOGGER_PROP, LOGGER_XMLPROP, MBR_PHOTO_DIR, MDATE_SEARCH, MONITOR_XML, OP_CREATE, OP_DEEP_COPY, OP_DEEP_DELETE, OP_DELETE, OP_MERGE, OP_UPDATE, PDATE_SEARCH, PHOTO_DIR, PHOTO_ICON, PHOTO_ICON_HEIGHT, PHOTO_ICON_WIDTH, PHOTO_LARGE, PHOTO_LARGE_HEIGHT, PHOTO_LARGE_WIDTH, PHOTO_NORMAL, PHOTO_NORMAL_HEIGHT, PHOTO_NORMAL_WIDTH, PHOTO_SMALL, PHOTO_SMALL_HEIGHT, PHOTO_SMALL_WIDTH, PHOTO_TINY, PHOTO_TINY_HEIGHT, PHOTO_TINY_WIDTH, PREVIOUS_TAB, PRINT_VIEW, PRIVATE_FILE_ACCESS, PUBLIC_FILE_ACCESS, READ_RIGHT_TAB, SDATE_SEARCH, SEARCHENGINE_ALARM, SESSION_AUTHORIZED_FILENAMES_SET, STATS_REPORT_DIR, STATUS_PROP, STORE_XML, TEMPLATE_TAB, THUMBNAIL_LARGE_HEIGHT, THUMBNAIL_LARGE_WIDTH, THUMBNAIL_SMALL_HEIGHT, THUMBNAIL_SMALL_WIDTH, UDATE_SEARCH, UPDATE_RIGHT_TAB, UPLOAD_DIR, URL_REGEXP, WARNING_MSG, WEBAPP_PROP, WFEXPRESS_ALARM, WFREMINDER_ALARM, WORKFLOW_TAB, WORKFLOW_XML

Fields inherited from interface com.jalios.util.JaliosConstants
`CRLF, MILLIS_IN_ONE_DAY, MILLIS_IN_ONE_HOUR, MILLIS_IN_ONE_MINUTE, MILLIS_IN_ONE_MONTH, MILLIS_IN_ONE_SECOND, MILLIS_IN_ONE_WEEK, MILLIS_IN_ONE_YEAR`

Constructor Summary
`ResetPasswordHandler()`

Method Summary
`static String`	`generatePasswordResetToken(Member member)` Compute and generate a password reset token suitable for a password reset modification
`String`	`getEmail()` The email as entered by the user.
`Member`	`getMember()` Retrieve the member for which a password reset is performed.
`static Member`	`getMemberFromPasswordResetToken(String token)` Validate a password reset token and retrieve the corresponding member.
`String`	`getPasswordResetToken()` Retrieve the internal security token usd to validate the password reset.
`static String`	`getPasswordResetUrl(javax.servlet.http.HttpServletRequest request, Member mbr)` Retrieve an absolute URL suitable for the specified member to change his password.
`boolean`	`isResetFormDisplayed()` Check if the "reset password" form should be displayed.
`boolean`	`isResetRequestFormDisplayed()` Check if the "request reset password" form should be displayed.
`boolean`	`performRequestReset()` Perform the password reset request for the specified email
`boolean`	`performReset()` Perform the password reset request for the specified email
`boolean`	`processAction()` Method to be implemented to check/validate action to be performed and process them.
`void`	`setEmail(String email)` The the email for which a password reset request will be sent
`void`	`setOpRequestReset(String value)` Set this parameter to trigger a password request reset.
`void`	`setOpReset(String value)` Set this parameter to trigger a password reset.
`void`	`setPassword1(String password)` Set the new password to use
`void`	`setPassword2(String password)` Set the new password confirmation
`void`	`setPasswordResetToken(String token)` Set the internal security token validating the password reset.
`boolean`	`validateRequestReset()` Check all information required for a password reset request have been provided
`boolean`	`validateReset()` Check all information required for a password reset have been provided

Methods inherited from class com.jalios.jcms.handler.JcmsFormHandler
afterValidation, checkMissingField, getControllerContext, getEditFieldSet, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenFieldML, getMainLangValue, getMainLangValueArray, getMLMap, getMLMapArray, getRedirect, getRedirectOnClosePopup, getWorkspace, init, isFieldEdition, isFieldMissing, isPartialFieldEdition, isPopupEdition, isWorkspaceForced, processStatus, sendRedirect, sendRedirect, setEditField, setNoRedirect, setNoSendRedirect, setPopupEdition, setRedirect, setRedirectOnClosePopup, setWorkspace, setWs, updateUploadedField, updateUploadedFields, validate

Methods inherited from class com.jalios.jcms.handler.JcmsFormHandler

afterValidation, checkMissingField, getControllerContext, getEditFieldSet, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenField, getHiddenFieldML, getMainLangValue, getMainLangValueArray, getMLMap, getMLMapArray, getRedirect, getRedirectOnClosePopup, getWorkspace, init, isFieldEdition, isFieldMissing, isPartialFieldEdition, isPopupEdition, isWorkspaceForced, processStatus, sendRedirect, sendRedirect, setEditField, setNoRedirect, setNoSendRedirect, setPopupEdition, setRedirect, setRedirectOnClosePopup, setWorkspace, setWs, updateUploadedField, updateUploadedFields, validate

Methods inherited from class com.jalios.jcms.context.JcmsJspContext
addBodyAttributes, addCSSHeader, addCSSHeader, addCSSHeader, addCSSHeader, addCustomHeader, addHttpEquivHeader, addHttpNameHeader, addJavaScript, addJavaScript, addJavaScript, addJavaScriptCode, addStyleHeader, addStyleHeader, checkAccess, checkAccess, checkCSRF, debugDisplayContext, forceEditIcon, forceUpdate, getAjaxRequestAttribute, getAjaxRequestId, getAllHeadersDiffMap, getAllHeadersMap, getBackOfficeCSSHeader, getBackOfficeJavaScriptSet, getBodyAttributes, getContentForm, getCSSHeaders, getCtxCategories, getCurrentCategory, getCustomHeaders, getDocType, getFinalCSSMap, getFinalJavaScriptSet, getFormElementCount, getFrontOfficeCSSHeader, getFrontOfficeJavaScriptSet, getHttpEquivHeaders, getHttpNameHeaders, getJavaScriptCodeSet, getJavaScriptSet, getJSONBridge, getPackVersion, getPageContext, getPageTitle, getPageZone, getPortal, getPortalCategory, getPortlet, getPublication, getStyleHeaders, getTemplateUsage, internalSetupEmptyHeader, isEditIcon, isPrintView, registerDisplayContext, removeAjaxRequestAttribute, setAjaxRequestAttribute, setAjaxRequestId, setAllHeadersDiffMap, setDocType, setEditIcon, setFormElementCount, setPageContext, setPageTitle, setPageZone, setShowEditIcon, setTemplateUsage, showEditIcon, workaroundBrowserBaseHrefBug

Methods inherited from class com.jalios.jcms.context.JcmsJspContext

addBodyAttributes, addCSSHeader, addCSSHeader, addCSSHeader, addCSSHeader, addCustomHeader, addHttpEquivHeader, addHttpNameHeader, addJavaScript, addJavaScript, addJavaScript, addJavaScriptCode, addStyleHeader, addStyleHeader, checkAccess, checkAccess, checkCSRF, debugDisplayContext, forceEditIcon, forceUpdate, getAjaxRequestAttribute, getAjaxRequestId, getAllHeadersDiffMap, getAllHeadersMap, getBackOfficeCSSHeader, getBackOfficeJavaScriptSet, getBodyAttributes, getContentForm, getCSSHeaders, getCtxCategories, getCurrentCategory, getCustomHeaders, getDocType, getFinalCSSMap, getFinalJavaScriptSet, getFormElementCount, getFrontOfficeCSSHeader, getFrontOfficeJavaScriptSet, getHttpEquivHeaders, getHttpNameHeaders, getJavaScriptCodeSet, getJavaScriptSet, getJSONBridge, getPackVersion, getPageContext, getPageTitle, getPageZone, getPortal, getPortalCategory, getPortlet, getPublication, getStyleHeaders, getTemplateUsage, internalSetupEmptyHeader, isEditIcon, isPrintView, registerDisplayContext, removeAjaxRequestAttribute, setAjaxRequestAttribute, setAjaxRequestId, setAllHeadersDiffMap, setDocType, setEditIcon, setFormElementCount, setPageContext, setPageTitle, setPageZone, setShowEditIcon, setTemplateUsage, showEditIcon, workaroundBrowserBaseHrefBug

Methods inherited from class com.jalios.jcms.context.JcmsContext
addCookie, addMsg, addMsg, addMsgSession, addMsgSession, applySelector, forceWorkspaceUpdate, getBaseUrl, getBrowser, getCaddy, getContextPath, getErrorMsg, getErrorMsgList, getErrorMsgSession, getErrorMsgSessionList, getInfoMsg, getInfoMsgList, getInfoMsgSession, getInfoMsgSessionList, getLoggedMember, getMsgList, getMsgSessionList, getRequest, getResponse, getSession, getUploadedFile, getUploadedFileList, getUrlWithCommonUpdatedParams, getUserCountry, getUserLang, getUserLocale, getWarningMsg, getWarningMsgList, getWarningMsgSession, getWarningMsgSessionList, glp, isAdmin, isAjaxRequest, isDBMember, isDebug, isInFrontOffice, isLogged, isWebdavAccess, removeMessage, removeMessage, retrieveUploadedFile, select, sendForbidden, sendForbidden, sendRedirect, sendRedirect, sendRedirect, setErrorMsg, setErrorMsg, setErrorMsgSession, setErrorMsgSession, setInfoMsg, setInfoMsg, setInfoMsgSession, setInfoMsgSession, setLoggedMember, setRequest, setResponse, setWarningMsg, setWarningMsg, setWarningMsgSession, setWarningMsgSession, validateRegexp, validateSchedule

Methods inherited from class com.jalios.jcms.context.JcmsContext

addCookie, addMsg, addMsg, addMsgSession, addMsgSession, applySelector, forceWorkspaceUpdate, getBaseUrl, getBrowser, getCaddy, getContextPath, getErrorMsg, getErrorMsgList, getErrorMsgSession, getErrorMsgSessionList, getInfoMsg, getInfoMsgList, getInfoMsgSession, getInfoMsgSessionList, getLoggedMember, getMsgList, getMsgSessionList, getRequest, getResponse, getSession, getUploadedFile, getUploadedFileList, getUrlWithCommonUpdatedParams, getUserCountry, getUserLang, getUserLocale, getWarningMsg, getWarningMsgList, getWarningMsgSession, getWarningMsgSessionList, glp, isAdmin, isAjaxRequest, isDBMember, isDebug, isInFrontOffice, isLogged, isWebdavAccess, removeMessage, removeMessage, retrieveUploadedFile, select, sendForbidden, sendForbidden, sendRedirect, sendRedirect, sendRedirect, setErrorMsg, setErrorMsg, setErrorMsgSession, setErrorMsgSession, setInfoMsg, setInfoMsg, setInfoMsgSession, setInfoMsgSession, setLoggedMember, setRequest, setResponse, setWarningMsg, setWarningMsg, setWarningMsgSession, setWarningMsgSession, validateRegexp, validateSchedule

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

ResetPasswordHandler

public ResetPasswordHandler()

Method Detail

processAction

public boolean processAction()
                      throws IOException

Description copied from class: JcmsFormHandler

Method to be implemented to check/validate action to be performed and process them.

Default implementation is to return false. No need to call super method.

This method may NOT be invoked at all if security validation are not met.
You must ensure your handler and JSP can work properly without any code invoked in this method.

Overrides:: processAction in class JcmsFormHandler

Returns:: false if no redirection is needed, true otherwise
Throws:: IOException

validateRequestReset

public boolean validateRequestReset()

Check all information required for a password reset request have been provided

Returns:: true if password reset request operation can be performed, false otherwise

performRequestReset

public boolean performRequestReset()
                            throws IOException

Perform the password reset request for the specified email

Returns:: true if a redirect is needed, false otherwise
Throws:: IOException - on redirect error

getPasswordResetUrl

public static String getPasswordResetUrl(javax.servlet.http.HttpServletRequest request,
                                         Member mbr)

Retrieve an absolute URL suitable for the specified member to change his password.

The specified member MUST be a member authorized to update his password, that is :

It must be enabled
It must not be an LDAP account
It must not be a Contact
It must not have en empty password
It must be persisted

Parameters:: request - optionnal current request to retrieve base url (site's base url is used if null); mbr - required member
Returns:: an absolute URL
Throws:: IllegalArgumentException - if member does not match any of the expected constraints

validateReset

public boolean validateReset()

Check all information required for a password reset have been provided

Returns:: true if password reset operation can be performed, false otherwise

performReset

public boolean performReset()
                     throws IOException

Perform the password reset request for the specified email

Returns:: true if a redirect is needed, false otherwise
Throws:: IOException - on redirect error

generatePasswordResetToken

public static String generatePasswordResetToken(Member member)

Compute and generate a password reset token suitable for a password reset modification

Parameters:: member - the member for which token is generated, must not be null
Returns:: a digest suitable for use as parameter passwordResetToken
Throws:: IllegalArgumentException - if member is disabled, or does not have any password, or is not persisted

getMemberFromPasswordResetToken

public static Member getMemberFromPasswordResetToken(String token)

Validate a password reset token and retrieve the corresponding member.

Parameters:: token - the password reset token value as computed by generatePasswordResetToken(Member)
Returns:: the Member for which password token can be used, null if token is invalid or expired

setOpRequestReset

public void setOpRequestReset(String value)

Set this parameter to trigger a password request reset.

Fields which must be specified : email.

Parameters:: value - any value

setOpReset

public void setOpReset(String value)

Set this parameter to trigger a password reset.

Fields which must be specified : mbrId, password1, password2, passwordResetToken.

Parameters:: value - any value

isResetRequestFormDisplayed

public boolean isResetRequestFormDisplayed()

Check if the "request reset password" form should be displayed.

Returns:: true if the "request reset" form must be displayed, false otherwise

isResetFormDisplayed

public boolean isResetFormDisplayed()

Check if the "reset password" form should be displayed.

Returns:: true if the "reset" form must be displayed, false otherwise

setEmail

public void setEmail(String email)

The the email for which a password reset request will be sent

Parameters:: email - a valid email

getEmail

public String getEmail()

The email as entered by the user.

Returns:: the same value retrieved by the handler.

getMember

public Member getMember()

Retrieve the member for which a password reset is performed.

Returns:: a Member, or null if no member was specified

setPassword1

public void setPassword1(String password)

Set the new password to use

Parameters:: password - the clear text password to use for the member

setPassword2

public void setPassword2(String password)

Set the new password confirmation

Parameters:: password - the clear text password, which must match password1

setPasswordResetToken

public void setPasswordResetToken(String token)

Set the internal security token validating the password reset.

This parameter has several purpose : - storing the token in handler for access in form - reading member for which operation is performed - trigger the "reset" form and hide the "request reset" form.

Parameters:: token - a security token internally build by this handler and specified in the validation email

getPasswordResetToken

public String getPasswordResetToken()

Retrieve the internal security token usd to validate the password reset.

Returns:: a security token as sent in the validation email