[Building Sakai] Using the PasswordService from within the user tool
Mike Jennings
mike_jennings at unc.edu
Sun Sep 23 15:53:47 PDT 2012
I have uploaded my patches to the
https://jira.sakaiproject.org/browse/SAK-16499 call ticket.....
I hope that helps people out... I am going to go ahead and assign the
ticket to me.... don't know what that actually means, but it is my code
and I will take ownership of it :D
Mike
==============================================================================
Mike Jennings
Teaching and Learning Developer
University of North Carolina at Chapel Hill
Office: (919) 843-5013
Cell: (919) 698-3746
E-mail: mike_jennings at unc.edu
On 9/22/2012 2:18 AM, Steve Swinsburg wrote:
> If PasswordService doesn't have a public API (i.e. an interface), then
> you cannot access it externally since the impl's live in a special area
> of Tomcat and need to be handled specially.
>
> Your best bet would be to spend time on a way to lock/unlock a user
> account - Mike at UNC has already done this so that would be the best
> way forward. Duplicating code and moving data around in the database
> sounds yucky.
>
> Mike, there is a Jira already for this here:
> https://jira.sakaiproject.org/browse/SAK-16499 - Just reopen it and send
> your code that way.
>
> cheers,
> Steve
>
> On 22/09/2012, at 2:22 PM, Brian Baillargeon <bbailla2 at uwo.ca
> <mailto:bbailla2 at uwo.ca>> wrote:
>
>> Passwords must never be stored unencrypted.
>>
>> Here's what I was thinking - if you add this dependency to a project:
>>>
>>> <dependency>
>>> <groupId>org.sakaiproject.kernel</groupId>
>>> <artifactId>sakai-kernel-impl</artifactId>
>>> <version>${sakai.kernel.version}</version>
>>> </dependency>
>> you should be able to see the class definition for PasswordService
>> inside the sakai-kernel-impl jar in your local maven repository. So I
>> don't see what's preventing java from finding PasswordService's class
>> definition at runtime. I saw that it doesn't appear to be a bean like
>> any other service, so I was trying to call the inherited Object
>> constructor followed by encrypt(). I'm at home (and away from my dev
>> environment), so I can't verify whether this works in any other
>> project, but my conjecture is that java can't find PasswordService due
>> to some kind of naming issue since we're working under the
>> org.sakaiproject.user package, and PasswordService is also under that
>> package.
>>
>> I see three options
>> - Get PasswordService to work in the user tool and proceed with my
>> original plan
>> - Clone PasswordService into this project. This means if the
>> encryption strategy changes in a future kernel-impl upgrade, a
>> conflict will exist.
>> - Create the account (with a UserEdit) and copy the resulting row from
>> SAKAI_USER into my table, delete the account, wait until the user
>> validates their email address to move them back to SAKAI_USER.
>>
>> Any ideas on how to get PasswordService working?
>>
>> On 09/21/12, *Matthew Jones * <matthew at longsight.com
>> <mailto:matthew at longsight.com>> wrote:
>>> Because the PasswordService doesn't have an api in shared (and it
>>> isn't itself) in shared, I'm not sure you could do that. You probably
>>> could set their password as an random bit of strings though, it
>>> doesn't have to go through this service if you don't care if it
>>> *works* or not, just that it locks them out?
>>>
>>> You could probably even just store it in the password field as
>>> "*"+their password, then just remove the first character to unlock.
>>> That's what the old unix lockout used to be right?
>>>
>>> On Fri, Sep 21, 2012 at 5:22 PM, Brian Baillargeon <bbailla2 at uwo.ca
>>> <mailto:bbailla2 at uwo.ca>> wrote:
>>>
>>> Hello,
>>>
>>> Currently the user tool (sakai.createuser) adds users upon
>>> submitting the form. We want to ensure that we get the correct
>>> email addresses from our users, so we're trying to customize the
>>> tool to send the user an email with a validation token before
>>> their account gets created.
>>>
>>> In doing this, my plan is to create a separate database table to
>>> temporarily store the information they've filled on the New User
>>> form until they've validated their email address. Since they
>>> insert their password, I need to encrypt it, and I found that
>>> BaseUserEdit encrypts passwords using
>>> org.sakaiproject.user.impl.PasswordService. So I'll store the
>>> user's inserted information including their encrypted password,
>>> and once the user has validated their email address I'll create
>>> their account with a random password and manually update their
>>> row in the SAKAI_USER table with the encrypted password from my
>>> table.
>>>
>>> I'm having trouble using PasswordService from within the user
>>> project though.
>>> So, to pull in PasswordService I have:
>>> <dependency>
>>> <groupId>org.sakaiproject.kernel</groupId>
>>> <artifactId>sakai-kernel-impl</artifactId>
>>> <version>${sakai.kernel.version}</version>
>>> </dependency>
>>>
>>> I can compile a class that calls new PasswordService() without
>>> errors, but at runtime I'm getting:
>>>
>>> 2012-09-21 16:50:17,617 WARN http-8081-Processor25
>>> org.sakaiproject.cheftool.VelocityPortletPaneledAction -
>>> Exception calling method doSave
>>> java.lang.reflect.InvocationTargetException (Caused by
>>> java.lang.NoClassDefFoundError:
>>> org/sakaiproject/user/impl/PasswordService)
>>> java.lang.reflect.InvocationTargetException
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>> Method)
>>> at
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>>> at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>>> at java.lang.reflect.Method.invoke(Method.java:597)
>>> at
>>> org.sakaiproject.cheftool.VelocityPortletPaneledAction.actionDispatch(VelocityPortletPaneledAction.java:657)
>>> at
>>> org.sakaiproject.cheftool.VelocityPortletPaneledAction.processAction(VelocityPortletPaneledAction.java:555)
>>> at
>>> org.sakaiproject.cheftool.ToolServlet.doGet(ToolServlet.java:230)
>>> at
>>> org.sakaiproject.cheftool.VelocityPortletPaneledAction.doGet(VelocityPortletPaneledAction.java:1086)
>>> at
>>> org.sakaiproject.cheftool.ToolServlet.doPost(ToolServlet.java:154)
>>> at
>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
>>> at
>>> org.sakaiproject.vm.ComponentServlet.service(ComponentServlet.java:56)
>>> at
>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>>> at
>>> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:598)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>>> at
>>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:659)
>>> at
>>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:457)
>>> at
>>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:359)
>>> at
>>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:311)
>>> at
>>> org.sakaiproject.tool.impl.ActiveToolComponent$MyActiveTool.forward(ActiveToolComponent.java:511)
>>> at
>>> org.sakaiproject.portal.charon.SkinnableCharonPortal.forwardTool(SkinnableCharonPortal.java:1429)
>>> at
>>> org.sakaiproject.portal.charon.handlers.ToolHandler.doTool(ToolHandler.java:204)
>>> at
>>> org.sakaiproject.portal.charon.handlers.ToolHandler.doGet(ToolHandler.java:96)
>>> at
>>> org.sakaiproject.portal.charon.handlers.ToolHandler.doPost(ToolHandler.java:73)
>>> at
>>> org.sakaiproject.portal.charon.SkinnableCharonPortal.doPost(SkinnableCharonPortal.java:1224)
>>> at
>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
>>> at
>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>>> at
>>> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:659)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>>> at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>>> at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
>>> at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>>> at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
>>> at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
>>> at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
>>> at
>>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:879)
>>> at
>>> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
>>> at
>>> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
>>> at
>>> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
>>> at
>>> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
>>> at java.lang.Thread.run(Thread.java:662)
>>> Caused by: java.lang.NoClassDefFoundError:
>>> org/sakaiproject/user/impl/PasswordService
>>> at
>>> org.sakaiproject.user.uservalidation.model.ValidatablePersonHibernateImpl.setPassword(ValidatablePersonHibernateImpl.java:70)
>>> at
>>> org.sakaiproject.user.tool.UsersAction.readUserForm(UsersAction.java:966)
>>> at
>>> org.sakaiproject.user.tool.UsersAction.doSave(UsersAction.java:665)
>>> ... 46 more
>>> Caused by: java.lang.ClassNotFoundException:
>>> org.sakaiproject.user.impl.PasswordService
>>> at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
>>> at java.security.AccessController.doPrivileged(Native Method)
>>> at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
>>> at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
>>> at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
>>> ... 49 more
>>>
>>> Does anybody have any suggestions as to how I can get
>>> PasswordService to work in this project?
>>>
>>> For reference, the source code can be found at
>>> https://source.sakaiproject.org/svn/msub/uwo.ca/user/trunk/
>>>
>>> Thanks,
>>> Brian
>>>
>>> _______________________________________________
>>> sakai-dev mailing list
>>> sakai-dev at collab.sakaiproject.org
>>> <mailto:sakai-dev at collab.sakaiproject.org>
>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>
>>> TO UNSUBSCRIBE: send email to
>>> sakai-dev-unsubscribe at collab.sakaiproject.org
>>> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a
>>> subject of "unsubscribe"
>>>
>>>
>> _______________________________________________
>> sakai-dev mailing list
>> sakai-dev at collab.sakaiproject.org
>> <mailto:sakai-dev at collab.sakaiproject.org>
>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>
>> TO UNSUBSCRIBE: send email to
>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>> "unsubscribe"
>
>
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
>
More information about the sakai-dev
mailing list