[Building Sakai] Using the PasswordService from within the user tool
Matthew Jones
matthew at longsight.com
Sun Sep 23 17:00:17 PDT 2012
Yea the "Assignee" field is tough. Usually it's the person who actually
does the commit t to trunk. Sometimes it's the person who actually does the
work and attaches patches. Ultimately whoever it's assigned should follow
through and make sure that it makes it into trunk somehow though. If they
aren't able to actually make the commits, this involves emailing the
cle-release-team at collab.sakaiproject.org or calling into the Thursday
morning meetings and getting it on the agenda.
On Sun, Sep 23, 2012 at 6:53 PM, Mike Jennings <mike_jennings at unc.edu>wrote:
> I have uploaded my patches to the
> https://jira.sakaiproject.org/browse/SAK-16499 call ticket.....
>
> I hope that helps people out... I am going to go ahead and assign the
> ticket to me.... don't know what that actually means, but it is my code
> and I will take ownership of it :D
>
> Mike
>
>
> ==============================================================================
> Mike Jennings
> Teaching and Learning Developer
> University of North Carolina at Chapel Hill
>
> Office: (919) 843-5013
> Cell: (919) 698-3746
> E-mail: mike_jennings at unc.edu
>
> On 9/22/2012 2:18 AM, Steve Swinsburg wrote:
> > If PasswordService doesn't have a public API (i.e. an interface), then
> > you cannot access it externally since the impl's live in a special area
> > of Tomcat and need to be handled specially.
> >
> > Your best bet would be to spend time on a way to lock/unlock a user
> > account - Mike at UNC has already done this so that would be the best
> > way forward. Duplicating code and moving data around in the database
> > sounds yucky.
> >
> > Mike, there is a Jira already for this here:
> > https://jira.sakaiproject.org/browse/SAK-16499 - Just reopen it and send
> > your code that way.
> >
> > cheers,
> > Steve
> >
> > On 22/09/2012, at 2:22 PM, Brian Baillargeon <bbailla2 at uwo.ca
> > <mailto:bbailla2 at uwo.ca>> wrote:
> >
> >> Passwords must never be stored unencrypted.
> >>
> >> Here's what I was thinking - if you add this dependency to a project:
> >>>
> >>> <dependency>
> >>> <groupId>org.sakaiproject.kernel</groupId>
> >>> <artifactId>sakai-kernel-impl</artifactId>
> >>> <version>${sakai.kernel.version}</version>
> >>> </dependency>
> >> you should be able to see the class definition for PasswordService
> >> inside the sakai-kernel-impl jar in your local maven repository. So I
> >> don't see what's preventing java from finding PasswordService's class
> >> definition at runtime. I saw that it doesn't appear to be a bean like
> >> any other service, so I was trying to call the inherited Object
> >> constructor followed by encrypt(). I'm at home (and away from my dev
> >> environment), so I can't verify whether this works in any other
> >> project, but my conjecture is that java can't find PasswordService due
> >> to some kind of naming issue since we're working under the
> >> org.sakaiproject.user package, and PasswordService is also under that
> >> package.
> >>
> >> I see three options
> >> - Get PasswordService to work in the user tool and proceed with my
> >> original plan
> >> - Clone PasswordService into this project. This means if the
> >> encryption strategy changes in a future kernel-impl upgrade, a
> >> conflict will exist.
> >> - Create the account (with a UserEdit) and copy the resulting row from
> >> SAKAI_USER into my table, delete the account, wait until the user
> >> validates their email address to move them back to SAKAI_USER.
> >>
> >> Any ideas on how to get PasswordService working?
> >>
> >> On 09/21/12, *Matthew Jones * <matthew at longsight.com
> >> <mailto:matthew at longsight.com>> wrote:
> >>> Because the PasswordService doesn't have an api in shared (and it
> >>> isn't itself) in shared, I'm not sure you could do that. You probably
> >>> could set their password as an random bit of strings though, it
> >>> doesn't have to go through this service if you don't care if it
> >>> *works* or not, just that it locks them out?
> >>>
> >>> You could probably even just store it in the password field as
> >>> "*"+their password, then just remove the first character to unlock.
> >>> That's what the old unix lockout used to be right?
> >>>
> >>> On Fri, Sep 21, 2012 at 5:22 PM, Brian Baillargeon <bbailla2 at uwo.ca
> >>> <mailto:bbailla2 at uwo.ca>> wrote:
> >>>
> >>> Hello,
> >>>
> >>> Currently the user tool (sakai.createuser) adds users upon
> >>> submitting the form. We want to ensure that we get the correct
> >>> email addresses from our users, so we're trying to customize the
> >>> tool to send the user an email with a validation token before
> >>> their account gets created.
> >>>
> >>> In doing this, my plan is to create a separate database table to
> >>> temporarily store the information they've filled on the New User
> >>> form until they've validated their email address. Since they
> >>> insert their password, I need to encrypt it, and I found that
> >>> BaseUserEdit encrypts passwords using
> >>> org.sakaiproject.user.impl.PasswordService. So I'll store the
> >>> user's inserted information including their encrypted password,
> >>> and once the user has validated their email address I'll create
> >>> their account with a random password and manually update their
> >>> row in the SAKAI_USER table with the encrypted password from my
> >>> table.
> >>>
> >>> I'm having trouble using PasswordService from within the user
> >>> project though.
> >>> So, to pull in PasswordService I have:
> >>> <dependency>
> >>> <groupId>org.sakaiproject.kernel</groupId>
> >>> <artifactId>sakai-kernel-impl</artifactId>
> >>> <version>${sakai.kernel.version}</version>
> >>> </dependency>
> >>>
> >>> I can compile a class that calls new PasswordService() without
> >>> errors, but at runtime I'm getting:
> >>>
> >>> 2012-09-21 16:50:17,617 WARN http-8081-Processor25
> >>> org.sakaiproject.cheftool.VelocityPortletPaneledAction -
> >>> Exception calling method doSave
> >>> java.lang.reflect.InvocationTargetException (Caused by
> >>> java.lang.NoClassDefFoundError:
> >>> org/sakaiproject/user/impl/PasswordService)
> >>> java.lang.reflect.InvocationTargetException
> >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> >>> Method)
> >>> at
> >>>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >>> at
> >>>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> >>> at java.lang.reflect.Method.invoke(Method.java:597)
> >>> at
> >>>
> org.sakaiproject.cheftool.VelocityPortletPaneledAction.actionDispatch(VelocityPortletPaneledAction.java:657)
> >>> at
> >>>
> org.sakaiproject.cheftool.VelocityPortletPaneledAction.processAction(VelocityPortletPaneledAction.java:555)
> >>> at
> >>> org.sakaiproject.cheftool.ToolServlet.doGet(ToolServlet.java:230)
> >>> at
> >>>
> org.sakaiproject.cheftool.VelocityPortletPaneledAction.doGet(VelocityPortletPaneledAction.java:1086)
> >>> at
> >>> org.sakaiproject.cheftool.ToolServlet.doPost(ToolServlet.java:154)
> >>> at
> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
> >>> at
> >>>
> org.sakaiproject.vm.ComponentServlet.service(ComponentServlet.java:56)
> >>> at
> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >>> at
> >>>
> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:598)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:659)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:457)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:359)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:311)
> >>> at
> >>>
> org.sakaiproject.tool.impl.ActiveToolComponent$MyActiveTool.forward(ActiveToolComponent.java:511)
> >>> at
> >>>
> org.sakaiproject.portal.charon.SkinnableCharonPortal.forwardTool(SkinnableCharonPortal.java:1429)
> >>> at
> >>>
> org.sakaiproject.portal.charon.handlers.ToolHandler.doTool(ToolHandler.java:204)
> >>> at
> >>>
> org.sakaiproject.portal.charon.handlers.ToolHandler.doGet(ToolHandler.java:96)
> >>> at
> >>>
> org.sakaiproject.portal.charon.handlers.ToolHandler.doPost(ToolHandler.java:73)
> >>> at
> >>>
> org.sakaiproject.portal.charon.SkinnableCharonPortal.doPost(SkinnableCharonPortal.java:1224)
> >>> at
> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
> >>> at
> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >>> at
> >>>
> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:659)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> >>> at
> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >>> at
> >>>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> >>> at
> >>>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
> >>> at
> >>>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> >>> at
> >>>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> >>> at
> >>>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> >>> at
> >>>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
> >>> at
> >>>
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:879)
> >>> at
> >>>
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
> >>> at
> >>>
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
> >>> at
> >>>
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
> >>> at
> >>>
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
> >>> at java.lang.Thread.run(Thread.java:662)
> >>> Caused by: java.lang.NoClassDefFoundError:
> >>> org/sakaiproject/user/impl/PasswordService
> >>> at
> >>>
> org.sakaiproject.user.uservalidation.model.ValidatablePersonHibernateImpl.setPassword(ValidatablePersonHibernateImpl.java:70)
> >>> at
> >>>
> org.sakaiproject.user.tool.UsersAction.readUserForm(UsersAction.java:966)
> >>> at
> >>> org.sakaiproject.user.tool.UsersAction.doSave(UsersAction.java:665)
> >>> ... 46 more
> >>> Caused by: java.lang.ClassNotFoundException:
> >>> org.sakaiproject.user.impl.PasswordService
> >>> at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
> >>> at java.security.AccessController.doPrivileged(Native
> Method)
> >>> at
> java.net.URLClassLoader.findClass(URLClassLoader.java:190)
> >>> at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
> >>> at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
> >>> ... 49 more
> >>>
> >>> Does anybody have any suggestions as to how I can get
> >>> PasswordService to work in this project?
> >>>
> >>> For reference, the source code can be found at
> >>> https://source.sakaiproject.org/svn/msub/uwo.ca/user/trunk/
> >>>
> >>> Thanks,
> >>> Brian
> >>>
> >>> _______________________________________________
> >>> sakai-dev mailing list
> >>> sakai-dev at collab.sakaiproject.org
> >>> <mailto:sakai-dev at collab.sakaiproject.org>
> >>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >>>
> >>> TO UNSUBSCRIBE: send email to
> >>> sakai-dev-unsubscribe at collab.sakaiproject.org
> >>> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a
> >>> subject of "unsubscribe"
> >>>
> >>>
> >> _______________________________________________
> >> sakai-dev mailing list
> >> sakai-dev at collab.sakaiproject.org
> >> <mailto:sakai-dev at collab.sakaiproject.org>
> >> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >>
> >> TO UNSUBSCRIBE: send email to
> >> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> >> "unsubscribe"
> >
> >
> >
> > _______________________________________________
> > sakai-dev mailing list
> > sakai-dev at collab.sakaiproject.org
> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >
> > TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
> >
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20120923/b6737283/attachment.html
More information about the sakai-dev
mailing list