[Building Sakai] Using the PasswordService from within the user tool
Mike Jennings
mike_jennings at unc.edu
Mon Sep 24 10:12:59 PDT 2012
Thanks Steve, I will get that stuff up to the Jira asap.
Mike
==============================================================================
Mike Jennings
Teaching and Learning Developer
University of North Carolina at Chapel Hill
Office: (919) 843-5013
Cell: (919) 698-3746
E-mail: mike_jennings at unc.edu
On 9/24/2012 10:46 AM, Steve Swinsburg wrote:
> If you can attach a screenshot of the admin part to the Jira, I will
> review the code, apply it to my local trunk and test, etc. This is a
> cool feature IMO. Also, a couple of questions in the Jira esp w.r.t
> notifying the user that their account is locked and next steps - it
> might not always be appropriate to send them somewhere else, so just a
> note about it might be good.
>
> cheers,
> Steve
>
>
> On Mon, Sep 24, 2012 at 12:54 PM, Jennings, Michael
> <mike_jennings at unc.edu <mailto:mike_jennings at unc.edu>> wrote:
>
> I have assigned this to me so if this is not right what would
> everyone like me to do with it. I don't mind running with this
> feature and working at getting it put into production!
>
> Please let me know how to proceed.
>
> Mike
>
> Aaron Zeckoski <azeckoski at unicon.net <mailto:azeckoski at unicon.net>>
> wrote:
>
>
> Like Matt says, in the case of contributed patches it is typically the
> person doing the review and commit.
> -AZ
>
>
> On Sun, Sep 23, 2012 at 8:00 PM, Matthew Jones
> <matthew at longsight.com <mailto:matthew at longsight.com>> wrote:
> > Yea the "Assignee" field is tough. Usually it's the person who
> actually does
> > the commit t to trunk. Sometimes it's the person who actually
> does the work
> > and attaches patches. Ultimately whoever it's assigned should
> follow through
> > and make sure that it makes it into trunk somehow though. If they
> aren't
> > able to actually make the commits, this involves emailing the
> > cle-release-team at collab.sakaiproject.org
> <mailto:cle-release-team at collab.sakaiproject.org> or calling into
> the Thursday
> > morning meetings and getting it on the agenda.
> >
> >
> > On Sun, Sep 23, 2012 at 6:53 PM, Mike Jennings
> <mike_jennings at unc.edu <mailto:mike_jennings at unc.edu>>
> > wrote:
> >>
> >> I have uploaded my patches to the
> >> https://jira.sakaiproject.org/browse/SAK-16499 call ticket.....
> >>
> >> I hope that helps people out... I am going to go ahead and
> assign the
> >> ticket to me.... don't know what that actually means, but it is
> my code
> >> and I will take ownership of it :D
> >>
> >> Mike
> >>
> >>
> >>
> ==============================================================================
> >> Mike Jennings
> >> Teaching and Learning Developer
> >> University of North Carolina at Chapel Hill
> >>
> >> Office: (919) 843-5013
> >> Cell: (919) 698-3746
> >> E-mail: mike_jennings at unc.edu <mailto:mike_jennings at unc.edu>
> >>
> >> On 9/22/2012 2:18 AM, Steve Swinsburg wrote:
> >> > If PasswordService doesn't have a public API (i.e. an
> interface), then
> >> > you cannot access it externally since the impl's live in a
> special area
> >> > of Tomcat and need to be handled specially.
> >> >
> >> > Your best bet would be to spend time on a way to lock/unlock a
> user
> >> > account - Mike at UNC has already done this so that would be
> the best
> >> > way forward. Duplicating code and moving data around in the
> database
> >> > sounds yucky.
> >> >
> >> > Mike, there is a Jira already for this here:
> >> > https://jira.sakaiproject.org/browse/SAK-16499 - Just reopen
> it and send
> >> > your code that way.
> >> >
> >> > cheers,
> >> > Steve
> >> >
> >> > On 22/09/2012, at 2:22 PM, Brian Baillargeon <bbailla2 at uwo.ca
> <mailto:bbailla2 at uwo.ca>
> >> > <mailto:bbailla2 at uwo.ca <mailto:bbailla2 at uwo.ca>>> wrote:
> >> >
> >> >> Passwords must never be stored unencrypted.
> >> >>
> >> >> Here's what I was thinking - if you add this dependency to a
> project:
> >> >>>
> >> >>> <dependency>
> >> >>> <groupId>org.sakaiproject.kernel</groupId>
> >> >>> <artifactId>sakai-kernel-impl</artifactId>
> >> >>> <version>${sakai.kernel.version}</version>
> >> >>> </dependency>
> >> >> you should be able to see the class definition for
> PasswordService
> >> >> inside the sakai-kernel-impl jar in your local maven
> repository. So I
> >> >> don't see what's preventing java from finding
> PasswordService's class
> >> >> definition at runtime. I saw that it doesn't appear to be a
> bean like
> >> >> any other service, so I was trying to call the inherited Object
> >> >> constructor followed by encrypt(). I'm at home (and away from
> my dev
> >> >> environment), so I can't verify whether this works in any other
> >> >> project, but my conjecture is that java can't find
> PasswordService due
> >> >> to some kind of naming issue since we're working under the
> >> >> org.sakaiproject.user package, and PasswordService is also
> under that
> >> >> package.
> >> >>
> >> >> I see three options
> >> >> - Get PasswordService to work in the user tool and proceed
> with my
> >> >> original plan
> >> >> - Clone PasswordService into this project. This means if the
> >> >> encryption strategy changes in a future kernel-impl upgrade, a
> >> >> conflict will exist.
> >> >> - Create the account (with a UserEdit) and copy the resulting
> row from
> >> >> SAKAI_USER into my table, delete the account, wait until the user
> >> >> validates their email address to move them back to SAKAI_USER.
> >> >>
> >> >> Any ideas on how to get PasswordService working?
> >> >>
> >> >> On 09/21/12, *Matthew Jones * <matthew at longsight.com
> <mailto:matthew at longsight.com>
> >> >> <mailto:matthew at longsight.com
> <mailto:matthew at longsight.com>>> wrote:
> >> >>> Because the PasswordService doesn't have an api in shared
> (and it
> >> >>> isn't itself) in shared, I'm not sure you could do that. You
> probably
> >> >>> could set their password as an random bit of strings though, it
> >> >>> doesn't have to go through this service if you don't care if it
> >> >>> *works* or not, just that it locks them out?
> >> >>>
> >> >>> You could probably even just store it in the password field as
> >> >>> "*"+their password, then just remove the first character to
> unlock.
> >> >>> That's what the old unix lockout used to be right?
> >> >>>
> >> >>> On Fri, Sep 21, 2012 at 5:22 PM, Brian Baillargeon
> <bbailla2 at uwo.ca <mailto:bbailla2 at uwo.ca>
> >> >>> <mailto:bbailla2 at uwo.ca <mailto:bbailla2 at uwo.ca>>> wrote:
> >> >>>
> >> >>> Hello,
> >> >>>
> >> >>> Currently the user tool (sakai.createuser) adds users upon
> >> >>> submitting the form. We want to ensure that we get the
> correct
> >> >>> email addresses from our users, so we're trying to
> customize the
> >> >>> tool to send the user an email with a validation token
> before
> >> >>> their account gets created.
> >> >>>
> >> >>> In doing this, my plan is to create a separate database
> table to
> >> >>> temporarily store the information they've filled on the
> New User
> >> >>> form until they've validated their email address. Since they
> >> >>> insert their password, I need to encrypt it, and I found
> that
> >> >>> BaseUserEdit encrypts passwords using
> >> >>> org.sakaiproject.user.impl.PasswordService. So I'll
> store the
> >> >>> user's inserted information including their encrypted
> password,
> >> >>> and once the user has validated their email address I'll
> create
> >> >>> their account with a random password and manually update
> their
> >> >>> row in the SAKAI_USER table with the encrypted password
> from my
> >> >>> table.
> >> >>>
> >> >>> I'm having trouble using PasswordService from within the
> user
> >> >>> project though.
> >> >>> So, to pull in PasswordService I have:
> >> >>> <dependency>
> >> >>> <groupId>org.sakaiproject.kernel</groupId>
> >> >>> <artifactId>sakai-kernel-impl</artifactId>
> >> >>> <version>${sakai.kernel.version}</version>
> >> >>> </dependency>
> >> >>>
> >> >>> I can compile a class that calls new PasswordService()
> without
> >> >>> errors, but at runtime I'm getting:
> >> >>>
> >> >>> 2012-09-21 16:50:17,617 WARN http-8081-Processor25
> >> >>> org.sakaiproject.cheftool.VelocityPortletPaneledAction -
> >> >>> Exception calling method doSave
> >> >>> java.lang.reflect.InvocationTargetException (Caused by
> >> >>> java.lang.NoClassDefFoundError:
> >> >>> org/sakaiproject/user/impl/PasswordService)
> >> >>> java.lang.reflect.InvocationTargetException
> >> >>> at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> >> >>> Method)
> >> >>> at
> >> >>>
> >> >>>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >> >>> at
> >> >>>
> >> >>>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> >> >>> at java.lang.reflect.Method.invoke(Method.java:597)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.cheftool.VelocityPortletPaneledAction.actionDispatch(VelocityPortletPaneledAction.java:657)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.cheftool.VelocityPortletPaneledAction.processAction(VelocityPortletPaneledAction.java:555)
> >> >>> at
> >> >>>
> org.sakaiproject.cheftool.ToolServlet.doGet(ToolServlet.java:230)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.cheftool.VelocityPortletPaneledAction.doGet(VelocityPortletPaneledAction.java:1086)
> >> >>> at
> >> >>>
> org.sakaiproject.cheftool.ToolServlet.doPost(ToolServlet.java:154)
> >> >>> at
> >> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.vm.ComponentServlet.service(ComponentServlet.java:56)
> >> >>> at
> >> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:598)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:659)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:457)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:359)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:311)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.tool.impl.ActiveToolComponent$MyActiveTool.forward(ActiveToolComponent.java:511)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.portal.charon.SkinnableCharonPortal.forwardTool(SkinnableCharonPortal.java:1429)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.portal.charon.handlers.ToolHandler.doTool(ToolHandler.java:204)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.portal.charon.handlers.ToolHandler.doGet(ToolHandler.java:96)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.portal.charon.handlers.ToolHandler.doPost(ToolHandler.java:73)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.portal.charon.SkinnableCharonPortal.doPost(SkinnableCharonPortal.java:1224)
> >> >>> at
> >> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
> >> >>> at
> >> >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:659)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:879)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
> >> >>> at
> >> >>>
> >> >>>
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
> >> >>> at java.lang.Thread.run(Thread.java:662)
> >> >>> Caused by: java.lang.NoClassDefFoundError:
> >> >>> org/sakaiproject/user/impl/PasswordService
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.user.uservalidation.model.ValidatablePersonHibernateImpl.setPassword(ValidatablePersonHibernateImpl.java:70)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.user.tool.UsersAction.readUserForm(UsersAction.java:966)
> >> >>> at
> >> >>>
> >> >>>
> org.sakaiproject.user.tool.UsersAction.doSave(UsersAction.java:665)
> >> >>> ... 46 more
> >> >>> Caused by: java.lang.ClassNotFoundException:
> >> >>> org.sakaiproject.user.impl.PasswordService
> >> >>> at
> java.net.URLClassLoader$1.run(URLClassLoader.java:202)
> >> >>> at
> java.security.AccessController.doPrivileged(Native
> >> >>> Method)
> >> >>> at
> >> >>> java.net.URLClassLoader.findClass(URLClassLoader.java:190)
> >> >>> at
> java.lang.ClassLoader.loadClass(ClassLoader.java:306)
> >> >>> at
> java.lang.ClassLoader.loadClass(ClassLoader.java:247)
> >> >>> ... 49 more
> >> >>>
> >> >>> Does anybody have any suggestions as to how I can get
> >> >>> PasswordService to work in this project?
> >> >>>
> >> >>> For reference, the source code can be found at
> >> >>> https://source.sakaiproject.org/svn/msub/uwo.ca/user/trunk/
> >> >>>
> >> >>> Thanks,
> >> >>> Brian
> >> >>>
> >> >>> _______________________________________________
> >> >>> sakai-dev mailing list
> >> >>> sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> >> >>> <mailto:sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>>
> >> >>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >> >>>
> >> >>> TO UNSUBSCRIBE: send email to
> >> >>> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org>
> >> >>> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org>> with a
> >> >>> subject of "unsubscribe"
> >> >>>
> >> >>>
> >> >> _______________________________________________
> >> >> sakai-dev mailing list
> >> >> sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> >> >> <mailto:sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>>
> >> >> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >> >>
> >> >> TO UNSUBSCRIBE: send email to
> >> >> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a subject of
> >> >> "unsubscribe"
> >> >
> >> >
> >> >
> >> > _______________________________________________
> >> > sakai-dev mailing list
> >> > sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> >> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >> >
> >> > TO UNSUBSCRIBE: send email to
> >> > sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a subject of
> >> > "unsubscribe"
> >> >
> >> _______________________________________________
> >> sakai-dev mailing list
> >> sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> >> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >>
> >> TO UNSUBSCRIBE: send email to
> >> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a subject of
> >> "unsubscribe"
> >
> >
> >
> > _______________________________________________
> > sakai-dev mailing list
> > sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >
> > TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org>
> > with a subject of "unsubscribe"
>
>
>
> --
> Aaron Zeckoski - Software Architect - http://tinyurl.com/azprofile
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a
> subject of "unsubscribe"
>
>
More information about the sakai-dev
mailing list