Menu
▾
▴
tolven-cvs-commit — Tolven CVS Commit
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(141) |
Sep
(184) |
Oct
(159) |
Nov
(77) |
Dec
(114) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(212) |
Feb
(302) |
Mar
(323) |
Apr
(360) |
May
(302) |
Jun
(392) |
Jul
(299) |
Aug
(858) |
Sep
(499) |
Oct
(489) |
Nov
(324) |
Dec
(438) |
| 2008 |
Jan
(449) |
Feb
(388) |
Mar
(811) |
Apr
(583) |
May
(949) |
Jun
(1431) |
Jul
(943) |
Aug
(527) |
Sep
(576) |
Oct
(440) |
Nov
(1046) |
Dec
(658) |
| 2009 |
Jan
(259) |
Feb
(192) |
Mar
(495) |
Apr
(2322) |
May
(2023) |
Jun
(1387) |
Jul
(722) |
Aug
(771) |
Sep
(167) |
Oct
(142) |
Nov
(384) |
Dec
(884) |
| 2010 |
Jan
(344) |
Feb
(82) |
Mar
(248) |
Apr
(341) |
May
(389) |
Jun
(289) |
Jul
(19) |
Aug
(478) |
Sep
(274) |
Oct
(431) |
Nov
(322) |
Dec
(207) |
| 2011 |
Jan
(125) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Joseph I. <jos...@us...> - 2007-02-19 10:17:32
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv13523/src/org/tolven/security Modified Files: LoginLocal.java Log Message: Added UsernamePasswordAccountUseridCallbackHandler which allows login with either just the username/password or with the username/password/accountUserId. This class can be used in conjuction with the KeyLoginModule, if there is control over the LoginContext instance. Index: LoginLocal.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/LoginLocal.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** LoginLocal.java 20 Jan 2007 19:23:18 -0000 1.3 --- LoginLocal.java 19 Feb 2007 10:17:31 -0000 1.4 *************** *** 9,12 **** --- 9,14 ---- import org.tolven.core.bean.InvitationException; import org.tolven.core.entity.TolvenUser; + import org.tolven.security.key.AccountPrivateKey; + import org.tolven.security.key.AccountPublicKey; import org.tolven.security.key.UserKeyRing; *************** *** 18,26 **** public TolvenUser findUser( String principal ); /** ! * Find a UserKeyPair for aPrincipal * @param aPrincipal * @return */ public UserKeyRing findUserKeyRing(String aPrincipal); /** * Used for test, demo only. Register and immediately activate the user without sending an email. The user id does not need to be a valid email address. --- 20,43 ---- public TolvenUser findUser( String principal ); /** ! * Find a UserKeyRing for aPrincipal * @param aPrincipal * @return */ public UserKeyRing findUserKeyRing(String aPrincipal); + + /** + * Return an AccountPrivateKey given an AccountUserId + * @param anAccountUserId + * @return + */ + public AccountPrivateKey findAccountPrivateKey(long anAccountUserId); + + /** + * Return an AccountPublicKey given an AccountUserId + * @param anAccountUserId + * @return + */ + public AccountPublicKey findAccountPublicKey(long anAccountUserId); + /** * Used for test, demo only. Register and immediately activate the user without sending an email. The user id does not need to be a valid email address. |
|
From: John C. <jc...@us...> - 2007-02-19 03:48:09
|
Update of /cvsroot/tolven/tolvenClient/src/org/tolven/client In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv17523/src/org/tolven/client Modified Files: LoadTRIM.java TolvenClient.java Removed Files: CreateGCS.java Log Message: Demo changes Index: LoadTRIM.java =================================================================== RCS file: /cvsroot/tolven/tolvenClient/src/org/tolven/client/LoadTRIM.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** LoadTRIM.java 16 Feb 2007 05:54:30 -0000 1.2 --- LoadTRIM.java 19 Feb 2007 03:48:07 -0000 1.3 *************** *** 16,20 **** } ! private static long accountId = 21901; private static String directory = "."; private static String EXTENSION = ".trim"; --- 16,20 ---- } ! private static long accountId = 23700; private static String directory = "."; private static String EXTENSION = ".trim"; Index: TolvenClient.java =================================================================== RCS file: /cvsroot/tolven/tolvenClient/src/org/tolven/client/TolvenClient.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** TolvenClient.java 16 Feb 2007 05:54:30 -0000 1.4 --- TolvenClient.java 19 Feb 2007 03:48:07 -0000 1.5 *************** *** 127,133 **** System.out.println("User logged in as:" + tolvenUser.getLdapUID()); // This isn't actually used because we've commented the decryption below. ! // if ("true".equalsIgnoreCase(System.getProperty("tolven.security.keys.activate"))) { ! setupPrivateKeyRing( password, accountUser, lc.getSubject(), loginBean.findUserKeyRing(username) ); ! // } } --- 127,131 ---- System.out.println("User logged in as:" + tolvenUser.getLdapUID()); // This isn't actually used because we've commented the decryption below. ! setupPrivateKeyRing( password, accountUser, lc.getSubject(), loginBean.findUserKeyRing(username) ); } --- CreateGCS.java DELETED --- |
|
From: John C. <jc...@us...> - 2007-02-18 23:26:15
|
Update of /cvsroot/tolven/tolvenClient/src/org/tolven/client In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv6290/src/org/tolven/client Modified Files: SendTolvenMessage.java Log Message: fix trim::setAct() Index: SendTolvenMessage.java =================================================================== RCS file: /cvsroot/tolven/tolvenClient/src/org/tolven/client/SendTolvenMessage.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** SendTolvenMessage.java 7 Feb 2007 01:35:46 -0000 1.1 --- SendTolvenMessage.java 18 Feb 2007 23:26:12 -0000 1.2 *************** *** 61,65 **** addPatient( act, "echr:patient-659122" ); Trim trim = factory.createTrim(); ! trim.getActs().add(act); return trim; } --- 61,65 ---- addPatient( act, "echr:patient-659122" ); Trim trim = factory.createTrim(); ! trim.setAct(act); return trim; } |
|
From: Joseph I. <jos...@us...> - 2007-02-18 10:20:44
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/auth In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv15222/src/org/tolven/security/auth Modified Files: KeyLoginModule.java Log Message: Handle null passwords when LoginModule is aborted/logged out Index: KeyLoginModule.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/auth/KeyLoginModule.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** KeyLoginModule.java 17 Feb 2007 01:01:37 -0000 1.4 --- KeyLoginModule.java 18 Feb 2007 10:20:43 -0000 1.5 *************** *** 59,63 **** public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> arg2, Map<String, ?> arg3) { ! System.out.println(getClass() + "initialize()"); this.subject = subject; this.callbackHandler = callbackHandler; --- 59,63 ---- public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> arg2, Map<String, ?> arg3) { ! System.out.println(getClass() + " initialize()"); this.subject = subject; this.callbackHandler = callbackHandler; *************** *** 118,122 **** } if (!allRolesExists) ! group.addMember(new TolvenPrincipal("*")); // Obtain the UserKeyPair if it exists InitialContext ictx = new InitialContext(); --- 118,122 ---- } if (!allRolesExists) ! group.addMember(new TolvenPrincipal("*")); // Obtain the UserKeyPair if it exists InitialContext ictx = new InitialContext(); *************** *** 175,179 **** callbackHandler = null; principalName = null; ! Arrays.fill(password, '0'); password = null; try { --- 175,180 ---- callbackHandler = null; principalName = null; ! if (password != null) ! Arrays.fill(password, '0'); password = null; try { |
|
From: Joseph I. <jos...@us...> - 2007-02-18 07:20:46
|
Update of /cvsroot/tolven/tolven/jboss-config In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv5048/jboss-config Modified Files: login-config.xml Log Message: Changed the messaging LoginModule to prevent a JBoss bug which occurs when the cache clears ("properties file not found"). Now a SimpleLoginModule is temporarily used, until a stronger authentication module is added. Index: login-config.xml =================================================================== RCS file: /cvsroot/tolven/tolven/jboss-config/login-config.xml,v retrieving revision 1.17 retrieving revision 1.18 diff -C2 -d -r1.17 -r1.18 *** login-config.xml 28 Jan 2007 06:53:51 -0000 1.17 --- login-config.xml 18 Feb 2007 07:20:42 -0000 1.18 *************** *** 28,33 **** <policy> <application-policy name = "messaging"> ! <authentication> ! <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" > <module-option name = "unauthenticatedIdentity">guest</module-option> --- 28,34 ---- <policy> <application-policy name = "messaging"> ! <authentication> ! <!-- ! <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" > <module-option name = "unauthenticatedIdentity">guest</module-option> *************** *** 35,39 **** <module-option name = "rolesProperties">messaging-roles.properties</module-option> </login-module> ! </authentication> </application-policy> <!-- Used by clients within the application server VM such as --- 36,44 ---- <module-option name = "rolesProperties">messaging-roles.properties</module-option> </login-module> ! --> ! <!-- This module is temporarily being used for messaging, and will be replaced with a stronger authentication module in the future --> ! <login-module code="org.jboss.security.auth.spi.SimpleServerLoginModule" ! flag="required" /> ! </authentication> </application-policy> <!-- Used by clients within the application server VM such as |
|
From: Joseph I. <jos...@us...> - 2007-02-18 02:10:27
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv10249/src/org/tolven/doc/entity Modified Files: DocBase.java Log Message: Allow users of previous accounts, which had no documents encrypted, to view those documents, by not assuming they require decryption. Index: DocBase.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/DocBase.java,v retrieving revision 1.21 retrieving revision 1.22 diff -C2 -d -r1.21 -r1.22 *** DocBase.java 17 Feb 2007 01:01:36 -0000 1.21 --- DocBase.java 18 Feb 2007 02:10:13 -0000 1.22 *************** *** 182,187 **** if (account == null) throw new RuntimeException("Content cannot be retrieved from a document which is not associated with an account"); - if (documentSecretKey == null) - throw new RuntimeException("Content cannot be decrypted without a documentSecretKey"); Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); if (subject == null) --- 182,185 ---- *************** *** 206,209 **** --- 204,213 ---- PrivateKey privateKey = userPrivateKey.getPrivateKey(); AccountPrivateKey activeAccountPrivateKey = privateKeyRing.getAccountPrivateKey(); + if (documentSecretKey == null) { + //TODO: For backward compatibility, we no longer throw an exception here, since older accounts never had a documenSecretKey and + // were thus never encrypted + //throw new RuntimeException("Content cannot be decrypted without a documentSecretKey"); + return encryptedContent; + } if (activeAccountPrivateKey == null) { //TODO: No AccountPrivateKey means the content cannot be decrypted....for now give it back as encryptedContent |
|
From: Joseph I. <jos...@us...> - 2007-02-17 23:07:35
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2448/src/org/tolven/web Modified Files: MenuAction.java DocAction.java PersonGenAction.java TolvenAction.java RegisterAction.java InvitationAction.java AccountAction.java Log Message: Removed most of the calls to TopAction via getTop(). The userId, accountId and accountUserId are now in the session and accessible via TolvenAction methods: getSessoinTolvenUserId(), getSessionAcccountId() and getSessionAccountUserId(). Index: AccountAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/AccountAction.java,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** AccountAction.java 20 Jan 2007 19:25:05 -0000 1.9 --- AccountAction.java 17 Feb 2007 23:07:33 -0000 1.10 *************** *** 22,25 **** --- 22,26 ---- import org.tolven.core.ActivationLocal; import org.tolven.core.entity.AccountUser; + import org.tolven.core.entity.TolvenUser; public class AccountAction extends TolvenAction { *************** *** 44,49 **** public AccountUser getAccountUser() { if (accountUser==null) { ! long accountUserId = getTop().getAccountUserId(); ! accountUser = activation.findAccountUser( accountUserId ); } return accountUser; --- 45,49 ---- public AccountUser getAccountUser() { if (accountUser==null) { ! accountUser = activation.findAccountUser( getSessionAccountUserId() ); } return accountUser; *************** *** 63,67 **** */ public List<AccountUser> getAccountUsers() { ! if (accountUsers==null) accountUsers = activation.findUserAccounts(getTop().getUser()); return accountUsers; } --- 63,71 ---- */ public List<AccountUser> getAccountUsers() { ! if (accountUsers==null) { ! //TODO: This could be more efficient ! TolvenUser user = activation.findTolvenUser(getSessionTolvenUserId()); ! accountUsers = activation.findUserAccounts(user); ! } return accountUsers; } Index: RegisterAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/RegisterAction.java,v retrieving revision 1.42 retrieving revision 1.43 diff -C2 -d -r1.42 -r1.43 *** RegisterAction.java 17 Feb 2007 12:42:28 -0000 1.42 --- RegisterAction.java 17 Feb 2007 23:07:33 -0000 1.43 *************** *** 143,147 **** System.out.println( "Created account: " + account.getId() + ", acct type " + getNewAccountType().getKnownType()); // Note, the user automatically gets administrator permission because they are the only user on that new account. ! accountBean.addAccountUser( account, getTop().getUser(), getNow(), true); accountUsers = null; menu.createDefaultMenuStructure( account ); --- 143,148 ---- System.out.println( "Created account: " + account.getId() + ", acct type " + getNewAccountType().getKnownType()); // Note, the user automatically gets administrator permission because they are the only user on that new account. ! TolvenUser user = activation.findTolvenUser(getSessionTolvenUserId()); ! accountBean.addAccountUser( account, user, getNow(), true); accountUsers = null; menu.createDefaultMenuStructure( account ); *************** *** 150,156 **** if ("echr".equals(getNewAccountType().getKnownType())) { GenControlCHRAccount control = new GenControlCHRAccount(); ! control.setUserId( getTop().getUser().getId()); control.setChrAccountId(account.getId()); ! control.setNow(getTop().getNow()); control.setStartYear( 1996 ); control.setCount( 100 ); --- 151,157 ---- if ("echr".equals(getNewAccountType().getKnownType())) { GenControlCHRAccount control = new GenControlCHRAccount(); ! control.setUserId( getSessionTolvenUserId()); control.setChrAccountId(account.getId()); ! control.setNow(getNow()); control.setStartYear( 1996 ); control.setCount( 100 ); *************** *** 160,167 **** if ("ephr".equals(getNewAccountType().getKnownType())) { GenControlPHRAccount control = new GenControlPHRAccount(); ! control.setUserId( getTop().getUser().getId()); control.setFamilyName(getTop().getTp().getSn()); control.setChrAccountId(account.getId()); ! control.setNow(getTop().getNow()); control.setStartYear( 1996 ); chrGen.queueGeneration(control); --- 161,168 ---- if ("ephr".equals(getNewAccountType().getKnownType())) { GenControlPHRAccount control = new GenControlPHRAccount(); ! control.setUserId( getSessionTolvenUserId()); control.setFamilyName(getTop().getTp().getSn()); control.setChrAccountId(account.getId()); ! control.setNow(getNow()); control.setStartYear( 1996 ); chrGen.queueGeneration(control); *************** *** 177,181 **** public AccountUser getAccountUser() { if (accountUser==null) { ! accountUser = activation.findAccountUser(getTop().getAccountUserId()); } return accountUser; --- 178,182 ---- public AccountUser getAccountUser() { if (accountUser==null) { ! accountUser = activation.findAccountUser(getSessionAccountUserId()); } return accountUser; *************** *** 188,192 **** public Account getAccount() { if (account==null) { ! account = accountBean.findAccount(getTop().getAccountId()); } return account; --- 189,193 ---- public Account getAccount() { if (account==null) { ! account = accountBean.findAccount(getSessionAccountId()); } return account; *************** *** 687,695 **** UserPrivateKey userPrivateKey = null; try { ! userPrivateKey = getTop().getUserPrivateKey(); } catch (Exception ex) { throw new RuntimeException("When invited to an Account, a user must have UserPublicKey to protect the AccountPrivateKey"); } ! accountUser = accountBean.inviteAccountUser(getAccount(), activation.findAccountUser(getTop().getAccountUserId()), user, userPrivateKey, getNow(), false); FacesContext.getCurrentInstance().addMessage( "accountAdmin:uid", new FacesMessage("Demo user " + uid + " added, id: " + accountUser.getUser().getId())); // force a refresh of the list --- 688,696 ---- UserPrivateKey userPrivateKey = null; try { ! userPrivateKey = getSubjectUserPrivateKey(); } catch (Exception ex) { throw new RuntimeException("When invited to an Account, a user must have UserPublicKey to protect the AccountPrivateKey"); } ! accountUser = accountBean.inviteAccountUser(getAccount(), activation.findAccountUser(getSessionAccountUserId()), user, userPrivateKey, getNow(), false); FacesContext.getCurrentInstance().addMessage( "accountAdmin:uid", new FacesMessage("Demo user " + uid + " added, id: " + accountUser.getUser().getId())); // force a refresh of the list Index: TolvenAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/TolvenAction.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** TolvenAction.java 21 Aug 2006 00:20:06 -0000 1.6 --- TolvenAction.java 17 Feb 2007 23:07:32 -0000 1.7 *************** *** 14,21 **** --- 14,33 ---- package org.tolven.web; + import java.security.GeneralSecurityException; + import java.security.Principal; + import java.security.acl.Group; import java.util.Date; import java.util.Map; + import java.util.Set; + + import javax.security.auth.Subject; + import javax.security.jacc.PolicyContext; + import javax.security.jacc.PolicyContextException; import javax.servlet.http.*; import javax.faces.context.FacesContext; + + import org.tolven.security.key.PrivateKeyRing; + import org.tolven.security.key.UserPrivateKey; + import org.tolven.web.security.VestibuleSecurityFilter; /** * An abstract class from which Tolven Faces backing beans inherit. Provides frequently used utilities such as getNow and getTop. *************** *** 61,63 **** --- 73,136 ---- return top; } + + protected long getSessionTolvenUserId() { + Object obj = getSessionAttribute(VestibuleSecurityFilter.TOLVENUSER_ID); + if (obj == null) + throw new IllegalStateException(getClass() + ": Session TOLVENUSER_ID is null"); + return ((Long) obj).longValue(); + } + + protected long getSessionAccountId() { + Object obj = getSessionAttribute(VestibuleSecurityFilter.ACCOUNT_ID); + if (obj == null) + throw new IllegalStateException(getClass() + ": Session ACCOUNT_ID is null"); + return ((Long) obj).longValue(); + } + + protected long getSessionAccountUserId() { + Object obj = getSessionAttribute(VestibuleSecurityFilter.ACCOUNTUSER_ID); + if (obj == null) + throw new IllegalStateException(getClass() + ": Session ACCOUNTUSER_ID is null"); + return ((Long) obj).longValue(); + } + + /** + * Return the UserPrivateKey for the user + * @return + * @throws PolicyContextException + * @throws GeneralSecurityException + */ + public UserPrivateKey getSubjectUserPrivateKey() throws PolicyContextException, GeneralSecurityException { + return getSubjectPrivateKeyRing().getUserPrivateKey(); + } + + /** + * Return the PrivateKeyRing for the user + * @return + * @throws PolicyContextException + * @throws GeneralSecurityException + */ + public PrivateKeyRing getSubjectPrivateKeyRing() throws PolicyContextException, GeneralSecurityException { + Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); + if (subject == null) + throw new GeneralSecurityException("No Subject found in PolicyContext"); + Set privateCredentials = subject.getPrivateCredentials(PrivateKeyRing.class); + if (privateCredentials.isEmpty()) { + Principal principal = null; + Object obj = null; + for (java.util.Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) { + obj = iter.next(); + if (obj instanceof Principal && !(obj instanceof Group)) { + principal = (Principal) obj; + break; + } + } + if (principal == null) + throw new GeneralSecurityException("No Principal found in PolicyContext Subject"); + String principalName = principal.getName(); + throw new GeneralSecurityException(": No PrivateKeyRing found for " + principalName); + } + return (PrivateKeyRing) privateCredentials.iterator().next(); + } + } Index: MenuAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/MenuAction.java,v retrieving revision 1.34 retrieving revision 1.35 diff -C2 -d -r1.34 -r1.35 *** MenuAction.java 16 Feb 2007 04:20:27 -0000 1.34 --- MenuAction.java 17 Feb 2007 23:07:32 -0000 1.35 *************** *** 159,163 **** public long getAccountId() { if (accountId==0) { ! accountId = getTop().getAccountId(); } if (accountId==0) { --- 159,163 ---- public long getAccountId() { if (accountId==0) { ! accountId = getSessionAccountId(); } if (accountId==0) { *************** *** 471,475 **** // We'll create the new instance right here (for simplicity) // Start with a document ! DocXML doc = documentLocal.createXMLDocument(TRIM_NS, getTop().getUser().getId(), getAccountId()); // Create a new MenuData (placeholder) --- 471,475 ---- // We'll create the new instance right here (for simplicity) // Start with a document ! DocXML doc = documentLocal.createXMLDocument(TRIM_NS, getSessionTolvenUserId(), getAccountId()); // Create a new MenuData (placeholder) Index: DocAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/DocAction.java,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** DocAction.java 17 Feb 2007 21:14:00 -0000 1.12 --- DocAction.java 17 Feb 2007 23:07:32 -0000 1.13 *************** *** 77,81 **** doc.setMediaType( "text/plain" ); doc.setContentString( content ); ! docBean.createDocument( doc, getTop().getUser().getId(), getTop().getAccountId() ); return "success"; } --- 77,81 ---- doc.setMediaType( "text/plain" ); doc.setContentString( content ); ! docBean.createDocument( doc, getSessionTolvenUserId(), getSessionAccountId() ); return "success"; } *************** *** 103,107 **** } // Has to be for this account or it's not found. ! if (this.getTop().getAccountId()!=doc.getAccount().getId()) { System.out.println( "Document not owned by this account"); return null; --- 103,107 ---- } // Has to be for this account or it's not found. ! if (getSessionAccountId()!=doc.getAccount().getId()) { System.out.println( "Document not owned by this account"); return null; *************** *** 148,156 **** // Get the familt we're looking for long id = getDocumentId(); ! return docBean.findImage( id, getTop().getAccountId() ); } public List<DocImage> getPhotos() { ! List<DocImage> rslt = docBean.findImages(getTop().getAccountId(), 100, 0, "id", "ASC"); return rslt; } --- 148,156 ---- // Get the familt we're looking for long id = getDocumentId(); ! return docBean.findImage( id, getSessionAccountId() ); } public List<DocImage> getPhotos() { ! List<DocImage> rslt = docBean.findImages(getSessionAccountId(), 100, 0, "id", "ASC"); return rslt; } *************** *** 161,165 **** */ public int getPhotoCount() { ! return (int) docBean.countImages(getTop().getAccountId()); } --- 161,165 ---- */ public int getPhotoCount() { ! return (int) docBean.countImages(getSessionAccountId()); } *************** *** 205,213 **** public long getAuthor() { ! HttpSession session = (HttpSession)FacesContext.getCurrentInstance().getExternalContext().getSession(true); ! Object obj = session.getAttribute(VestibuleSecurityFilter.TOLVENUSER_ID); ! if (obj == null) ! throw new IllegalStateException(getClass() + ": Session TOLVENUSER_ID is null"); ! return ((Long)obj).longValue(); } --- 205,209 ---- public long getAuthor() { ! return getSessionTolvenUserId(); } *************** *** 247,255 **** public long getDocumentCount( ) { ! return docBean.countDocuments( getTop().getAccountId()); } public long getXMLDocumentCount( ) { ! return docBean.countXMLDocuments( getTop().getUser().getId()); } } --- 243,251 ---- public long getDocumentCount( ) { ! return docBean.countDocuments( getSessionAccountId()); } public long getXMLDocumentCount( ) { ! return docBean.countXMLDocuments( getSessionTolvenUserId()); } } Index: PersonGenAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/PersonGenAction.java,v retrieving revision 1.19 retrieving revision 1.20 diff -C2 -d -r1.19 -r1.20 *** PersonGenAction.java 12 Feb 2007 07:09:18 -0000 1.19 --- PersonGenAction.java 17 Feb 2007 23:07:32 -0000 1.20 *************** *** 126,133 **** public String createCHRPatients( ) throws Exception { GenControlCHRAccount control = new GenControlCHRAccount(); ! control.setUserId( getTop().getUser().getId()); ! control.setChrAccountId(getTop().getAccountId()); control.setCount( getNumberToGenerate() ); ! control.setNow(getTop().getNow()); control.setStartYear(this.getGenerateHistoryFrom() ); chrGen.queueGeneration(control); --- 126,133 ---- public String createCHRPatients( ) throws Exception { GenControlCHRAccount control = new GenControlCHRAccount(); ! control.setUserId( getSessionTolvenUserId()); ! control.setChrAccountId(getSessionAccountId()); control.setCount( getNumberToGenerate() ); ! control.setNow(getNow()); control.setStartYear(this.getGenerateHistoryFrom() ); chrGen.queueGeneration(control); *************** *** 218,222 **** */ public String getTitle() { ! if (title==null) title = "Account generated " + getTop().getNow().toString(); return title; } --- 218,222 ---- */ public String getTitle() { ! if (title==null) title = "Account generated " + getNow().toString(); return title; } Index: InvitationAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/InvitationAction.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** InvitationAction.java 20 Jan 2007 19:25:05 -0000 1.7 --- InvitationAction.java 17 Feb 2007 23:07:33 -0000 1.8 *************** *** 22,27 **** --- 22,29 ---- import javax.xml.bind.JAXBException; + import org.tolven.core.ActivationLocal; import org.tolven.core.InvitationLocal; import org.tolven.core.bean.InvitationException; + import org.tolven.core.entity.TolvenUser; import org.tolven.doc.entity.Invitation; *************** *** 32,35 **** --- 34,39 ---- private InvitationLocal invitationBean; + + private ActivationLocal activation; public InvitationAction() throws NamingException { *************** *** 38,41 **** --- 42,46 ---- InitialContext ctx = new InitialContext(); invitationBean = (InvitationLocal) ctx.lookup("tolven/InvitationBean/local"); + activation = (ActivationLocal) ctx.lookup("tolven/ActivationBean/local"); } *************** *** 64,68 **** */ public List<Invitation> getOpenInvitations() { ! if (invitations==null) invitations = invitationBean.findOpenInvitations( getTop().getUser(), getNow() ); return invitations; } --- 69,74 ---- */ public List<Invitation> getOpenInvitations() { ! TolvenUser user = activation.findTolvenUser(getSessionTolvenUserId()); ! if (invitations==null) invitations = invitationBean.findOpenInvitations( user, getNow() ); return invitations; } |
|
From: Joseph I. <jos...@us...> - 2007-02-17 23:07:34
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2448/src/org/tolven/web/security Modified Files: VestibuleSecurityFilter.java Log Message: Removed most of the calls to TopAction via getTop(). The userId, accountId and accountUserId are now in the session and accessible via TolvenAction methods: getSessoinTolvenUserId(), getSessionAcccountId() and getSessionAccountUserId(). Index: VestibuleSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/VestibuleSecurityFilter.java,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** VestibuleSecurityFilter.java 17 Feb 2007 21:14:00 -0000 1.11 --- VestibuleSecurityFilter.java 17 Feb 2007 23:07:33 -0000 1.12 *************** *** 140,145 **** user = activation.loginUser(principalName, (Date) request.getAttribute(TOLVEN_NOW)); top.setUser(user); - session.setAttribute(TOLVENUSER_ID, obj); session.setAttribute(VESTIBULE_PASS, "true"); } if ((user == null || Status.NEW_LOGIN.value().equalsIgnoreCase(user.getStatus())) && request.getParameter(INVITATION_ID) != null) { --- 140,146 ---- user = activation.loginUser(principalName, (Date) request.getAttribute(TOLVEN_NOW)); top.setUser(user); session.setAttribute(VESTIBULE_PASS, "true"); + } else { + user = activation.findTolvenUser(((Long) obj).longValue()); } if ((user == null || Status.NEW_LOGIN.value().equalsIgnoreCase(user.getStatus())) && request.getParameter(INVITATION_ID) != null) { *************** *** 165,168 **** --- 166,170 ---- return; } + session.setAttribute(TOLVENUSER_ID, user.getId()); if (!user.hasUserPrivateKey()) { addKeysToUser(user, subject); *************** *** 192,196 **** } // Give TolvenUser the AccountPrivateKey for the selected account ! if(accountUser.getAccountPrivateKey() == null) { //For backward compatibility with accounts which didn't originally have keys, we add them here accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); --- 194,198 ---- } // Give TolvenUser the AccountPrivateKey for the selected account ! if (accountUser.getAccountPrivateKey() == null) { //For backward compatibility with accounts which didn't originally have keys, we add them here accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); *************** *** 205,209 **** // If user has not been sent on there way by here, remove all account related information...they are in the vestibule privateKeyRing.setAccountPrivateKey(null); ! // top.setAccountUser(null); session.removeAttribute(ACCOUNT_ID); session.removeAttribute(ACCOUNTUSER_ID); --- 207,211 ---- // If user has not been sent on there way by here, remove all account related information...they are in the vestibule privateKeyRing.setAccountPrivateKey(null); ! // top.setAccountUser(null); session.removeAttribute(ACCOUNT_ID); session.removeAttribute(ACCOUNTUSER_ID); *************** *** 247,251 **** } } ! public void destroy() { } --- 249,253 ---- } } ! public void destroy() { } |
|
From: Joseph I. <jos...@us...> - 2007-02-17 23:07:34
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/ccr In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2448/src/org/tolven/web/ccr Modified Files: CCRAction.java Log Message: Removed most of the calls to TopAction via getTop(). The userId, accountId and accountUserId are now in the session and accessible via TolvenAction methods: getSessoinTolvenUserId(), getSessionAcccountId() and getSessionAccountUserId(). Index: CCRAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/ccr/CCRAction.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** CCRAction.java 21 Jan 2007 00:00:46 -0000 1.4 --- CCRAction.java 17 Feb 2007 23:07:33 -0000 1.5 *************** *** 103,107 **** System.out.println( "Create new document..."); // Create a new CCR document. ! DocCCR docCCR = docBean.createCCRDocument(getTop().getUser().getId(), getTop().getAccountId()); setDoc( docCCR ); System.out.println( "...created id " + getDoc().getId()); --- 103,107 ---- System.out.println( "Create new document..."); // Create a new CCR document. ! DocCCR docCCR = docBean.createCCRDocument(getSessionTolvenUserId(), getSessionAccountId()); setDoc( docCCR ); System.out.println( "...created id " + getDoc().getId()); |
|
From: Joseph I. <jos...@us...> - 2007-02-17 21:14:05
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv19429/src/org/tolven/web Modified Files: DocAction.java Log Message: Removing reliance on top by placing userId, accountId and accountUserId in session. Index: DocAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/DocAction.java,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** DocAction.java 21 Jan 2007 00:00:45 -0000 1.11 --- DocAction.java 17 Feb 2007 21:14:00 -0000 1.12 *************** *** 25,28 **** --- 25,29 ---- import javax.naming.InitialContext; import javax.naming.NamingException; + import javax.servlet.http.HttpSession; import javax.xml.bind.JAXBException; *************** *** 36,39 **** --- 37,41 ---- import org.tolven.doc.entity.DocImage; import org.tolven.doc.entity.DocXML; + import org.tolven.web.security.VestibuleSecurityFilter; /** *************** *** 203,208 **** public long getAuthor() { ! org.tolven.web.TopAction top = (org.tolven.web.TopAction)FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get("top"); ! return top.getUser().getId(); } --- 205,213 ---- public long getAuthor() { ! HttpSession session = (HttpSession)FacesContext.getCurrentInstance().getExternalContext().getSession(true); ! Object obj = session.getAttribute(VestibuleSecurityFilter.TOLVENUSER_ID); ! if (obj == null) ! throw new IllegalStateException(getClass() + ": Session TOLVENUSER_ID is null"); ! return ((Long)obj).longValue(); } |
|
From: Joseph I. <jos...@us...> - 2007-02-17 21:14:05
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/ajax In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv19429/src/org/tolven/ajax Modified Files: AjaxServlet.java DocServlet.java Log Message: Removing reliance on top by placing userId, accountId and accountUserId in session. Index: AjaxServlet.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/ajax/AjaxServlet.java,v retrieving revision 1.20 retrieving revision 1.21 diff -C2 -d -r1.20 -r1.21 *** AjaxServlet.java 17 Feb 2007 01:02:33 -0000 1.20 --- AjaxServlet.java 17 Feb 2007 21:14:00 -0000 1.21 *************** *** 65,69 **** import org.tolven.web.AgeFormat; import org.tolven.web.RequestPerformanceItem; - import org.tolven.web.TopAction; import org.tolven.web.security.VestibuleSecurityFilter; /** --- 65,68 ---- *************** *** 378,382 **** if (uri.endsWith("xmlDocList.ajax")) { String sortAttribute = "id"; ! long userId = ((TopAction) req.getSession(false).getAttribute("top")).getUser().getId(); List<DocXML> rows = documentLocal.findAllXMLDocuments(userId, pageSize, offset, sortAttribute, sortDir ); int line = 0; --- 377,384 ---- if (uri.endsWith("xmlDocList.ajax")) { String sortAttribute = "id"; ! Object obj = req.getSession().getAttribute(VestibuleSecurityFilter.TOLVENUSER_ID); ! if (obj == null) ! throw new IllegalStateException(getClass() + ": Session TOLVENUSER_ID is null"); ! long userId = ((Long)obj).longValue(); List<DocXML> rows = documentLocal.findAllXMLDocuments(userId, pageSize, offset, sortAttribute, sortDir ); int line = 0; Index: DocServlet.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/ajax/DocServlet.java,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** DocServlet.java 4 Feb 2007 16:43:00 -0000 1.8 --- DocServlet.java 17 Feb 2007 21:14:00 -0000 1.9 *************** *** 17,21 **** import java.io.Writer; import java.util.List; - import java.util.TimeZone; import javax.naming.InitialContext; --- 17,20 ---- *************** *** 32,38 **** import org.apache.commons.fileupload.servlet.ServletFileUpload; import org.tolven.doc.DocumentLocal; - import org.tolven.doc.entity.DocBase; import org.tolven.doc.entity.DocImage; ! import org.tolven.web.TopAction; public class DocServlet extends HttpServlet { --- 31,36 ---- import org.apache.commons.fileupload.servlet.ServletFileUpload; import org.tolven.doc.DocumentLocal; import org.tolven.doc.entity.DocImage; ! import org.tolven.web.security.VestibuleSecurityFilter; public class DocServlet extends HttpServlet { *************** *** 83,94 **** // String uri = request.getRequestURI(); // Parse the request - TopAction top = null; - Object topObj = request.getSession(false).getAttribute("top"); - if (topObj==null) { - throw new IllegalStateException( "[docServlet] Top Obj is null - how can that be"); - } - if (topObj instanceof TopAction) { - top = (org.tolven.web.TopAction)topObj; - } String returnTo = null; try { --- 81,84 ---- *************** *** 110,115 **** doc.setMediaType( contentType ); // Get the logged in user and set as the author ! long accountId = top.getAccountId(); ! long userId = top.getUser().getId(); // id = docBean.createImage( doc, userId, accountId ); if (isInMemory) { --- 100,111 ---- doc.setMediaType( contentType ); // Get the logged in user and set as the author ! Object obj = request.getSession().getAttribute(VestibuleSecurityFilter.ACCOUNT_ID); ! if (obj == null) ! throw new IllegalStateException(getClass() + ": Session ACCOUNT_ID is null"); ! long accountId = (Long)obj; ! obj = request.getSession().getAttribute(VestibuleSecurityFilter.TOLVENUSER_ID); ! if (obj == null) ! throw new IllegalStateException(getClass() + ": Session TOLVENUSER_ID is null"); ! long userId = (Long)obj; // id = docBean.createImage( doc, userId, accountId ); if (isInMemory) { *************** *** 155,167 **** // loaded before we proceed. long docId = Long.parseLong( req.getParameter( "docId")); ! TopAction top = null; ! Object topObj = req.getSession(false).getAttribute("top"); ! if (topObj==null) { ! throw new IllegalStateException( "[docServlet] Top Obj is null - how can that be"); ! } ! if (topObj instanceof TopAction) { ! top = (org.tolven.web.TopAction)topObj; ! } ! long accountId = (Long) top.getAccountId(); // Calculate the target width and height based on scaling to the smallest of the two dimensions int targetWidth = Integer.parseInt(req.getParameter("width")); --- 151,158 ---- // loaded before we proceed. long docId = Long.parseLong( req.getParameter( "docId")); ! Object obj = req.getSession().getAttribute(VestibuleSecurityFilter.ACCOUNT_ID); ! if (obj == null) ! throw new IllegalStateException(getClass() + ": Session ACCOUNT_ID is null"); ! long accountId = (Long)obj; // Calculate the target width and height based on scaling to the smallest of the two dimensions int targetWidth = Integer.parseInt(req.getParameter("width")); |
|
From: Joseph I. <jos...@us...> - 2007-02-17 21:14:04
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv19429/src/org/tolven/web/security Modified Files: VestibuleSecurityFilter.java Log Message: Removing reliance on top by placing userId, accountId and accountUserId in session. Index: VestibuleSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/VestibuleSecurityFilter.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** VestibuleSecurityFilter.java 17 Feb 2007 12:42:28 -0000 1.10 --- VestibuleSecurityFilter.java 17 Feb 2007 21:14:00 -0000 1.11 *************** *** 61,64 **** --- 61,65 ---- private static String INVITATION_ID = "invitationId"; private static String TOLVEN_NOW = "tolvenNow"; + public static String ACCOUNT_ID = "accountId"; public static String ACCOUNTUSER_ID = "accountUserId"; public static String TOLVENUSER_ID = "TolvenUserId"; *************** *** 197,200 **** --- 198,202 ---- privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); session.removeAttribute(VESTIBULE_PASS); + session.setAttribute(ACCOUNT_ID, accountUser.getAccount().getId()); session.setAttribute(ACCOUNTUSER_ID, accountUser.getId()); ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); *************** *** 204,207 **** --- 206,210 ---- privateKeyRing.setAccountPrivateKey(null); // top.setAccountUser(null); + session.removeAttribute(ACCOUNT_ID); session.removeAttribute(ACCOUNTUSER_ID); } catch (PolicyContextException ex) { |
|
From: Joseph I. <jos...@us...> - 2007-02-17 12:42:29
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2081/src/org/tolven/web Modified Files: RegisterAction.java Log Message: Changed the hard-coded "pass" to Vestibule.VESTIBULE_PASS and placed the TolvenUserId in session for the duration of the session. Index: RegisterAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/RegisterAction.java,v retrieving revision 1.41 retrieving revision 1.42 diff -C2 -d -r1.41 -r1.42 *** RegisterAction.java 17 Feb 2007 01:02:33 -0000 1.41 --- RegisterAction.java 17 Feb 2007 12:42:28 -0000 1.42 *************** *** 50,53 **** --- 50,54 ---- import org.tolven.security.LoginLocal; import org.tolven.security.TolvenPerson; + import org.tolven.web.security.VestibuleSecurityFilter; import org.tolven.web.security.auth.KeyLdapCallbackHandler; import org.tolven.security.key.UserPrivateKey; *************** *** 430,434 **** } HttpSession session = (HttpSession)FacesContext.getCurrentInstance().getExternalContext().getSession(false); ! session.setAttribute("pass", "true"); return "success"; } --- 431,435 ---- } HttpSession session = (HttpSession)FacesContext.getCurrentInstance().getExternalContext().getSession(false); ! session.setAttribute(VestibuleSecurityFilter.VESTIBULE_PASS, "true"); return "success"; } |
|
From: Joseph I. <jos...@us...> - 2007-02-17 12:42:28
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2081/src/org/tolven/web/security Modified Files: VestibuleSecurityFilter.java Log Message: Changed the hard-coded "pass" to Vestibule.VESTIBULE_PASS and placed the TolvenUserId in session for the duration of the session. Index: VestibuleSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/VestibuleSecurityFilter.java,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** VestibuleSecurityFilter.java 17 Feb 2007 11:46:49 -0000 1.9 --- VestibuleSecurityFilter.java 17 Feb 2007 12:42:28 -0000 1.10 *************** *** 62,65 **** --- 62,67 ---- private static String TOLVEN_NOW = "tolvenNow"; public static String ACCOUNTUSER_ID = "accountUserId"; + public static String TOLVENUSER_ID = "TolvenUserId"; + public static String VESTIBULE_PASS = "vestibulePass"; private ActivationLocal activation; *************** *** 131,140 **** session.setAttribute(TOP, top); } ! TolvenUser user = top.getUser(); ! boolean justLoggedIn = user == null; if (justLoggedIn) { user = activation.loginUser(principalName, (Date) request.getAttribute(TOLVEN_NOW)); top.setUser(user); ! session.setAttribute("pass", "true"); } if ((user == null || Status.NEW_LOGIN.value().equalsIgnoreCase(user.getStatus())) && request.getParameter(INVITATION_ID) != null) { --- 133,144 ---- session.setAttribute(TOP, top); } ! TolvenUser user = null; ! obj = session.getAttribute(TOLVENUSER_ID); ! boolean justLoggedIn = obj == null; if (justLoggedIn) { user = activation.loginUser(principalName, (Date) request.getAttribute(TOLVEN_NOW)); top.setUser(user); ! session.setAttribute(TOLVENUSER_ID, obj); ! session.setAttribute(VESTIBULE_PASS, "true"); } if ((user == null || Status.NEW_LOGIN.value().equalsIgnoreCase(user.getStatus())) && request.getParameter(INVITATION_ID) != null) { *************** *** 165,169 **** //If the user has a pass, they don't need to supply a password again ! if ("true".equals(session.getAttribute("pass")) || request.getRequestURL().indexOf("password.jsf") != -1) { // Let the user have the request } else { --- 169,173 ---- //If the user has a pass, they don't need to supply a password again ! if ("true".equals(session.getAttribute(VESTIBULE_PASS)) || request.getRequestURL().indexOf("password.jsf") != -1) { // Let the user have the request } else { *************** *** 192,196 **** } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); ! session.removeAttribute("pass"); session.setAttribute(ACCOUNTUSER_ID, accountUser.getId()); ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); --- 196,200 ---- } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); ! session.removeAttribute(VESTIBULE_PASS); session.setAttribute(ACCOUNTUSER_ID, accountUser.getId()); ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); |
|
From: Joseph I. <jos...@us...> - 2007-02-17 11:46:53
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv11242/src/org/tolven/web/security Modified Files: VestibuleSecurityFilter.java Log Message: The previous commit was fine. The bug was in the test harness. Index: VestibuleSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/VestibuleSecurityFilter.java,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** VestibuleSecurityFilter.java 17 Feb 2007 08:43:00 -0000 1.8 --- VestibuleSecurityFilter.java 17 Feb 2007 11:46:49 -0000 1.9 *************** *** 189,193 **** if(accountUser.getAccountPrivateKey() == null) { //For backward compatibility with accounts which didn't originally have keys, we add them here ! //accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); --- 189,193 ---- if(accountUser.getAccountPrivateKey() == null) { //For backward compatibility with accounts which didn't originally have keys, we add them here ! accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); |
|
From: Joseph I. <jos...@us...> - 2007-02-17 08:43:01
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv910/src/org/tolven/web/security Modified Files: VestibuleSecurityFilter.java Log Message: Backed out the change to investigate a but related to invitations. Index: VestibuleSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/VestibuleSecurityFilter.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** VestibuleSecurityFilter.java 17 Feb 2007 08:24:20 -0000 1.7 --- VestibuleSecurityFilter.java 17 Feb 2007 08:43:00 -0000 1.8 *************** *** 189,193 **** if(accountUser.getAccountPrivateKey() == null) { //For backward compatibility with accounts which didn't originally have keys, we add them here ! accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); --- 189,193 ---- if(accountUser.getAccountPrivateKey() == null) { //For backward compatibility with accounts which didn't originally have keys, we add them here ! //accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); |
|
From: Joseph I. <jos...@us...> - 2007-02-17 08:24:21
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25907/src/org/tolven/web/security Modified Files: VestibuleSecurityFilter.java Log Message: //For backward compatibility with accounts which didn't originally have keys, we add them here. Index: VestibuleSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/VestibuleSecurityFilter.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** VestibuleSecurityFilter.java 17 Feb 2007 01:02:33 -0000 1.6 --- VestibuleSecurityFilter.java 17 Feb 2007 08:24:20 -0000 1.7 *************** *** 37,40 **** --- 37,41 ---- import javax.xml.bind.JAXBException; + import org.tolven.core.AccountDAOLocal; import org.tolven.core.ActivationLocal; import org.tolven.core.InvitationLocal; *************** *** 65,68 **** --- 66,70 ---- private LoginLocal loginBean; private InvitationLocal invitationBean; + private AccountDAOLocal accountBean; private TolvenContext tolvenContext; *************** *** 73,76 **** --- 75,79 ---- loginBean = (LoginLocal) ctx.lookup("tolven/LoginBean/local"); invitationBean = (InvitationLocal) ctx.lookup("tolven/InvitationBean/local"); + accountBean = (AccountDAOLocal) ctx.lookup("tolven/AccountDAOBean/local"); //TODO: This needs to be done once per deployment and thus may need to be moved if (tolvenContext == null) { *************** *** 184,187 **** --- 187,194 ---- } // Give TolvenUser the AccountPrivateKey for the selected account + if(accountUser.getAccountPrivateKey() == null) { + //For backward compatibility with accounts which didn't originally have keys, we add them here + accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); + } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); session.removeAttribute("pass"); *************** *** 233,237 **** } } ! public void destroy() { } --- 240,244 ---- } } ! public void destroy() { } |
|
From: Joseph I. <jos...@us...> - 2007-02-17 08:24:18
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25889/src/org/tolven/core/bean Modified Files: AccountDAOBean.java Log Message: //For backward compatibility with accounts which didn't originally have keys, we add them here. Index: AccountDAOBean.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/AccountDAOBean.java,v retrieving revision 1.27 retrieving revision 1.28 diff -C2 -d -r1.27 -r1.28 *** AccountDAOBean.java 17 Feb 2007 01:01:37 -0000 1.27 --- AccountDAOBean.java 17 Feb 2007 08:24:17 -0000 1.28 *************** *** 226,230 **** * @param user being invited to the Account (may be a self-invitation for a new Account) */ ! private void setupAccountKeys(Account account, AccountUser accountUser, Invitation invitation, TolvenUser user) { try { // TODO: At this point the AccountUser cannot have a PrivateKey --- 226,230 ---- * @param user being invited to the Account (may be a self-invitation for a new Account) */ ! public void setupAccountKeys(Account account, AccountUser accountUser, Invitation invitation, TolvenUser user) { try { // TODO: At this point the AccountUser cannot have a PrivateKey |
|
From: Joseph I. <jos...@us...> - 2007-02-17 08:24:18
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25889/src/org/tolven/core Modified Files: AccountDAOLocal.java Log Message: //For backward compatibility with accounts which didn't originally have keys, we add them here. Index: AccountDAOLocal.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/AccountDAOLocal.java,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** AccountDAOLocal.java 16 Feb 2007 05:53:37 -0000 1.14 --- AccountDAOLocal.java 17 Feb 2007 08:24:17 -0000 1.15 *************** *** 24,27 **** --- 24,28 ---- import org.tolven.core.entity.Sponsorship; import org.tolven.core.entity.TolvenUser; + import org.tolven.doc.entity.Invitation; import org.tolven.security.key.UserPrivateKey; *************** *** 153,155 **** --- 154,167 ---- */ public void accountTypeConversion(); + + + /** + * This method was added to handle pre-existing accounts which have no keys. An invitation does not have to be supplied but + * if the account already has a public key, then the invitation cannot be null + * @param account + * @param accountUser + * @param invitation + * @param user + */ + public void setupAccountKeys(Account account, AccountUser accountUser, Invitation invitation, TolvenUser user); } |
|
From: Joseph I. <jos...@us...> - 2007-02-17 04:53:11
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv4686/src/org/tolven/web/security Modified Files: GeneralSecurityFilter.java Log Message: Added code to double check that the TolvenUser whose Principal is in Subject is really associated with the AccountUser. Index: GeneralSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/GeneralSecurityFilter.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** GeneralSecurityFilter.java 17 Feb 2007 01:02:33 -0000 1.5 --- GeneralSecurityFilter.java 17 Feb 2007 04:53:10 -0000 1.6 *************** *** 37,41 **** import org.tolven.core.entity.AccountUser; import org.tolven.security.key.PrivateKeyRing; - import org.tolven.web.TopAction; /** --- 37,40 ---- *************** *** 109,112 **** --- 108,115 ---- return; } + // Make absolutely certain the user owns this account + if(!principal.getName().equals(accountUser.getUser().getLdapUID())) { + logout(principal.getName() + " DOES NOT MATCH ACCOUNTUSER", request, response); + } ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); return; |
|
From: John C. <jc...@us...> - 2007-02-17 01:05:01
|
Update of /cvsroot/tolven/tolvenWEB/web/scripts In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv9226/web/scripts Modified Files: tolvenwiz.js Log Message: Data entry fixup Index: tolvenwiz.js =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/scripts/tolvenwiz.js,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** tolvenwiz.js 16 Jan 2007 06:45:12 -0000 1.5 --- tolvenwiz.js 17 Feb 2007 01:04:59 -0000 1.6 *************** *** 1,4423 **** choiceList = new Object(); - choiceList.cancers = new Array( - "Acute Lymphoblastic Leukemia, Adult","Acute Lymphoblastic Leukemia, Childhood", "Acute Myeloid Leukemia, Adult", - "Acute Myeloid Leukemia, Childhood","Adrenocortical Carcinoma","Adrenocortical Carcinoma, Childhood","AIDS-Related Cancers","AIDS-Related Lymphoma","Anal Cancer", - "Astrocytoma, Childhood Cerebellar","Astrocytoma, Childhood Cerebral","Basal Cell Carcinoma, see Skin Cancer (non-Melanoma)","Bile Duct Cancer, Extrahepatic", - "Bladder Cancer","Bladder Cancer, Childhood","Bone Cancer, Osteosarcoma/Malignant Fibrous Histiocytoma","Brain Stem Glioma, Childhood","Brain Tumor, Adult", - "Brain Tumor, Brain Stem Glioma, Childhood","Brain Tumor, Cerebellar Astrocytoma, Childhood","Brain Tumor, Cerebral Astrocytoma/Malignant Glioma, Childhood", - "Brain Tumor, Ependymoma, Childhood","Brain Tumor, Medulloblastoma, Childhood","Brain Tumor, Supratentorial Primitive Neuroectodermal Tumors, Childhood", - "Brain Tumor, Visual Pathway and Hypothalamic Glioma, Childhood","Brain Tumor, Childhood (Other)","Breast Cancer","Breast Cancer and Pregnancy", - "Breast Cancer, Childhood","Breast Cancer, Male","Bronchial Adenomas/Carcinoids, Childhood","Burkitt's Lymphoma","Carcinoid Tumor, Childhood", [...4399 lines suppressed...] - "Works manager", - "Works/production manager NOS", - "Wound care nurse", - "Wrapping machine attendant", - "Writer", - "Writer - journalism", - "Yarn dyer", - "Yeast maker", - "Yeoman of Signals", - "Youth leader", - "Zoologist" - ); function makeHeading( prefix, stepNumber, title ) { return '<span style="display:none" id="' + prefix + 'step' + stepNumber + ':head">Step ' + stepNumber + '- <strong>' + title + '</strong></span>'; --- 1,5 ---- + // Choice lists we've got locally choiceList = new Object(); function makeHeading( prefix, stepNumber, title ) { return '<span style="display:none" id="' + prefix + 'step' + stepNumber + ':head">Step ' + stepNumber + '- <strong>' + title + '</strong></span>'; |
|
From: John C. <jc...@us...> - 2007-02-17 01:05:01
|
Update of /cvsroot/tolven/tolvenWEB/web/wizard In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv9226/web/wizard Modified Files: bccIntake.xhtml Log Message: Data entry fixup Index: bccIntake.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/wizard/bccIntake.xhtml,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** bccIntake.xhtml 29 Nov 2006 01:35:32 -0000 1.4 --- bccIntake.xhtml 17 Feb 2007 01:04:59 -0000 1.5 *************** *** 610,613 **** --- 610,5038 ---- A summary of your entries and any errors. </div> + <script language="JavaScript" type="text/javascript"> + // <![CDATA[ + + choiceList.cancers = new Array( + "Acute Lymphoblastic Leukemia, Adult","Acute Lymphoblastic Leukemia, Childhood", "Acute Myeloid Leukemia, Adult", + "Acute Myeloid Leukemia, Childhood","Adrenocortical Carcinoma","Adrenocortical Carcinoma, Childhood","AIDS-Related Cancers","AIDS-Related Lymphoma","Anal Cancer", + "Astrocytoma, Childhood Cerebellar","Astrocytoma, Childhood Cerebral","Basal Cell Carcinoma, see Skin Cancer (non-Melanoma)","Bile Duct Cancer, Extrahepatic", [...4400 lines suppressed...] + "Working proprietor (wholesale trade)", + "Working proprietor, catering AND/OR lodging services", + "Working proprietor, wholesale AND/OR retail trade", + "Works foreman", + "Works manager", + "Works/production manager NOS", + "Wound care nurse", + "Wrapping machine attendant", + "Writer", + "Writer - journalism", + "Yarn dyer", + "Yeast maker", + "Yeoman of Signals", + "Youth leader", + "Zoologist" + ); + // ]]> + </script> </ui:define> </ui:composition> |
|
From: John C. <jc...@us...> - 2007-02-17 01:04:28
|
Update of /cvsroot/tolven/tolvenWEB/web/WEB-INF In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv9201/web/WEB-INF Modified Files: faces-config.xml web.xml Log Message: 1. Minor adjustment to page flow 2. When returnning to application, let dispather decide application page to call. Index: faces-config.xml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/WEB-INF/faces-config.xml,v retrieving revision 1.35 retrieving revision 1.36 diff -C2 -d -r1.35 -r1.36 *** faces-config.xml 16 Feb 2007 05:52:26 -0000 1.35 --- faces-config.xml 17 Feb 2007 01:04:27 -0000 1.36 *************** *** 195,198 **** --- 195,203 ---- <to-view-id>/manage/adminAccount.xhtml</to-view-id> </navigation-case> + <navigation-case> + <from-outcome>dispatch</from-outcome> + <to-view-id>/private/dispatch.xhtml</to-view-id> + <redirect/> + </navigation-case> </navigation-rule> *************** *** 208,211 **** --- 213,221 ---- <redirect/> </navigation-case> + <navigation-case> + <from-outcome>dispatch</from-outcome> + <to-view-id>/private/dispatch.xhtml</to-view-id> + <redirect/> + </navigation-case> </navigation-rule> *************** *** 231,234 **** --- 241,249 ---- <to-view-id>/manage/adminAccount.xhtml</to-view-id> </navigation-case> + <navigation-case> + <from-outcome>dispatch</from-outcome> + <to-view-id>/private/dispatch.xhtml</to-view-id> + <redirect/> + </navigation-case> </navigation-rule> *************** *** 237,257 **** Add Sponsorships </description> ! <from-view-id>/manage/sponsorAdd.xhtml</from-view-id> <navigation-case> <from-action>#{reg.addSponsorship}</from-action> <from-outcome>success</from-outcome> ! <to-view-id>/manage/adminAccount.xhtml</to-view-id> </navigation-case> ! <navigation-case> ! <from-action>#{reg.updateAccount}</from-action> ! <from-outcome>success</from-outcome> <to-view-id>/private/dispatch.xhtml</to-view-id> <redirect/> ! </navigation-case> ! <navigation-case> ! <from-action>#{gen.createCHRPatients}</from-action> ! <from-outcome>success</from-outcome> ! <to-view-id>/manage/adminAccount.xhtml</to-view-id> ! </navigation-case> </navigation-rule> --- 252,266 ---- Add Sponsorships </description> ! <from-view-id>/manage/addSponsor.xhtml</from-view-id> <navigation-case> <from-action>#{reg.addSponsorship}</from-action> <from-outcome>success</from-outcome> ! <to-view-id>/manage/addSponsor.xhtml</to-view-id> </navigation-case> ! <navigation-case> ! <from-outcome>dispatch</from-outcome> <to-view-id>/private/dispatch.xhtml</to-view-id> <redirect/> ! </navigation-case> </navigation-rule> *************** *** 389,393 **** move on to the appropriate next page. </description> ! <from-view-id>/private/selectAccount.xhtml</from-view-id> <navigation-case> <from-outcome>dispatch</from-outcome> --- 398,402 ---- move on to the appropriate next page. </description> ! <from-view-id>/vestibule/selectAccount.xhtml</from-view-id> <navigation-case> <from-outcome>dispatch</from-outcome> *************** *** 396,407 **** <navigation-case> <from-outcome>inviteSuccess</from-outcome> ! <to-view-id>/private/selectAccount.xhtml</to-view-id> <redirect/> </navigation-case> <navigation-case> <from-outcome>createAccount</from-outcome> ! <to-view-id>/private/createAccount.xhtml</to-view-id> </navigation-case> </navigation-rule> <navigation-rule> <from-view-id>/public/register.xhtml</from-view-id> --- 405,432 ---- <navigation-case> <from-outcome>inviteSuccess</from-outcome> ! <to-view-id>/vestibule/selectAccount.xhtml</to-view-id> <redirect/> </navigation-case> <navigation-case> <from-outcome>createAccount</from-outcome> ! <to-view-id>/vestibule/createAccount.xhtml</to-view-id> ! <redirect/> </navigation-case> </navigation-rule> + + <navigation-rule> + <description> + Account selection password + </description> + <from-view-id>/vestibule/password.xhtml</from-view-id> + <navigation-case> + <from-action>#{reg.verifyPassword}</from-action> + <from-outcome>success</from-outcome> + <to-view-id>/vestibule/selectAccount.xhtml</to-view-id> + <redirect/> + </navigation-case> + </navigation-rule> + + <navigation-rule> <from-view-id>/public/register.xhtml</from-view-id> *************** *** 434,441 **** </navigation-rule> <navigation-rule> ! <from-view-id>/private/createAccount.xhtml</from-view-id> <navigation-case> <from-outcome>cancel</from-outcome> ! <to-view-id>/private/selectAccount.xhtml</to-view-id> <redirect/> </navigation-case> --- 459,466 ---- </navigation-rule> <navigation-rule> ! <from-view-id>/vestibule/createAccount.xhtml</from-view-id> <navigation-case> <from-outcome>cancel</from-outcome> ! <to-view-id>/vestibule/selectAccount.xhtml</to-view-id> <redirect/> </navigation-case> *************** *** 443,447 **** <from-action>#{reg.createNewAccount}</from-action> <from-outcome>success</from-outcome> ! <to-view-id>/private/selectAccount.xhtml</to-view-id> <redirect/> </navigation-case> --- 468,472 ---- <from-action>#{reg.createNewAccount}</from-action> <from-outcome>success</from-outcome> ! <to-view-id>/vestibule/selectAccount.xhtml</to-view-id> <redirect/> </navigation-case> Index: web.xml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/WEB-INF/web.xml,v retrieving revision 1.18 retrieving revision 1.19 diff -C2 -d -r1.18 -r1.19 *** web.xml 16 Feb 2007 04:20:00 -0000 1.18 --- web.xml 17 Feb 2007 01:04:27 -0000 1.19 *************** *** 106,110 **** <url-pattern>/private/*</url-pattern> </filter-mapping> ! <servlet> <servlet-name>Faces Servlet</servlet-name> --- 106,138 ---- <url-pattern>/private/*</url-pattern> </filter-mapping> ! <filter-mapping> ! <filter-name>GeneralSecurityFilter</filter-name> ! <url-pattern>/private/*</url-pattern> ! </filter-mapping> ! <filter-mapping> ! <filter-name>GeneralSecurityFilter</filter-name> ! <url-pattern>/manage/*</url-pattern> ! </filter-mapping> ! <filter-mapping> ! <filter-name>GeneralSecurityFilter</filter-name> ! <url-pattern>/templates/*</url-pattern> ! </filter-mapping> ! <filter-mapping> ! <filter-name>GeneralSecurityFilter</filter-name> ! <url-pattern>/five/*</url-pattern> ! </filter-mapping> ! <filter-mapping> ! <filter-name>GeneralSecurityFilter</filter-name> ! <url-pattern>/ajax/*</url-pattern> ! </filter-mapping> ! <filter-mapping> ! <filter-name>GeneralSecurityFilter</filter-name> ! <url-pattern>*.ajax</url-pattern> ! </filter-mapping> ! <filter-mapping> ! <filter-name>GeneralSecurityFilter</filter-name> ! <url-pattern>*.ajaxi</url-pattern> ! </filter-mapping> ! <servlet> <servlet-name>Faces Servlet</servlet-name> |
|
From: John C. <jc...@us...> - 2007-02-17 01:04:11
|
Update of /cvsroot/tolven/tolvenWEB/web/private In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv9137/web/private Removed Files: adminAccount.xhtml Log Message: 1. Minor adjustment to page flow 2. When returnning to application, let dispather decide application page to call. --- adminAccount.xhtml DELETED --- |
|
From: John C. <jc...@us...> - 2007-02-17 01:03:48
|
Update of /cvsroot/tolven/tolvenWEB/web/manage In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv8778/web/manage Modified Files: adminAccount.xhtml editProfile.xhtml controlAccess.xhtml addSponsor.xhtml Log Message: 1. Minor adjustment to page flow 2. When returnning to application, let dispather decide application page to call. Index: addSponsor.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/manage/addSponsor.xhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** addSponsor.xhtml 16 Feb 2007 05:52:06 -0000 1.1 --- addSponsor.xhtml 17 Feb 2007 01:03:47 -0000 1.2 *************** *** 46,51 **** </h:outputLink> <h:outputText value=" | | " /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='echr'}" action="echr" /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='ephr'}" action="ephr" /> <h:messages for="acctAdmin:sponsorTitle" errorClass="errorMsg" infoClass="infoMsg" warnClass="warnMsg" fatalClass="fatalMsg"/> </h:form> --- 46,50 ---- </h:outputLink> <h:outputText value=" | | " /> ! <h:commandLink value="Return to Application" action="dispatch" /> <h:messages for="acctAdmin:sponsorTitle" errorClass="errorMsg" infoClass="infoMsg" warnClass="warnMsg" fatalClass="fatalMsg"/> </h:form> Index: adminAccount.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/manage/adminAccount.xhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** adminAccount.xhtml 16 Feb 2007 05:52:06 -0000 1.1 --- adminAccount.xhtml 17 Feb 2007 01:03:47 -0000 1.2 *************** *** 30,35 **** <h:commandLink value="Edit Title/Timezone" action="edit" /> <h:outputText value=" | | " /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='echr'}" action="echr" /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='ephr'}" action="ephr" /> <h3>List of users allowed to login to this account</h3> --- 30,34 ---- <h:commandLink value="Edit Title/Timezone" action="edit" /> <h:outputText value=" | | " /> ! <h:commandLink value="Return to Application" action="dispatch" /> <h3>List of users allowed to login to this account</h3> *************** *** 89,94 **** <h:commandLink value="Control User Access to Account" action="control" /> <h:outputText value=" | | " /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='echr'}" action="echr" /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='ephr'}" action="ephr" /> <h3>Account sponsorships</h3> --- 88,92 ---- <h:commandLink value="Control User Access to Account" action="control" /> <h:outputText value=" | | " /> ! <h:commandLink value="Return to Application" action="dispatch" /> <h3>Account sponsorships</h3> *************** *** 96,101 **** <h:commandLink value="View/Add Sponsorships" action="sponsor" /> <h:outputText style="font-style:bold" value=" | | " /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='echr'}" action="echr" /> ! <h:commandLink value="Return to Application" rendered="#{reg.account.accountType.knownType=='ephr'}" action="ephr" /> </h:form> --- 94,98 ---- <h:commandLink value="View/Add Sponsorships" action="sponsor" /> <h:outputText style="font-style:bold" value=" | | " /> ! <h:commandLink value="Return to Application" action="dispatch" /> </h:form> Index: controlAccess.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/manage/controlAccess.xhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** controlAccess.xhtml 16 Feb 2007 05:52:06 -0000 1.1 --- controlAccess.xhtml 17 Feb 2007 01:03:47 -0000 1.2 *************** *** 75,80 **** <h:commandButton action="#{reg.addDemoUser}" value="Add"/> </h:panelGrid> ! <h:commandButton value="Return to Application" rendered="#{reg.account.accountType.knownType=='echr'}" action="echr" /> ! <h:commandButton value="Return to Application" rendered="#{reg.account.accountType.knownType=='ephr'}" action="ephr" /> <h:messages for="accountAdmin:uid" errorClass="errorMsg" infoClass="infoMsg" warnClass="warnMsg" fatalClass="fatalMsg"/> </h:form> --- 75,79 ---- <h:commandButton action="#{reg.addDemoUser}" value="Add"/> </h:panelGrid> ! <h:commandLink value="Return to Application" action="dispatch" /> <h:messages for="accountAdmin:uid" errorClass="errorMsg" infoClass="infoMsg" warnClass="warnMsg" fatalClass="fatalMsg"/> </h:form> Index: editProfile.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/manage/editProfile.xhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** editProfile.xhtml 16 Feb 2007 05:52:06 -0000 1.1 --- editProfile.xhtml 17 Feb 2007 01:03:47 -0000 1.2 *************** *** 30,35 **** </h:panelGrid> <h:commandButton action="#{reg.updateAccount}" value="Update"/> ! <h:commandButton value="Return to Application" rendered="#{reg.account.accountType.knownType=='echr'}" action="echr" /> ! <h:commandButton value="Return to Application" rendered="#{reg.account.accountType.knownType=='ephr'}" action="ephr" /> </h:form> </ui:define> --- 30,34 ---- </h:panelGrid> <h:commandButton action="#{reg.updateAccount}" value="Update"/> ! <h:commandLink value="Return to Application" action="dispatch" /> </h:form> </ui:define> |
3 messages has been excluded from this view by a project administrator.
