tolven-cvs-commit — Tolven CVS Commit

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/core/bean InvitationSender.java, 1.10, 1.11 InvitationBean.java, 1.17, 1.18 AccountDAOBean.java, 1.21, 1.22 ActivationBean.java, 1.27, 1.28 TolvenOIDBean.java, 1.5, NONE

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/core/bean

Modified Files:
	InvitationSender.java InvitationBean.java AccountDAOBean.java 
	ActivationBean.java 
Removed Files:
	TolvenOIDBean.java 
Log Message:
Refactoring to support Encryption

Index: InvitationSender.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/InvitationSender.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -d -r1.10 -r1.11
*** InvitationSender.java	3 Dec 2006 08:34:18 -0000	1.10
--- InvitationSender.java	20 Jan 2007 19:23:17 -0000	1.11
***************
*** 23,29 ****
  import javax.jms.MessageListener;
  import javax.jms.ObjectMessage;
- import javax.jms.TextMessage;
- import javax.persistence.EntityManager;
- import javax.persistence.PersistenceContext;
  
  import org.tolven.core.ActivationLocal;
--- 23,26 ----
***************
*** 41,51 ****
  public class InvitationSender implements MessageListener {
  	
- 	@PersistenceContext
- 	private EntityManager em;
  
! 	@EJB
! 	    private InvitationLocal invitationBean;
! 	@EJB
! 		private ActivationLocal activationBean;
  
  	@Resource private MessageDrivenContext ctx;
--- 38,43 ----
  public class InvitationSender implements MessageListener {
  	
  
! 	@EJB private InvitationLocal invitationBean;
  
  	@Resource private MessageDrivenContext ctx;
***************
*** 54,61 ****
  		try {
  			Invitation invitation = (Invitation) ((ObjectMessage)msg).getObject();
- 			// We'll persist test messages, too.
- 			em.persist( invitation );
  			// The invitation may require followup if the user doesn't activate in time
! 			activationBean.followup(invitation);	
  	        if ("test".equals(invitation.getDispatchAction())) {
  				System.out.println("[InvitationSender:onMessage] TEST MSG: " + invitation.getTitle());
--- 46,51 ----
  		try {
  			Invitation invitation = (Invitation) ((ObjectMessage)msg).getObject();
  			// The invitation may require followup if the user doesn't activate in time
! 			invitationBean.followup(invitation);	
  	        if ("test".equals(invitation.getDispatchAction())) {
  				System.out.println("[InvitationSender:onMessage] TEST MSG: " + invitation.getTitle());

--- TolvenOIDBean.java DELETED ---

Index: InvitationBean.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/InvitationBean.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -C2 -d -r1.17 -r1.18
*** InvitationBean.java	8 Dec 2006 07:21:52 -0000	1.17
--- InvitationBean.java	20 Jan 2007 19:23:17 -0000	1.18
***************
*** 14,19 ****
  package org.tolven.core.bean;
  
  import java.io.IOException;
- import java.util.ArrayList;
  import java.util.Date;
  import java.util.List;
--- 14,20 ----
  package org.tolven.core.bean;
  
+ import java.io.ByteArrayInputStream;
+ import java.io.ByteArrayOutputStream;
  import java.io.IOException;
  import java.util.Date;
  import java.util.List;
***************
*** 24,29 ****
  import javax.ejb.EJBContext;
  import javax.ejb.Local;
- import javax.ejb.SessionContext;
  import javax.ejb.Stateless;
  import javax.jms.Connection;
  import javax.jms.ConnectionFactory;
--- 25,31 ----
  import javax.ejb.EJBContext;
  import javax.ejb.Local;
  import javax.ejb.Stateless;
+ import javax.ejb.Timeout;
+ import javax.ejb.Timer;
  import javax.jms.Connection;
  import javax.jms.ConnectionFactory;
***************
*** 32,36 ****
  import javax.jms.ObjectMessage;
  import javax.jms.Queue;
- import javax.jms.TextMessage;
  import javax.mail.Authenticator;
  import javax.mail.Message;
--- 34,37 ----
***************
*** 40,64 ****
  import javax.mail.internet.InternetAddress;
  import javax.mail.internet.MimeMessage;
  import javax.persistence.EntityManager;
  import javax.persistence.PersistenceContext;
  import javax.persistence.Query;
  import javax.xml.bind.JAXBException;
  
  import org.tolven.admin.AdministrativeDetail;
  import org.tolven.admin.InvitationDetail;
  import org.tolven.admin.JoinAccountInvitation;
  import org.tolven.admin.JoinNewAccountInvitation;
- import org.tolven.app.entity.MenuStructure;
  import org.tolven.core.AccountDAOLocal;
  import org.tolven.core.ActivationLocal;
  import org.tolven.core.InvitationLocal;
- import org.tolven.core.TolvenPropertiesLocal;
  import org.tolven.core.entity.Account;
! import org.tolven.core.entity.HealthRecord;
  import org.tolven.core.entity.Status;
  import org.tolven.core.entity.TolvenUser;
! import org.tolven.doc.DocumentLocal;
! import org.tolven.doc.entity.DocBase;
  import org.tolven.doc.entity.Invitation;
  
  @Stateless
--- 41,71 ----
  import javax.mail.internet.InternetAddress;
  import javax.mail.internet.MimeMessage;
+ import javax.naming.NamingException;
  import javax.persistence.EntityManager;
  import javax.persistence.PersistenceContext;
  import javax.persistence.Query;
+ import javax.xml.bind.JAXBContext;
+ import javax.xml.bind.JAXBElement;
  import javax.xml.bind.JAXBException;
+ import javax.xml.bind.Marshaller;
+ import javax.xml.bind.Unmarshaller;
+ import javax.xml.transform.stream.StreamSource;
  
+ import org.tolven.admin.ActivateInvitation;
  import org.tolven.admin.AdministrativeDetail;
+ import org.tolven.admin.Details;
  import org.tolven.admin.InvitationDetail;
  import org.tolven.admin.JoinAccountInvitation;
  import org.tolven.admin.JoinNewAccountInvitation;
  import org.tolven.core.AccountDAOLocal;
  import org.tolven.core.ActivationLocal;
  import org.tolven.core.InvitationLocal;
  import org.tolven.core.entity.Account;
! import org.tolven.core.entity.Sponsorship;
  import org.tolven.core.entity.Status;
  import org.tolven.core.entity.TolvenUser;
! import org.tolven.doc.bean.XMLBean;
  import org.tolven.doc.entity.Invitation;
+ import org.tolven.security.LDAPLocal;
  
  @Stateless
***************
*** 69,75 ****
  	private EntityManager em;
  
      TolvenAuthenticator authenticator;
  
!     @Resource(mappedName="ConnectionFactory")
      private ConnectionFactory connectionFactory;
  
--- 76,85 ----
  	private EntityManager em;
  
+ 	@Resource EJBContext ejbContext;
+ 
      TolvenAuthenticator authenticator;
  
! //    @Resource(mappedName="ConnectionFactory")
!     @Resource(mappedName="java:/JmsXA")
      private ConnectionFactory connectionFactory;
  
***************
*** 77,97 ****
      private  Queue queue; 
      
!     @EJB private TolvenPropertiesLocal propertyBean;
! 
!     @EJB private DocumentLocal documentBean;
! 
      @EJB private AccountDAOLocal accountBean;
  
      private TemplateGen templateGen = null;
! 	private Properties props =  null;
      
      // We just use this class locally
      class TolvenAuthenticator extends Authenticator {
!     	Properties props;
!     	TolvenAuthenticator(Properties props) {
!     		this.props = props;
      	}
      	protected PasswordAuthentication getPasswordAuthentication(){
!     		return new PasswordAuthentication(props.getProperty("tolven.mail.user"), props.getProperty("tolven.mail.password"));
      	}
      }
--- 87,118 ----
      private  Queue queue; 
      
!     @EJB private LDAPLocal ldapBean;
!     
!     @EJB private ActivationLocal activationBean;
!     
      @EJB private AccountDAOLocal accountBean;
  
      private TemplateGen templateGen = null;
!     private JAXBContext jc;
      
+     /**
+      * Create or use a JAXB context. We keep a map of already-used bindings in a static variable. 
+      * @return A JAXB context.
+      * @throws JAXBException
+      */
+     protected JAXBContext setupJAXBContext() throws JAXBException {
+     	if (jc==null) {
+ 			jc = JAXBContext.newInstance( "org.tolven.admin", XMLBean.class.getClassLoader() );
+ 	    }
+         return jc;
+ 	}
+ 
      // We just use this class locally
      class TolvenAuthenticator extends Authenticator {
!     	TolvenAuthenticator() {
      	}
      	protected PasswordAuthentication getPasswordAuthentication(){
!     		return new PasswordAuthentication(System.getProperty("tolven.mail.user"), 
!     				System.getProperty("tolven.mail.password"));
      	}
      }
***************
*** 106,117 ****
       */
      public void initialize() throws IOException {
-     	if (props==null) {
-     		props = propertyBean.getProperties();
-     	}
      	if (templateGen==null) {
  		    templateGen = new TemplateGen( 
! 		    		props.getProperty("tolven.invitation.host"), 
! 		    		Integer.parseInt(props.getProperty("tolven.invitation.port")), 
! 		    		props.getProperty("tolven.invitation.root"));
      	}
      }
--- 127,135 ----
       */
      public void initialize() throws IOException {
      	if (templateGen==null) {
  		    templateGen = new TemplateGen( 
! 		    		System.getProperty("tolven.invitation.host"), 
! 		    		Integer.parseInt(System.getProperty("tolven.invitation.port")), 
! 		    		System.getProperty("tolven.invitation.root"));
      	}
      }
***************
*** 133,143 ****
      public void sendNotifyMessage( String subject, InternetAddress addressee, String message ) throws Exception {
      	initialize();
!     	authenticator = new TolvenAuthenticator(props);
!     	Session session = Session.getInstance(props, authenticator);
      	//	session.setDebug(true);
          MimeMessage msg = new MimeMessage(session);
          msg.setSubject(subject);
          msg.setSentDate(new Date());
!         msg.setFrom(new InternetAddress(props.getProperty("tolven.mail.from"), props.getProperty("tolven.mail.fromName")));
          msg.setRecipients(Message.RecipientType.TO, new InternetAddress[] {addressee});
          msg.setContent(message, "text/html");
--- 151,161 ----
      public void sendNotifyMessage( String subject, InternetAddress addressee, String message ) throws Exception {
      	initialize();
!     	authenticator = new TolvenAuthenticator();
!     	Session session = Session.getInstance(System.getProperties(), authenticator);
      	//	session.setDebug(true);
          MimeMessage msg = new MimeMessage(session);
          msg.setSubject(subject);
          msg.setSentDate(new Date());
!         msg.setFrom(new InternetAddress(System.getProperty("tolven.mail.from"), System.getProperty("tolven.mail.fromName")));
          msg.setRecipients(Message.RecipientType.TO, new InternetAddress[] {addressee});
          msg.setContent(message, "text/html");
***************
*** 223,247 ****
      	Invitation invite = new Invitation( );
      	invite.setTargetEmail(principal);
          invite.setStatus(activeStatus);
!         invite.setDetails( createDetail(detail) );
          em.persist( invite );
          return invite;
      }
  
- 	/**
- 	 * Create a list with a single detail in it, create a document if needed and associate that docuemnt
- 	 * with this invitation.
- 	 * @param detail a single administrative detail to associate with this invitation
- 	 * @throws IOException 
- 	 * @throws JAXBException 
- 	 */
- 	public DocBase createDetail( InvitationDetail detail ) throws JAXBException, IOException {
- 		DocBase docBase = new DocBase();
- 		List<AdministrativeDetail> details = new ArrayList<AdministrativeDetail>(1);
- 		details.add( detail );
- 		documentBean.setDetails( docBase, details);
- 		em.persist( docBase );
- 		return docBase;
- 	}
  
  	/**
--- 241,260 ----
      	Invitation invite = new Invitation( );
      	invite.setTargetEmail(principal);
+         invite.setCreated( new Date() );
          invite.setStatus(activeStatus);
!         JAXBContext jc = setupJAXBContext();
!         Details topDetail = new Details();
!         topDetail.getDetail().add( detail );
!         JAXBElement<Details> top = (new org.tolven.admin.ObjectFactory()).createDetails(topDetail);
!         Marshaller m = jc.createMarshaller();
!         m.setProperty( Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE );
! 		ByteArrayOutputStream output = new ByteArrayOutputStream( );
!         m.marshal( top, output );
!         invite.setDetailContent( output.toByteArray() );
          em.persist( invite );
+         System.out.println( "Invitation detail: " + invite.getId() + new String(invite.getDetailContent()));
          return invite;
      }
  
  
  	/**
***************
*** 256,260 ****
  	
  	public List<Invitation> findOpenInvitations( TolvenUser user, Date now) {
! 		 String activeStatus = Status.fromValue("active").value(); 
  		 String oldActiveStatus = Status.fromValue("ACTIVE").value(); 
  
--- 269,274 ----
  	
  	public List<Invitation> findOpenInvitations( TolvenUser user, Date now) {
! 		if (null==user) throw new IllegalArgumentException("findOpenInvitations: user must not be null" );
! 		String activeStatus = Status.fromValue("active").value(); 
  		 String oldActiveStatus = Status.fromValue("ACTIVE").value(); 
  
***************
*** 284,289 ****
  	 * @throws IOException 
  	 * @throws JAXBException 
  	 */
! 	public void executeInvitation( long invitationId, Date now ) throws InvitationException, JAXBException, IOException {
  		Invitation invitation = findInvitation( invitationId );
  		executeInvitation( invitation, now );
--- 298,304 ----
  	 * @throws IOException 
  	 * @throws JAXBException 
+ 	 * @throws NamingException 
  	 */
! 	public void executeInvitation( long invitationId, Date now ) throws InvitationException, JAXBException, IOException, NamingException {
  		Invitation invitation = findInvitation( invitationId );
  		executeInvitation( invitation, now );
***************
*** 294,303 ****
  	 * @throws IOException 
  	 * @throws JAXBException 
  	 */
! 	public void executeInvitation( Invitation invitation, Date now ) throws InvitationException, JAXBException, IOException {
  //		Invitation invitation = findInvitation( invitationId );
  		System.out.println( "Executing invitation id: " +  invitation.getId() + " Title: " + invitation.getTitle() + " targetEmail: " + invitation.getTargetEmail());
  		// Get the details
! 		List<AdministrativeDetail> details = documentBean.getDetails(invitation.getDetails());
  		for (AdministrativeDetail detail : details) {
  			if (detail instanceof JoinNewAccountInvitation)
--- 309,323 ----
  	 * @throws IOException 
  	 * @throws JAXBException 
+ 	 * @throws NamingException 
  	 */
! 	public void executeInvitation( Invitation invitation, Date now ) throws InvitationException, JAXBException, IOException, NamingException {
  //		Invitation invitation = findInvitation( invitationId );
  		System.out.println( "Executing invitation id: " +  invitation.getId() + " Title: " + invitation.getTitle() + " targetEmail: " + invitation.getTargetEmail());
+         System.out.println( " detail: " + new String(invitation.getDetailContent()));
  		// Get the details
!         JAXBContext jc = setupJAXBContext();
!         Unmarshaller u = jc.createUnmarshaller();
! 	    Details detailGraph = (Details)u.unmarshal( new StreamSource( new ByteArrayInputStream( invitation.getDetailContent()) ) );
! 		List<AdministrativeDetail> details = detailGraph.getDetail();
  		for (AdministrativeDetail detail : details) {
  			if (detail instanceof JoinNewAccountInvitation)
***************
*** 308,312 ****
  				System.out.println( "Created account: " + account.getId());
  				// Note, the user automatically gets account permission since they are the only user on that new account.
! 				accountBean.addAccountUser( account, accountBean.findUser( invitation.getTargetEmail()), now, true);
  			}
  			if (detail instanceof JoinAccountInvitation)
--- 328,332 ----
  				System.out.println( "Created account: " + account.getId());
  				// Note, the user automatically gets account permission since they are the only user on that new account.
! 				accountBean.addAccountUser( account, activationBean.findUser( invitation.getTargetEmail()), now, true);
  			}
  			if (detail instanceof JoinAccountInvitation)
***************
*** 315,326 ****
  				Account account = accountBean.findAccount( ja.getAccountId() );
  				// Note, the user may or may not be given account permission depending on the wishes of the inviter.
! 				accountBean.addAccountUser( account, accountBean.findUser( invitation.getTargetEmail()), now, ja.isAccountPermission());
  			}
  		}
! 		String completedStatus = Status.fromValue("completed").value();	 
! 		invitation.setStatus(completedStatus);
  		em.merge( invitation );
  		
  	}
  
  }
--- 335,397 ----
  				Account account = accountBean.findAccount( ja.getAccountId() );
  				// Note, the user may or may not be given account permission depending on the wishes of the inviter.
! 				accountBean.addAccountUser( account, activationBean.findUser( invitation.getTargetEmail()), now, ja.isAccountPermission());
! 			}
! 			if (detail instanceof ActivateInvitation)
! 			{
! 				ActivateInvitation activate = (ActivateInvitation) detail; 
! 				// If the invitation is now obsolete, we need to delete the LDAP entry.
! 				if (invitation.getStatus().equals(Status.OBSOLETE.value())) {
! 					invitation.setStatus(Status.OBSOLETE.value());
! 					ldapBean.deleteUser(activate.getPrincipal());
! 				} else {
! 					String principal = ejbContext.getCallerPrincipal().getName();
! 			        if (!principal.equals(activate.getPrincipal())) {
! 			        	throw new InvitationException( "Invitation does not match logged in user");
! 			        }
! 			        // OK, we're good to go. Create the user and mark the invitation as used
! 			        TolvenUser user = activationBean.findUser(principal);
! 			        //TODO: If TolvenUser is found, the expected status is NEW_LOGIN. Should we check here, and if not what expected?
! 			        if(user == null)
! 			            user = activationBean.createTolvenUser( principal, now );
! 			    	user.setDemoUser(false);
! 			    	if (activate.getReferenceCode()!=null) {
! 						Sponsorship sponsorship = activationBean.findSponsorship(activate.getReferenceCode());
! 				    	user.setSponsorship(sponsorship);
! 			    	}
! 				}
  			}
  		}
! 		invitation.setStatus(Status.COMPLETED.value());
  		em.merge( invitation );
  		
  	}
+     /**
+      * If the userID isn't registered within an hour, cancel the activation
+      */ 
+     public void followup( Invitation invitation ) {
+     	if (invitation.getExpiration()!=null) {
+     		ejbContext.getTimerService().createTimer( invitation.getExpiration(), new Long(invitation.getId()));
+     	}
+     }
+ 
+     /**
+      * Cancel an activation that has not been responded to within an hour or so.
+      * @param UID
+      * @throws IOException 
+      * @throws JAXBException 
+      * @throws NamingException 
+      * @throws InvitationException 
+      */
+     @Timeout
+     public void timeout( Timer timer ) throws JAXBException, IOException, NamingException, InvitationException {
+     	long invitationId = (Long) timer.getInfo();
+     	Invitation invitation = findInvitation(invitationId);
+     	System.out.println( "Checking " + invitation.getId() + " for activation");
+     	// If this invitation is still active, we'll need to obsolete it.
+ 		if (invitation.getStatus().equals(Status.ACTIVE.value())) {
+ 			invitation.setStatus(Status.OBSOLETE.value());
+ 			executeInvitation(invitation, new Date());
+ 		}
+     }
  
  }

Index: AccountDAOBean.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/AccountDAOBean.java,v
retrieving revision 1.21
retrieving revision 1.22
diff -C2 -d -r1.21 -r1.22
*** AccountDAOBean.java	3 Jan 2007 07:24:09 -0000	1.21
--- AccountDAOBean.java	20 Jan 2007 19:23:17 -0000	1.22
***************
*** 37,41 ****
  import org.tolven.security.key.UserPrivateKey;
  
- 
  /**
   * This is the bean class for the AccountDAOBean enterprise bean.
--- 37,40 ----
***************
*** 46,54 ****
  @Local(AccountDAOLocal.class)
  public class AccountDAOBean implements org.tolven.core.AccountDAOLocal {
! 	@PersistenceContext
! 	private EntityManager em;
  
!     @Resource 
!     EJBContext ejbContext;
  
  	public static String alphabet = "ab2c3d4e5f6g7h8j9kmnprstuvwxy"; 
--- 45,51 ----
  @Local(AccountDAOLocal.class)
  public class AccountDAOBean implements org.tolven.core.AccountDAOLocal {
! 	@PersistenceContext private EntityManager em;
  
!     @Resource EJBContext ejbContext;
  
  	public static String alphabet = "ab2c3d4e5f6g7h8j9kmnprstuvwxy"; 
***************
*** 93,96 ****
--- 90,94 ----
          return account;
      }
+     
      /**
       * Create a new account. No users are associated with this account.
***************
*** 111,136 ****
      }
  
-     /**
-      * Given the principal's name, get the TolvenUser object. the parameter must be converted to lower case to ensure we find a match.
-      */
-      public TolvenUser findUser( String principal ) {
-     	 //Support both types of active status;    	
-     	String activeStatus = Status.fromValue("active").value();
-     	String oldActiveStatus = Status.fromValue("ACTIVE").value();
-   		//Activating should be replaced by New
-  		String activatingStatus = Status.fromValue("ACTIVATING").value();
-  		String newStatus = Status.fromValue("new").value();
-         String newLoginStatus = Status.fromValue("new_login").value();
-  		String select = "SELECT DISTINCT u FROM TolvenUser u WHERE u.ldapUID = :principal " +
-         "and ( u.status = '";
-  		select += oldActiveStatus + "' or u.status = '" + activeStatus + "' or u.status = '" + newStatus + "' or u.status = '" + activatingStatus + "' or u.status = '" + newLoginStatus + "') ";
-     	 Query query = em.createQuery(select);
-         query.setParameter("principal", principal.toLowerCase());
-         query.setMaxResults(2);
-         List<TolvenUser> items = query.getResultList();
-         if (items.size()!=1) return null;
-         return items.get(0);
-      }
- 
       /**
        * Associate a user with an account without sending using invitation
--- 109,112 ----
***************
*** 259,277 ****
       }
        
-      /**
-       * Given what is suspected to be a valid sponsorship reference code, return the Sponsorship 
-       * This method fails loudly (throws an object not found exception) if the reference code is not found.
-       * This should be sufficient to rollback a transaction intended to create a new user 
-       * with an invalid reference code.
-       * @throws NoResultException if the referenceCode is not found
-       * @param referenceCode
-       * @return
-       */
-      public Sponsorship findSponsorship( String referenceCode ) {
-      	Query q = em.createQuery("SELECT s FROM Sponsorship s WHERE s.referenceCode = :rc");
-      	q.setParameter("rc", referenceCode);
-      	Sponsorship s = (Sponsorship) q.getSingleResult();
-      	return s;
-      }
  
       
--- 235,238 ----

Index: ActivationBean.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/ActivationBean.java,v
retrieving revision 1.27
retrieving revision 1.28
diff -C2 -d -r1.27 -r1.28
*** ActivationBean.java	20 Jan 2007 08:10:19 -0000	1.27
--- ActivationBean.java	20 Jan 2007 19:23:17 -0000	1.28
***************
*** 16,22 ****
  import java.io.IOException;
  import java.util.ArrayList;
- import java.util.Calendar;
  import java.util.Date;
- import java.util.GregorianCalendar;
  import java.util.List;
  
--- 16,20 ----
***************
*** 26,60 ****
  import javax.ejb.Local;
  import javax.ejb.Stateless;
- import javax.ejb.Timeout;
- import javax.ejb.Timer;
- import javax.ejb.TimerService;
  import javax.naming.NamingException;
  import javax.persistence.EntityManager;
  import javax.persistence.PersistenceContext;
  import javax.persistence.Query;
  import javax.xml.bind.JAXBException;
- import javax.xml.datatype.DatatypeFactory;
- import javax.xml.datatype.XMLGregorianCalendar;
  
! import org.tolven.admin.ActivateInvitation;
! import org.tolven.admin.AdministrativeDetail;
! import org.tolven.admin.InvitationDetail;
! import org.tolven.admin.JoinNewAccountInvitation;
! import org.tolven.core.AccountDAOLocal;
  import org.tolven.core.ActivationLocal;
- import org.tolven.core.InvitationLocal;
  import org.tolven.core.entity.Account;
  import org.tolven.core.entity.AccountUser;
- import org.tolven.core.entity.HealthRecord;
  import org.tolven.core.entity.Sponsorship;
  import org.tolven.core.entity.Status;
  import org.tolven.core.entity.TolvenUser;
! import org.tolven.doc.DocumentLocal;
! import org.tolven.doc.entity.DocBase;
! import org.tolven.doc.entity.Invitation;
  import org.tolven.security.TolvenPerson;
- import org.tolven.security.bean.LDAPLocal;
- import org.tolven.security.key.UserKeyRing;
- 
  
  //import javax.jws.WebService;
--- 24,46 ----
  import javax.ejb.Local;
  import javax.ejb.Stateless;
  import javax.naming.NamingException;
  import javax.persistence.EntityManager;
+ import javax.persistence.NoResultException;
  import javax.persistence.PersistenceContext;
  import javax.persistence.Query;
+ import javax.security.auth.Subject;
+ import javax.security.jacc.PolicyContext;
+ import javax.security.jacc.PolicyContextException;
  import javax.xml.bind.JAXBException;
  
! import org.jboss.annotation.security.SecurityDomain;
  import org.tolven.core.ActivationLocal;
  import org.tolven.core.entity.Account;
  import org.tolven.core.entity.AccountUser;
  import org.tolven.core.entity.Sponsorship;
  import org.tolven.core.entity.Status;
  import org.tolven.core.entity.TolvenUser;
! import org.tolven.security.LDAPLocal;
  import org.tolven.security.TolvenPerson;
  
  //import javax.jws.WebService;
***************
*** 69,91 ****
  @Stateless
  @Local(ActivationLocal.class)    
! public class ActivationBean implements org.tolven.core.ActivationLocal {
! 
! 	@PersistenceContext
! 	private EntityManager em;
  	
! 	@Resource 
! 	EJBContext ejbContext;
  	
!     @EJB private LDAPLocal ldap;
  
-       @EJB private InvitationLocal invitationBean;
-       @EJB private AccountDAOLocal accountBean;
-       @EJB private DocumentLocal documentBean;
-         /**
-          * Default constructor
-          */
-         public ActivationBean(){
-         }
-  
      /**
       * Activate a user. Return false if invitation has expired or logged in user does not match target user of invitation.
--- 55,67 ----
  @Stateless
  @Local(ActivationLocal.class)    
! //@SecurityDomain("tolvenLDAP")
! public class ActivationBean implements ActivationLocal {
! 	@PersistenceContext private EntityManager em;
  	
! 	@Resource EJBContext ejbContext;
  	
! //    @EJB private InvitationLocal invitationBean;
!     @EJB private LDAPLocal ldapBean;
  
      /**
       * Activate a user. Return false if invitation has expired or logged in user does not match target user of invitation.
***************
*** 98,136 ****
       * @throws IOException 
       * @throws JAXBException 
       */
  //    @WebMethod(operationName="activate", action="urn:Activate")
!     public boolean activate( String principal, long invitationId, Date now) throws JAXBException, IOException {
!     	Invitation invitation = invitationBean.findInvitation( invitationId );
!         if (invitation==null) return false;
!         // If the expiration date is specified but it has past, then fail.
!         if (invitation.getExpiration()!=null && invitation.getExpiration().before(now)) {
!             return false;
!         }
!         // The invition must be for this user. Note: The user is specified in the details, not the targetUser attribute.
!         DocBase detailDoc = invitation.getDetails();
!         if (detailDoc==null) return false;
!         List<AdministrativeDetail> detail = documentBean.getDetails(detailDoc);
!         if (detail==null) return false;
!         if ( detail.size()<1) return false;
!         if ( !(detail.get(0) instanceof ActivateInvitation )) return false;
!         ActivateInvitation activate = (ActivateInvitation) detail.get(0); 
!         if (!principal.equals(activate.getPrincipal())) return false;
!         // OK, we're good to go. Create the user and mark the invitation as used
!         TolvenUser user = accountBean.findUser(principal);
!         //TODO: If TolvenUser is found, the expected status is NEW_LOGIN. Should we check here, and if not what expected?
!         if(user == null)
!             user = createTolvenUser( principal, now );
!     	user.setDemoUser(false);
!     	if (activate.getReferenceCode()!=null) {
! 			Sponsorship sponsorship = accountBean.findSponsorship(activate.getReferenceCode());
! 	    	user.setSponsorship(sponsorship);
!     	}
!  		String completedStatus = Status.COMPLETED.value();
!         invitation.setStatus(completedStatus);
!         em.merge(invitation);
          return true;
      }
  
      /**
       * Create a new Tolven User
       * @param principal
--- 74,114 ----
       * @throws IOException 
       * @throws JAXBException 
+      * @throws InvitationException 
+      * @throws NamingException 
       */
  //    @WebMethod(operationName="activate", action="urn:Activate")
!     public boolean activate( String principal, long invitationId, Date now) throws JAXBException, IOException, InvitationException, NamingException {
! //    	Invitation invitation = invitationBean.findInvitation( invitationId );
! //        if (invitation==null) return false;
! //        // If the expiration date is specified but it has past, then fail.
! //        if (invitation.getExpiration()!=null && invitation.getExpiration().before(now)) {
! //            return false;
! //        }
! //        invitationBean.executeInvitation(invitation, now);
          return true;
      }
  
      /**
+      * Given the principal's name, get the TolvenUser object. the parameter must be converted to lower case to ensure we find a match.
+      */
+      public TolvenUser findUser( String principal ) {
+     	 //Support both types of active status;    	
+   	   String activeStatus = Status.ACTIVE.value();
+ 	   String oldActiveStatus = Status.OLD_ACTIVE.value(); 
+   		//Activating should be replaced by New
+  		String activatingStatus = Status.fromValue("ACTIVATING").value();
+  		String newStatus = Status.NEW.value();
+         String newLoginStatus = Status.NEW_LOGIN.value();
+  		String select = "SELECT DISTINCT u FROM TolvenUser u WHERE u.ldapUID = :principal " +
+         "and ( u.status = '";
+  		select += oldActiveStatus + "' or u.status = '" + activeStatus + "' or u.status = '" + newStatus + "' or u.status = '" + activatingStatus + "' or u.status = '" + newLoginStatus + "') ";
+     	 Query query = em.createQuery(select);
+         query.setParameter("principal", principal.toLowerCase());
+         query.setMaxResults(2);
+         List<TolvenUser> items = query.getResultList();
+         if (items.size()!=1) return null;
+         return items.get(0);
+      }
+     /**
       * Create a new Tolven User
       * @param principal
***************
*** 147,185 ****
          return user;
      }
! 
!     /**
!      * If the userID isn't registered within an hour, cancel the activation
!      */ 
!     public void followup( Invitation invitation ) {
!     	if (invitation.getExpiration()!=null) {
!     		ejbContext.getTimerService().createTimer( invitation.getExpiration(), new Long(invitation.getId()));
!     	}
!     }
! 
      /**
!      * Cancel an activation that has not been responded to within an hour or so.
!      * @param UID
!      * @throws IOException 
!      * @throws JAXBException 
!      * @throws NamingException 
       */
!     @Timeout
!     public void timeout( Timer timer ) throws JAXBException, IOException, NamingException {
!     	long invitationId = (Long) timer.getInfo();
!     	Invitation invitation = invitationBean.findInvitation(invitationId);
!     	System.out.println( "Checking " + invitation.getId() + " for activation");
!     	
! 		List<AdministrativeDetail> details = documentBean.getDetails(invitation.getDetails());
! 		for (AdministrativeDetail detail : details) {
! 			if (detail instanceof ActivateInvitation) {
! 				// If the invitation is still active, blow it away and delete the LDAP entry.
! 				if (invitation.getStatus().equals(Status.ACTIVE.value())) {
! 					invitation.setStatus(Status.OBSOLETE.value());
! 					ActivateInvitation ai = (ActivateInvitation) detail;
! 					ldap.deleteUser(ai.getPrincipal());
! 				}
! 			}
! 		}
      }
      
      /**
--- 125,138 ----
          return user;
      }
!     
      /**
!      * Return the TolvenUser object given it's uinque id
!      * @param tolvenUserId
!      * @return
       */
!     public TolvenUser findTolvenUser( long tolvenUserId ) {
!     	return em.find(TolvenUser.class, tolvenUserId);
      }
+ 
      
      /**
***************
*** 194,257 ****
       */
      public void register(  TolvenPerson tp, Date now ) throws Exception {
!     	String rc = tp.getReferenceCode();
!     	if (rc!=null) {
! 			accountBean.findSponsorship(rc);
!     	}
!     	// Create an invitation
!  		String activeStatus = Status.fromValue("active").value();
! 
!         Invitation invitation = new Invitation();
!         invitation.setTargetEmail( tp.getUid() );
!         invitation.setStatus(activeStatus);
!         invitation.setCreated( now );
!         invitation.setTitle( "Finish new user activation");
!         invitation.setDispatchAction("activate");
!         invitation.setTemplate("/invitation/activate.jsf");
!         invitation.setAccount( null );	// No owner for registrations (could be sponsor)
!         String expiration = System.getProperty("tolven.register.expiration");
!         if (expiration!=null) {
!         	long elapsed = Long.parseLong(expiration)*1000;
!         	if (elapsed > 0) {
!         		invitation.setExpiration( new Date( now.getTime()+ (Long.parseLong(expiration)*1000) ) );
!         	}
!         }
!         ActivateInvitation detail = new ActivateInvitation( );
! //        detail.setExpirationTime( DatatypeFactory.newInstance().newXMLGregorianCalendar( t));
!         detail.setPrincipal( tp.getUid());
!         detail.setReferenceCode( rc );
!     	
!         // Create a document containing the details and associate it with the invitation
!         invitation.setDetails( invitationBean.createDetail( detail) );
! //        em.persist( invitation );	// Done by the MDB when the invitation is dequeued
!         // Once sent, the invitation state will be updated to reflect completion. Workflow, man. Workflow.
!         invitationBean.queueInvitation( invitation );
!         // Make the LDAP entry
!         ldap.addPerson( tp );
      }
  
      /**
!      * Used for test, demo only. Register and immediately activate the user without sending an email. The user id does not need to be a valid email address.
!      * The demoUser flag is set in the user account.
!      * @param tp A TolvenPerson object representing the LDAP attributes of this user (A TolvenPerson is a transient object)
!      * @param now A transactional now timestamp
!      * @return A new TolvenUser object
       */
!     public TolvenUser registerAndActivate(  TolvenPerson tp, Date now ) throws Exception {
!        //System.out.println( "Registering: " + tp.toString());
!         // Create a new user object
!        
!     	TolvenUser user = createTolvenUser( tp.getUid(), now );
!     	String rc = tp.getReferenceCode();
!     	if (rc!=null) {
! 			Sponsorship sponsorship = accountBean.findSponsorship(rc);
! 			user.setSponsorship(sponsorship);
!     	}
!     	user.setDemoUser(true);
!         // Make the LDAP entry
!         ldap.addPerson( tp );
!     	return user;
      }
  
- 
      /**
        * Find the user object and mark the last update date in the user object. Technically, 
--- 147,193 ----
       */
      public void register(  TolvenPerson tp, Date now ) throws Exception {
! //    	String rc = tp.getReferenceCode();
! //    	if (rc!=null) {
! //			findSponsorship(rc);
! //    	}
! //        ActivateInvitation detail = new ActivateInvitation( );
! ////      detail.setExpirationTime( DatatypeFactory.newInstance().newXMLGregorianCalendar( t));
! //        detail.setPrincipal( tp.getUid());
! //        detail.setReferenceCode( rc );
! //    	Invitation invitation = invitationBean.createInvitation(tp.getUid(), detail);
! //    	// Create an invitation
! //        invitation.setTitle( "Finish new user activation");
! //        invitation.setDispatchAction("activate");
! //        invitation.setTemplate("/invitation/activate.jsf");
! //        invitation.setAccount( null );	// No owner for registrations (could be sponsor)
! //        String expiration = System.getProperty("tolven.register.expiration");
! //        if (expiration!=null) {
! //        	long elapsed = Long.parseLong(expiration)*1000;
! //        	if (elapsed > 0) {
! //        		invitation.setExpiration( new Date( now.getTime()+ (Long.parseLong(expiration)*1000) ) );
! //        	}
! //        }
! //        // Once sent, the invitation state will be updated to reflect completion. Workflow, man. Workflow.
! //        invitationBean.queueInvitation( invitation );
! //        // Make the LDAP entry
! //        ldapBean.addPerson( tp );
      }
  
      /**
!      * Given what is suspected to be a valid sponsorship reference code, return the Sponsorship 
!      * This method fails loudly (throws an object not found exception) if the reference code is not found.
!      * This should be sufficient to rollback a transaction intended to create a new user 
!      * with an invalid reference code.
!      * @throws NoResultException if the referenceCode is not found
!      * @param referenceCode
!      * @return
       */
!     public Sponsorship findSponsorship( String referenceCode ) {
!     	Query q = em.createQuery("SELECT s FROM Sponsorship s WHERE s.referenceCode = :rc");
!     	q.setParameter("rc", referenceCode);
!     	Sponsorship s = (Sponsorship) q.getSingleResult();
!     	return s;
      }
  
      /**
        * Find the user object and mark the last update date in the user object. Technically, 
***************
*** 259,263 ****
        */
       public TolvenUser loginUser( String principal, Date now) {
!          TolvenUser user = accountBean.findUser( principal );
           if (user!=null) {
              user.setOldLastLogin(user.getLastLogin());
--- 195,213 ----
        */
       public TolvenUser loginUser( String principal, Date now) {
!          if (System.getProperty("tolven.security.keys.activate") != null) {
!         	 // Verify that we have a subject to work with
! 	    	 if (!principal.equals(ejbContext.getCallerPrincipal().getName())) {
! 	            throw new IllegalStateException("[EJB]Principal not propagated to EJB");
! 	    	}
! 	        Subject subject;
! 			try {
! 				subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
! 			} catch (PolicyContextException e) {
! 	            throw new IllegalStateException("[EJB]PolicyContext exception", e);
! 			}
! 	         if (subject == null)
! 	             throw new IllegalStateException("[EJB]No Subject found in PolicyContext");
!          }
!          TolvenUser user = findUser( principal );
           if (user!=null) {
              user.setOldLastLogin(user.getLastLogin());
***************
*** 273,277 ****
        */
       public TolvenUser deactivateUser( String principal) {
!         TolvenUser user = accountBean.findUser( principal );
    		String inactiveStatus = Status.INACTIVE.value();
          
--- 223,227 ----
        */
       public TolvenUser deactivateUser( String principal) {
!         TolvenUser user = findUser( principal );
    		String inactiveStatus = Status.INACTIVE.value();
          
***************
*** 287,292 ****
       public AccountUser findDefaultAccountUser( TolvenUser user )
       {
!   		String activeStatus = Status.fromValue("active").value();
!   		String oldActiveStatus = Status.ACTIVE.value(); 
    		String select = "SELECT au FROM AccountUser au WHERE au.user = :user ";
    		select += "and ( au.status = '" + activeStatus + "' or au.status = '" + oldActiveStatus;
--- 237,242 ----
       public AccountUser findDefaultAccountUser( TolvenUser user )
       {
!   	   String activeStatus = Status.ACTIVE.value();
! 	   String oldActiveStatus = Status.OLD_ACTIVE.value(); 
    		String select = "SELECT au FROM AccountUser au WHERE au.user = :user ";
    		select += "and ( au.status = '" + activeStatus + "' or au.status = '" + oldActiveStatus;
***************
*** 328,333 ****
        */
        public List<AccountUser> findUserAccounts( TolvenUser user ) {
!    		 String activeStatus = Status.fromValue("active").value();
!    		 String oldActiveStatus = Status.fromValue("ACTIVE").value(); 
           Query query = em.createQuery("SELECT au FROM AccountUser au WHERE au.user = :user " +
                   "and ( au.status = '" + activeStatus + "' or au.status = '" + oldActiveStatus + "') ");
--- 278,283 ----
        */
        public List<AccountUser> findUserAccounts( TolvenUser user ) {
!    	   String activeStatus = Status.ACTIVE.value();
! 	   String oldActiveStatus = Status.OLD_ACTIVE.value(); 
           Query query = em.createQuery("SELECT au FROM AccountUser au WHERE au.user = :user " +
                   "and ( au.status = '" + activeStatus + "' or au.status = '" + oldActiveStatus + "') ");
***************
*** 357,363 ****
         */
         public List<AccountUser> findAccountUsers( Account account ) {
!     		String activeStatus = Status.fromValue("active").value();
!     		 String oldActiveStatus = Status.fromValue("ACTIVE").value(); 
!           Query query = em.createQuery("SELECT au FROM AccountUser au WHERE au.account = :account " +
                    "and (au.user.status = '" + activeStatus + "' or au.user.status = '" + oldActiveStatus + "') order by au.user.ldapUID");       
            query.setParameter("account", account);
--- 307,313 ----
         */
         public List<AccountUser> findAccountUsers( Account account ) {
!     	   String activeStatus = Status.ACTIVE.value();
!     	   String oldActiveStatus = Status.OLD_ACTIVE.value(); 
!     	   Query query = em.createQuery("SELECT au FROM AccountUser au WHERE au.account = :account " +
                    "and (au.user.status = '" + activeStatus + "' or au.user.status = '" + oldActiveStatus + "') order by au.user.ldapUID");       
            query.setParameter("account", account);
***************
*** 370,375 ****
        */
        public List<TolvenUser> findAllActiveUsers( ) {
!     		String activeStatus = Status.fromValue("active").value();
!     		String oldActiveStatus = Status.fromValue("ACTIVE").value();
           Query query = em.createQuery("SELECT u FROM TolvenUser u WHERE u.status = '" + activeStatus + "' or u.status = '" + oldActiveStatus + "'");
           List<TolvenUser> items = query.getResultList();
--- 320,325 ----
        */
        public List<TolvenUser> findAllActiveUsers( ) {
!     		String activeStatus = Status.ACTIVE.value();
!     		String oldActiveStatus = Status.OLD_ACTIVE.value();
           Query query = em.createQuery("SELECT u FROM TolvenUser u WHERE u.status = '" + activeStatus + "' or u.status = '" + oldActiveStatus + "'");
           List<TolvenUser> items = query.getResultList();
***************
*** 386,445 ****
          return rslt.longValue();
      }
- 
-     /**
-      * Create a new healthRecord which must be associated with an account.
-      */
-     public HealthRecord createHealthRecord(Account account, String name ) {
-     	HealthRecord hr;
-     	hr = new HealthRecord();
-     	hr.setOwnerAccount( account );
-     	hr.setName( name );
-     	em.persist( hr );
-     	return hr;
-     }
      
!     /**
!      * Return a list of healthRecords for the specified Account 
!      * @param account the account from which health records will be selected
!      * @param limit Maximum number fo rows to return
!      * @param offset Zero-based offset of the first row to return from the result set
!      * @param sortOrder the name of the attribute to order by (first, last, dob, dod, gender)
!      * @param sortDirection the sort direction (ASC or DESC)
!      * @return
!      */
!     public List<HealthRecord> findHealthRecords( Account account, int limit, int offset, String sortOrder, String sortDirection ) {
!         Query query = em.createQuery( "SELECT hr FROM HealthRecord hr ORDER BY hr." + sortOrder + " " + sortDirection );
! 		query.setMaxResults(limit);
! 		query.setFirstResult(offset);
! 		List<HealthRecord> items = query.getResultList();
! 		return items;
!    	}
! 
!     public UserKeyRing findUserKeyRing(String aPrincipal) {
!         return findUser(aPrincipal);
!     }
! 
!     /**
!      * Return a TolvenUser given aPrincipal
!      * @param aPrincipal
!      * @return
!      */
!     public TolvenUser findUser(String aPrincipal) {
!         //Support both types of active status;      
!         String activeStatus = Status.fromValue("active").value();
!         String oldActiveStatus = Status.fromValue("ACTIVE").value();
!         //Activating should be replaced by New
!         String activatingStatus = Status.fromValue("ACTIVATING").value();
!         String newStatus = Status.fromValue("new").value();
!         String select = "SELECT DISTINCT u FROM TolvenUser u WHERE u.ldapUID = :principal " + "and ( u.status = '";
!         select += oldActiveStatus + "' or u.status = '" + activeStatus + "' or u.status = '" + newStatus + "' or u.status = '" + activatingStatus + "') ";
!         Query query = em.createQuery(select);
!         query.setParameter("principal", aPrincipal.toLowerCase());
!         query.setMaxResults(2);
!         List<TolvenUser> items = query.getResultList();
!         if (items.size() != 1)
!             return null;
!         return items.get(0);
!     }
! 
! }
--- 336,339 ----
          return rslt.longValue();
      }
      
!  }

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security LDAPLocal.java, NONE, 1.1 LoginLocal.java, 1.2, 1.3

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/security

Added Files:
	LDAPLocal.java LoginLocal.java 
Log Message:
Refactoring to support Encryption

--- NEW FILE: LoginLocal.java ---
package org.tolven.security;

import java.io.IOException;
import java.util.Date;

import javax.naming.NamingException;
import javax.xml.bind.JAXBException;

import org.tolven.core.bean.InvitationException;
import org.tolven.core.entity.TolvenUser;
import org.tolven.security.key.UserKeyRing;

public interface LoginLocal {

    /**
     * Given the principal's name, get the TolvenUser.
     */
     public TolvenUser findUser( String principal );
     /**
      * Find a UserKeyPair for aPrincipal
      * @param aPrincipal
      * @return
      */
     public UserKeyRing findUserKeyRing(String aPrincipal);
     /**
      * Used for test, demo only. Register and immediately activate the user without sending an email. The user id does not need to be a valid email address.
      * The demoUser flag is set in the user account.
      * @param tp A TolvenPerson object representing the LDAP attributes of this user (A TolvenPerson is a transient object)
      * @param now A transactional now timestamp
      * @return A new TolvenUser object
      */
     public TolvenUser registerAndActivate(  TolvenPerson tp, Date now ) throws Exception;

     /**
      * Register a new user with an activation step that validates the userId as a valid eMail addresss.
      * <ol>
      * <li>Persist the new TolvenUser object</li>
      * <li>Create an LDAP entry</li>
      * <li>Create a TolvenUser Object</li>
      * <li>Create an invitation</li>
      * <li>Create an email referencing the invitation</li>
      * </ol>
      */
     public void register(  TolvenPerson tp, Date now ) throws Exception;
     
     /**
      * Activate a user. At this point, a user will have an entry in LDAP, they will have received an invitation
      * via email and now this method will create their Tolven user account.
      */
     public boolean activate( String principal, long invitationId, Date now) throws JAXBException, IOException, InvitationException, NamingException;
}

--- NEW FILE: LDAPLocal.java ---
/*
 *  Copyright (C) 2006 Tolven Inc 
 *
 * This library is free software; you can redistribute it and/or modify it under the terms of 
 * the GNU Lesser General Public License as published by the Free Software Foundation; either 
 * version 2.1 of the License, or (at your option) any later version.
 * 
 * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; 
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
 * See the GNU Lesser General Public License for more details.
 * 
 * Contact: in...@to...
 */

package org.tolven.security;

import java.io.IOException;
import java.util.List;

import javax.naming.NamingException;



/**
 * This is the business interface for LDAP enterprise bean.
 */
public interface LDAPLocal {
    /**
    * Add a new person to LDAP DB. Note: We let LDAP take care of replica propagation.
    */
    public void addPerson(TolvenPerson tp ) throws NamingException, Exception;
    /**
    * Return true if the person exists in LDAP. The UID attribute is used for the search and therefore, it should be unique.
    */
    public boolean entryExists( String uid ) throws NamingException, IOException;
    /**
     * Given a Principal, return a TolvenPerson 
     */
    public TolvenPerson createTolvenPerson( String principal ) throws NamingException, IOException;

    /**
      * Update a person to LDAP.
      */
     public void updatePerson( TolvenPerson tp )  throws NamingException, IOException;

     /**
      * Delete a UID from LDAP
     * @throws NamingException 
     * @throws IOException 
      */
     public void deleteUser( String uid ) throws NamingException, IOException;
     
      /**
      * Delete a person from LDAP.
      */
     public void deletePerson( TolvenPerson tp )  throws NamingException, IOException;

     /**
     * Search for matching names. If not connected yet, we'll connect to LDAP now.
     */
    public List<TolvenPerson> search( String criteria, int maxResults, int timeLimit) throws NamingException, IOException;
}

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/core InvitationLocal.java, 1.6, 1.7 ActivationLocal.java, 1.16, 1.17 AccountDAOLocal.java, 1.11, 1.12 TolvenOIDLocal.java, 1.2, NONE

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/core

Modified Files:
	InvitationLocal.java ActivationLocal.java AccountDAOLocal.java 
Removed Files:
	TolvenOIDLocal.java 
Log Message:
Refactoring to support Encryption

Index: ActivationLocal.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/ActivationLocal.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** ActivationLocal.java	20 Jan 2007 08:10:19 -0000	1.16
--- ActivationLocal.java	20 Jan 2007 19:23:17 -0000	1.17
***************
*** 19,32 ****
  import java.util.List;
  
! import javax.persistence.Query;
  import javax.xml.bind.JAXBException;
  
  import org.tolven.core.entity.Account;
  import org.tolven.core.entity.AccountUser;
! import org.tolven.core.entity.HealthRecord;
  import org.tolven.core.entity.TolvenUser;
- import org.tolven.doc.entity.Invitation;
  import org.tolven.security.TolvenPerson;
- import org.tolven.security.key.UserKeyRing;
  
  
--- 19,32 ----
  import java.util.List;
  
! import javax.naming.NamingException;
! import javax.persistence.NoResultException;
  import javax.xml.bind.JAXBException;
  
+ import org.tolven.core.bean.InvitationException;
  import org.tolven.core.entity.Account;
  import org.tolven.core.entity.AccountUser;
! import org.tolven.core.entity.Sponsorship;
  import org.tolven.core.entity.TolvenUser;
  import org.tolven.security.TolvenPerson;
  
  
***************
*** 46,70 ****
       * </ol>
       */
!     public void register(  TolvenPerson tp, Date now ) throws Exception;
      
      /**
!      * Used for test, demo only. Register and immediately activate the user without sending an email. The user id does not need to be a valid email address.
!      * @param tp A TolvenPerson object representing the LDAP attributes of this user (A TolvenPerson is a transient object)
!      * @param now A transactional now timestamp
!      * @return A new TolvenUser object
       */
!     public TolvenUser registerAndActivate(  TolvenPerson tp, Date now ) throws Exception;
  
      /**
!      * If the userID isn't registered within an hour, cancel the activation
!      */ 
!     public void followup( Invitation invitation );
!     
!    	/**
       * Activate a user. At this point, a user will have an entry in LDAP, they will have received an invitation
       * via email and now this method will create their Tolven user account.
       */
!     public boolean activate( String principal, long invitationId, Date now) throws JAXBException, IOException;
  
        /**
        * Find the user object and mark the last update date in the user object. Technically, 
--- 46,89 ----
       * </ol>
       */
! //    public void register(  TolvenPerson tp, Date now ) throws Exception;
      
+ 
+   
      /**
!      * Return the TolvenUser object given it's uinque id
!      * @param tolvenUserId
!      * @return
       */
!     public TolvenUser findTolvenUser( long tolvenUserId );
!     
!     /**
!      * Given what is suspected to be a valid sponsorship reference code, return the Sponsorship 
!      * This method fails loudly (throws an object not found exception) if the reference code is not found.
!      * This should be sufficient to rollback a transaction intended to create a new user 
!      * with an invalid reference code.
!      * @throws NoResultException if the referenceCode is not found
!      * @param referenceCode
!      * @return
!      */
!     public Sponsorship findSponsorship( String referenceCode );
  
      /**
!      * Given the principal's name, get the TolvenUser.
!      */
!      public TolvenUser findUser( String principal );
! 
!      /**
       * Activate a user. At this point, a user will have an entry in LDAP, they will have received an invitation
       * via email and now this method will create their Tolven user account.
       */
! //    public boolean activate( String principal, long invitationId, Date now) throws JAXBException, IOException, InvitationException, NamingException;
  
+     /**
+      * Create a new Tolven User
+      * @param principal
+      * @return new TolvenUser object properly initialized and persisted
+      */
+     public TolvenUser createTolvenUser( String principal, Date now );
+     
        /**
        * Find the user object and mark the last update date in the user object. Technically, 
***************
*** 124,143 ****
      public long countUsers(  );
      
-     
-     /**
-      * Create a new healthRecord which must be associated with an account.
-      */
-     public HealthRecord createHealthRecord(Account account, String name );
-     /**
-      * Return a list of healthRecords for the specified Account 
-      * @param account the account from which health records will be selected
-      * @param limit Maximum number fo rows to return
-      * @param offset Zero-based offset of the first row to return from the result set
-      * @param sortOrder the name of the attribute to order by (first, last, dob, dod, gender)
-      * @param sortDirection the sort direction (ASC or DESC)
-      * @return
-      */
-     public List<HealthRecord> findHealthRecords( Account account, int limit, int offset, String sortOrder, String sortDirection );
- 
      /**
       * Return a list of all active Tolven Users. This method has limited usefulness. Good for initial setup activities.
--- 143,146 ----
***************
*** 145,155 ****
       public List<TolvenUser> findAllActiveUsers( );
  
-      /**
-       * Find a UserKeyPair for aPrincipal
-       * @param aPrincipal
-       * @return
-       */
-      public UserKeyRing findUserKeyRing(String aPrincipal);
- 
-      public TolvenUser findUser(String aPrincipal);
  }
--- 148,150 ----

--- TolvenOIDLocal.java DELETED ---

Index: InvitationLocal.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/InvitationLocal.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** InvitationLocal.java	3 Sep 2006 01:13:16 -0000	1.6
--- InvitationLocal.java	20 Jan 2007 19:23:17 -0000	1.7
***************
*** 20,23 ****
--- 20,24 ----
  import javax.jms.JMSException;
  import javax.mail.internet.InternetAddress;
+ import javax.naming.NamingException;
  import javax.xml.bind.JAXBException;
  
***************
*** 88,100 ****
  
  	/**
- 	 * Create a detail list with a single detail in it, create a document if needed and associate that docuemnt
- 	 * with this invitation.
- 	 * @param detail a single administrative detail to associate with this invitation
- 	 * @throws IOException 
- 	 * @throws JAXBException 
- 	 */
- 	public DocBase createDetail( InvitationDetail detail ) throws JAXBException, IOException;
- 
- 		/**
       * Find open invitations for this user, regardless of account. The invitation must be active and not expired.
       * @param user
--- 89,92 ----
***************
*** 108,112 ****
  	 * we stop either when we're done or if there's an error thrown.
  	 */
! 	public void executeInvitation( Invitation invitation, Date now )throws InvitationException, JAXBException, IOException ;
  
  	/**
--- 100,104 ----
  	 * we stop either when we're done or if there's an error thrown.
  	 */
! 	public void executeInvitation( Invitation invitation, Date now ) throws InvitationException, JAXBException, IOException, NamingException;
  
  	/**
***************
*** 114,118 ****
  	 * we stop either when we're done or if there's an error thrown.
  	 */
! 	public void executeInvitation( long invitationId, Date now )throws InvitationException, JAXBException, IOException ;
  
  }
\ No newline at end of file
--- 106,114 ----
  	 * we stop either when we're done or if there's an error thrown.
  	 */
! 	public void executeInvitation( long invitationId, Date now ) throws InvitationException, JAXBException, IOException, NamingException;
  
+     /**
+      * If the userID isn't registered within an hour, cancel the activation
+      */ 
+     public void followup( Invitation invitation );
  }
\ No newline at end of file

Index: AccountDAOLocal.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/AccountDAOLocal.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** AccountDAOLocal.java	3 Jan 2007 07:24:09 -0000	1.11
--- AccountDAOLocal.java	20 Jan 2007 19:23:17 -0000	1.12
***************
*** 18,28 ****
  import java.util.List;
  
! import javax.persistence.Query;
! 
  import org.tolven.core.entity.Account;
  import org.tolven.core.entity.AccountUser;
  import org.tolven.core.entity.Sponsorship;
  import org.tolven.core.entity.TolvenUser;
- import org.tolven.core.entity.AccountType;
  import org.tolven.security.key.UserPrivateKey;
  
--- 18,27 ----
  import java.util.List;
  
! import org.tolven.core.bean.ActivationBean;
  import org.tolven.core.entity.Account;
+ import org.tolven.core.entity.AccountType;
  import org.tolven.core.entity.AccountUser;
  import org.tolven.core.entity.Sponsorship;
  import org.tolven.core.entity.TolvenUser;
  import org.tolven.security.key.UserPrivateKey;
  
***************
*** 63,71 ****
  
   
-    	/**
-      * Given the principal's name, get the TolvenUser.
-      */
-      public TolvenUser findUser( String principal );
- 
       /**
        * @see ActivationBean
--- 62,65 ----
***************
*** 79,93 ****
  
       /**
-       * Given what is suspected to be a valid sponsorship reference code, return the Sponsorship 
-       * This method fails loudly (throws an object not found exception) if the reference code is not found.
-       * This should be sufficient to rollback a transaction intended to create a new user 
-       * with an invalid reference code.
-       * @throws NoResultException if the referenceCode is not found
-       * @param referenceCode
-       * @return
-       */
-      public Sponsorship findSponsorship( String referenceCode );
- 
-      /**
        * Find the list of Sponsorships owned by the specified account
        * @param account
--- 73,76 ----

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/doc/entity DocRIM.java, 1.1, 1.2 DocXML.java, 1.3, 1.4 DocBase.java, 1.18, 1.19 DocCCR.java, 1.4, 1.5 Invitation.java, 1.7, 1.8

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/doc/entity

Modified Files:
	DocRIM.java DocXML.java DocBase.java DocCCR.java 
	Invitation.java 
Log Message:
Refactoring to support Encryption

Index: DocBase.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/DocBase.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -C2 -d -r1.18 -r1.19
*** DocBase.java	18 Jan 2007 08:35:30 -0000	1.18
--- DocBase.java	20 Jan 2007 19:23:17 -0000	1.19
***************
*** 14,17 ****
--- 14,18 ----
  package org.tolven.doc.entity;
  
+ import java.io.PrintStream;
  import java.io.Serializable;
  import java.security.Principal;
***************
*** 159,168 ****
      }
  
!     /**
!      * Return the raw contents of the document.
       */
      public byte[] getContent() {
!         if (System.getProperty("tolven.security.keys.activate") != null) {
!             return getDecryptedContent(content);
          } else {
          return content;
--- 160,171 ----
      }
  
! 	/**
!      * Return the raw contents of the document. This method calls decryption each time it is called.
!      * Decryption takes CPU time and it requires access to security policy which means
!      * the caller must have permission to call this method.
       */
      public byte[] getContent() {
!     	if (System.getProperty("tolven.security.keys.activate") != null) {
!     		return getDecryptedContent(content);
          } else {
          return content;
***************
*** 170,173 ****
--- 173,177 ----
      }
  
+ 	
      /**
       * Currently assumes all content is encrypted and only the authorized loggedInUser will succeed in getting the readable content
***************
*** 176,179 ****
--- 180,184 ----
       */
      private byte[] getDecryptedContent(byte[] encryptedContent) {
+     	System.out.println( "DocBase.getDecryptedContent");
          if (encryptedContent == null)
              return encryptedContent;
***************
*** 219,225 ****
      }
  
      public String getContentString() {
!     	if (getContent()==null) return null;
!         return new String(getContent());
      }
  
--- 224,237 ----
      }
  
+     /**
+      * Return the content as a string. This method calls decryption each time it is called.
+      * Decryption takes CPU time and it requires access to security policy which means
+      * the caller must have permission to call this method.
+      * @return
+      */
      public String getContentString() {
!     	byte [] c = getContent();
!     	if (c==null) return null;
!         return new String(c);
      }
  

Index: DocRIM.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/DocRIM.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** DocRIM.java	31 Aug 2006 05:18:29 -0000	1.1
--- DocRIM.java	20 Jan 2007 19:23:17 -0000	1.2
***************
*** 34,38 ****
  	public ControlAct getCACT() throws JAXBException {
  		if (newCACT!=null) return newCACT;
! 		return (ControlAct)getBinding();
  	}
  	
--- 34,39 ----
  	public ControlAct getCACT() throws JAXBException {
  		if (newCACT!=null) return newCACT;
! 		return null;
! //		return (ControlAct)getBinding();
  	}
  	
***************
*** 47,51 ****
  	 */
  	public void createCACT( String OID ) {
- 		if (getStatus()==null) setStatus("NEW");
  		if (getId()==0) throw new IllegalArgumentException();
  		newCACT = new ControlAct();
--- 48,51 ----
***************
*** 64,68 ****
  		if (newCACT==null) return;
  		// We're done with the graph, marshall to XML
! 		setBinding( newCACT );
  	}
  	
--- 64,68 ----
  		if (newCACT==null) return;
  		// We're done with the graph, marshall to XML
! //		setBinding( newCACT );
  	}
  	

Index: DocXML.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/DocXML.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** DocXML.java	4 Dec 2006 08:57:01 -0000	1.3
--- DocXML.java	20 Jan 2007 19:23:17 -0000	1.4
***************
*** 64,85 ****
      }
  
-     private static Map<String, JAXBContext> jaxbContexts;
-     /**
-      * Create or use a JAXB context. We keep a map of already-used bindings in a static variable. 
-      * @return A JAXB context.
-      * @throws JAXBException
-      */
-     protected JAXBContext setupJAXBContext() throws JAXBException {
- 		if (getBindingContext()==null) throw new IllegalArgumentException( "JAXB binding context missing" ); 
- 	    JAXBContext jc;
- 	    if (jaxbContexts==null) jaxbContexts = new HashMap<String, JAXBContext>( 4 );
- 	    if( jaxbContexts.containsKey(getBindingContext()) ) {
- 	    	jc = jaxbContexts.get(getBindingContext());
- 	    } else {
- 			jc = JAXBContext.newInstance( getBindingContext(), DocXML.class.getClassLoader() );
- 			jaxbContexts.put(getBindingContext(), jc);
- 	    }
-         return jc;
- 	}
  
      /**
--- 64,67 ----
***************
*** 96,118 ****
  	}
   
- 
- 	/**
- 	 * <p>When bindingContext is non-null, this method will unmarshal the XML content of the document
- 	 * into an object graph and return the head of that graph. Subsequent calls to get the graph will
- 	 * not unmarshal the XML again.</p>
- 	 * <p>Since documents are immutable in most cases, modifying the returned graph will have no effect on the
- 	 * document. However, the graph, modified or not, can in whole or in part be applied to another document.
- 	 * </p>
- 	 * @return
- 	 * @throws JAXBException 
- 	 */
- 	public Object getBinding() throws JAXBException {
- 		if (binding==null && getContentString()!=null) {
- 	        JAXBContext jc = setupJAXBContext();
- 	        Unmarshaller u = jc.createUnmarshaller();
- 	        binding = u.unmarshal( new StreamSource( new StringReader( getContentString() ) ) );
- 		}
- 		return binding;
- 	}
  	/**
  	 * Used for unit testing only
--- 78,81 ----
***************
*** 121,148 ****
  		binding = null;
  	}
- 	/**
- 	 * This method will store an object graph as XML by marshalling the graph
- 	 * using the specified BindingContext. This operation does the binding immediatly and may throw an exception
- 	 * if the graph does not match the schema. Using this technique, the caller never sees any XML and must
- 	 * only specify the binding context used to translate XML to java or java to XML.
- 	 * @param binding
- 	 * @throws JAXBException 
- 	 * @throws IOException 
- 	 */
- 	public void setBinding(Object binding) throws JAXBException, IOException {
- 		if (getXmlNS()==null) throw new IllegalArgumentException( "XML Namespace required to marshall" ); 
- 		if (getXmlName()==null) throw new IllegalArgumentException( "XML schema Name required to marshall" ); 
- 		this.binding = binding;
-         JAXBContext jc = setupJAXBContext();
-         JAXBElement root = new JAXBElement(new QName( getXmlNS(), getXmlName()), binding.getClass(), null, binding);
-         Marshaller m = jc.createMarshaller();
-         m.setProperty( Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE );
- //        m.setProperty( Marshaller.JAXB_FRAGMENT, Boolean.TRUE );
- //        m.setProperty(Marshaller.JAXB_SCHEMA_LOCATION, "http://xxx" );
-         StringWriter result = new StringWriter( 1000 ); 
-         m.marshal( root, result );
-         setContentString(result.toString());
-         result.close();
- 	}
  
  	public String getXmlName() {
--- 84,87 ----

Index: Invitation.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/Invitation.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** Invitation.java	25 Dec 2006 06:34:40 -0000	1.7
--- Invitation.java	20 Jan 2007 19:23:17 -0000	1.8
***************
*** 17,20 ****
--- 17,21 ----
  import java.util.Date;
  
+ import javax.persistence.Basic;
  import javax.persistence.Column;
  import javax.persistence.Embedded;
***************
*** 24,27 ****
--- 25,29 ----
  import javax.persistence.GenerationType;
  import javax.persistence.Id;
+ import javax.persistence.Lob;
  import javax.persistence.ManyToOne;
  import javax.persistence.Table;
***************
*** 40,44 ****
   * Invitations can be chained such that one invitation immediately triggers a second invitation upon completion of
   * the previous invitation.
!  * In most case, the details of an invitation are contained in a separate document.
   * Account and user links are optional and depend on the specific invitation type.
   * @author John Churin
--- 42,46 ----
   * Invitations can be chained such that one invitation immediately triggers a second invitation upon completion of
   * the previous invitation.
!  * In most cases, the details of an invitation are contained in a separate XML.
   * Account and user links are optional and depend on the specific invitation type.
   * @author John Churin
***************
*** 92,97 ****
     private String targetEmail;
  
!    @ManyToOne (fetch=FetchType.LAZY )
!    private DocBase details;
  
     @Embedded
--- 94,100 ----
     private String targetEmail;
  
!    @Lob
!    @Column(name="DETAIL_CONTENT")
!    private byte[] detailContent;
  
     @Embedded
***************
*** 224,236 ****
  	/**
  	 * Invitations often have details beyond just the type of invitation. Those details are contained in the
! 	 * document here, if any. For example, a referral will have details about the patient and what is being requested.
  	 * @return If non-null, a document containing the invitation details
  	 */
! 	public DocBase getDetails() {
! 		return details;
  	}
  
! 	public void setDetails(DocBase details) {
! 		this.details = details;
  	}
  
--- 227,240 ----
  	/**
  	 * Invitations often have details beyond just the type of invitation. Those details are contained in the
! 	 * here, if any. For example, a referral will have details about the patient and what is being requested.
! 	 * All details are in XML form.
  	 * @return If non-null, a document containing the invitation details
  	 */
! 	public byte[] getDetailContent() {
! 		return detailContent;
  	}
  
! 	public void setDetailContent(byte[] detailContent) {
! 		this.detailContent = detailContent;
  	}
  

Index: DocCCR.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/DocCCR.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** DocCCR.java	16 Jan 2007 06:17:09 -0000	1.4
--- DocCCR.java	20 Jan 2007 19:23:17 -0000	1.5
***************
*** 44,50 ****
  
      @Transient
-     private  Map<String, ActorType> actors;
- 
-     @Transient
      private ContinuityOfCareRecord newCCR;
      
--- 44,47 ----
***************
*** 54,146 ****
  
  	/**
- 	 * We build and maintain a transient map of ActorType instances in the document. 
- 	 * Thus, when an object has an ActorLink, we can easily find the actor.
- 	 * We keep this map up if we create another actor.
- 	 * If the object graph already exists and this is the first time we've been asked for the actorMap,
- 	 * then walk through the object graph to get the actors.
- 	 * @return
- 	 * @throws JAXBException 
- 	 */
- 	public Map<String, ActorType> getActors() throws JAXBException {
- 		if (actors==null) { 
- 			actors = new HashMap<String, ActorType>( 10 );
- 			ContinuityOfCareRecord  ccr = getCCR();
- 			ContinuityOfCareRecord.Actors ccrActors = ccr.getActors();
- 			if (ccrActors!=null)
- 				for (ActorType actor : ccrActors.getActor()) {
- 					actors.put(actor.getActorObjectID(), actor);
- 			}
- 		}
- 		return actors;
- 	}
- 
- 	public void setActors(Map<String, ActorType> actors) {
- 		this.actors = actors;
- 	}
- 
- 	/**
- 	 * When creating a new node containing a unique ID, we assign a document-relative ID using this attribute.
- 	 * This could almost be a transient attribute except that cocuments can be persisted before they are complete.
- 	 * Once the document transitions to the active state, this number just represents the read-only highest number
- 	 * created.
- 	 * @return the current value of the unique sequence number.
- 	 */
- 	public int getUniqueIDSeq() {
- 		return uniqueIDSeq;
- 	}
- 	
- 	/**
- 	 * Construct an ID string after incrementing the unique ID value.
- 	 * @param prefix
- 	 * @return the unique ID
- 	 */
- 	public String getNextId(String prefix) {
- 		setUniqueIDSeq(getUniqueIDSeq()+1);
- 		int id = getUniqueIDSeq();
- 		return String.format("%s%06d", prefix, id);
- 	}
- 	
- 	public void setUniqueIDSeq(int uniqueIDSeq) {
- 		this.uniqueIDSeq = uniqueIDSeq;
- 	}
- 	
- 	/**
- 	 * Get the CCR if there is one for this document. It will either be new in process (assuming a call was made to createCCR) or an unmarshalled
- 	 * existing CCR from the content of this document.
- 	 * @return
- 	 * @throws JAXBException
- 	 */
- 	public ContinuityOfCareRecord getCCR() throws JAXBException {
- 		if (newCCR!=null) {
- //			System.out.println( "Returning the newCCR root: " + getId());
- 			return newCCR;
- 		}
- 		return (ContinuityOfCareRecord)getBinding();
- 	}
- 
- 	/**
- 	 * Prior to persistence, if we have an object graph, we'll need to marshall it to XML.
- 	 * This method sets (or resets) the actors list from the transient actors map we've kept internally.
- 	 * The caller should normally not mess with the actors list in the object graph for that reason. 
- 	 * @throws JAXBException
- 	 * @throws IOException
- 	 * @throws CCRException 
- 	 */
- 	public void marshallXML(boolean validate) throws JAXBException, IOException, CCRException {
- 		if (newCCR==null && getBinding()==null) return;
- 		if (newCCR==null ) newCCR = (ContinuityOfCareRecord)getBinding();
- 		// Reset the actors list with the actors we now have in the transient map
- 		ContinuityOfCareRecord.Actors actors = new ContinuityOfCareRecord.Actors();
- 		actors.getActor().addAll(getActors().values());
- 		newCCR.setActors(actors);
- 		if (validate) {
- 			if (newCCR.getPatient().size()>2) throw new CCRException( "No more than two patients allowed A2.5.2.6(3) ");
- 			if (newCCR.getPatient().size()==0) throw new CCRException("Patient required A2.5.2.6(1)" );
- 		}
- 		// We're done with the graph, marshall to XML
- 		setBinding( newCCR );
- 	}
- 	
- 	/**
  	 * The constructor for this class is not sufficient to create a CCR document. This method
  	 * actually create the document.
--- 51,54 ----
***************
*** 153,239 ****
  	 * graph in a a transient variable. We'll add the ID and marshall to XML when persisting.
  	 * @throws CCRException 
  	 */
! 	public void createCCR( String OID ) throws CCRException {
  		checkEditable();
  		newCCR = new ContinuityOfCareRecord();
  		newCCR.setCCRDocumentObjectID(OID + "."+ Long.toString(getId()) );
  		newCCR.setVersion("V1.0");
  	}
  
- 	/**
- 	 * A convenience method that finds the patient object which just contains an actorId and
- 	 * then returns the actor.
- 	 * @return the actor or null if no patient yet.
- 	 * @throws JAXBException 
- 	 * @throws CCRException 
- 	 */
- 	public ActorType getPatientActor() throws JAXBException, CCRException {
- 		ContinuityOfCareRecord ccr = getCCR();
- 		if (ccr==null) {
- 			System.out.println( "No CCR");
- 			return null;
- 		}
- 		List<ContinuityOfCareRecord.Patient> pats = ccr.getPatient();
- 		if (pats.size()>1) throw new CCRException( "[tolven Compliance Issue]Siamese twins not supported" );
- 		if (pats.size()==0) return null;
- 		ContinuityOfCareRecord.Patient pat = pats.get(0);
- 		ActorType actor = getActors().get(pat.getActorID());
- 		if (actor==null) throw new CCRException( "Missing Actor for Patient A2.5.2.6(1)" );
- //		System.out.println( "PatientActor: " + actor.getActorObjectID());
- 		return actor;
- 	}
- 
  	public void checkEditable() throws CCRException {
  		if (!isEditable()) throw new CCRException( "Document must be in an editable state in order to modify its content");
  	}
  
- 	/**
- 	 * Create a new actor. It should be referenced from at least one place in the
- 	 * document. Use convenience methods such as addNewPatient instead of this method in most cases.
- 	 * @return
- 	 * @throws CCRException
- 	 * @throws JAXBException
- 	 */
- 	public ActorType addNewActor( ) throws CCRException, JAXBException {
- 		checkEditable();
- 		ActorType actor = new ActorType();
- 		actor.setActorObjectID(getNextId("AC"));
- 		// Remember that we're storing actors at the Tolven document level until marshall time
- 		// when we put it in the CCR document.
- 		getActors().put(actor.getActorObjectID(), actor);
- //		System.out.println( "Adding Actor: " + actor.getActorObjectID());
- 		return actor;
- 	}
- 
- 	/**
- 	 * Add a new patient actor to the document and return the actor. the caller is expected to fill out the
- 	 * actor at this point. The Id has already been populated.
- 	 * @return the Actor
- 	 * @throws CCRException 
- 	 * @throws JAXBException 
- 	 */
- 	public ActorType addNewPatient( ) throws CCRException, JAXBException {
- 		// Create the actor
- 		ActorType actor = addNewActor();
- 		// Make this actor the patient
- 		addPatient( actor );
- 		return actor;
- 	}
  
- 	/**
- 	 * The actor already exists, we're just adding this actor as the patient.
- 	 * Only do this once or you're violating CCR semantics (except for Siamese twins).
- 	 * We won't complain now, but it could fail during validation.
- 	 * @param actor
- 	 * @return
- 	 * @throws CCRException 
- 	 * @throws JAXBException 
- 	 */
- 	public void addPatient( ActorType actor ) throws CCRException, JAXBException {
- 		checkEditable();
- 		ContinuityOfCareRecord.Patient pat = new ContinuityOfCareRecord.Patient();
- 		pat.setActorID(actor.getActorObjectID());
- 		getCCR().getPatient().add(pat);
- 	}
- 	
  }
--- 61,80 ----
  	 * graph in a a transient variable. We'll add the ID and marshall to XML when persisting.
  	 * @throws CCRException 
+ 	 * @throws CCRException 
  	 */
! 	public void createCCR( String OID ) throws CCRException  {
  		checkEditable();
  		newCCR = new ContinuityOfCareRecord();
  		newCCR.setCCRDocumentObjectID(OID + "."+ Long.toString(getId()) );
+ 		// We're done with the graph, marshall to XML
+ 		setXmlNS("urn:astm-org:CCR"); 
+ 		setXmlName("ContinuityOfCareRecord"); 
  		newCCR.setVersion("V1.0");
  	}
  
  	public void checkEditable() throws CCRException {
  		if (!isEditable()) throw new CCRException( "Document must be in an editable state in order to modify its content");
  	}
  
  
  }

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/app/bean ECHRBean.java, 1.3, NONE MenuDataFactory.java, 1.1, NONE

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/app/bean
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/app/bean

Removed Files:
	ECHRBean.java MenuDataFactory.java 
Log Message:
Refactoring to support Encryption

--- MenuDataFactory.java DELETED ---

--- ECHRBean.java DELETED ---

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/doc XMLLocal.java, NONE, 1.1 DocumentLocal.java, 1.9, 1.10

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/doc
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/doc

Modified Files:
	DocumentLocal.java 
Added Files:
	XMLLocal.java 
Log Message:
Refactoring to support Encryption

Index: DocumentLocal.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/DocumentLocal.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** DocumentLocal.java	16 Jan 2007 06:20:30 -0000	1.9
--- DocumentLocal.java	20 Jan 2007 19:23:17 -0000	1.10
***************
*** 50,53 ****
--- 50,70 ----
  	
  	/**
+ 	 * Complete the document submission process by rendering the document immutable. A merge will be done
+ 	 * in case the finalization occurs in a different transaction from the creation.
+ 	 * @param doc
+ 	 */
+ 	public void finalizeDocument( DocBase doc);
+ 
+ 	/**
+ 	 * Save the document without finalizing. A merge will be done
+ 	 * in case the save occurs in a different transaction from the creation.
+ 	 * Note: Withholding a "Save" does not imply a rollback. For example, a document
+ 	 * that has been created or fetched and then modified within the same local VM and same transaction
+ 	 * will "automatically" be saved. So this method simply ensures that documents in other states will also be saved.
+ 	 * @param doc
+ 	 */
+ 	public void saveDocument( DocBase doc);
+ 	
+ 	/**
  	 * The document is immediately persisted (with no XML in it). This gives us the ID we'll need
  	 * to create actual CCR object graph. 
***************
*** 55,78 ****
  	 * @param accountId
  	 * @return
- 	 * @throws IOException 
  	 * @throws CCRException 
  	 */
! 	public DocCCR createCCRDocument( long userId, long accountId ) throws IOException, CCRException;
  
- 	/**
- 	 * We've actually persisted the document already, this performs an update containing
- 	 * the validated XML content.
- 	 * @param doc
- 	 */
- 	public void persistCCRDocument( DocCCR doc, boolean validate ) throws JAXBException, IOException, CCRException;
  		
  	/**
- 	 * When we get a new tolven message, persist it as a document.
- 	 * @param tm
- 	 * @return
- 	 */
- 	public DocCCR persistMessage( TolvenMessage tm );
- 	
- 	/**
  	 * Not a very practical method but we'll use it for testing.
  	 * @return
--- 72,81 ----
  	 * @param accountId
  	 * @return
  	 * @throws CCRException 
  	 */
! 	public DocCCR createCCRDocument( long userId, long accountId ) throws CCRException;
  
  		
  	/**
  	 * Not a very practical method but we'll use it for testing.
  	 * @return

--- NEW FILE: XMLLocal.java ---
package org.tolven.doc;

import java.io.InputStream;
import java.io.OutputStream;

import javax.xml.bind.JAXBException;

import org.tolven.ccr.ContinuityOfCareRecord;
import org.tolven.doc.entity.CCRException;
import org.tolven.doc.entity.DocXML;

public interface XMLLocal {

	/**
	 * <p>This method will unmarshal the XML content of the specified document
	 * into an object graph and return the head of that graph. Subsequent calls to get the graph will
	 * not unmarshal the XML again.</p>
	 * @return the object graph
	 * @throws JAXBException 
	 */
	public Object unmarshal(DocXML doc) throws JAXBException;

	/**
	 * <p>This method will unmarshal the XML content of the specified document
	 * into an object graph and return the head of that graph. Subsequent calls to get the graph will
	 * not unmarshal the XML again.</p>
	 * @return the object graph
	 * @throws JAXBException 
	 */
	public Object unmarshal(String bindingContext, InputStream input) throws JAXBException;

	public void marshalCCR( ContinuityOfCareRecord ccr, OutputStream output ) throws JAXBException, CCRException;
	
}

[Tolven-cvs-commit] tolvenEJB/src/test/org/tolven/ccr Document.java, 1.1, 1.2

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/test/org/tolven/ccr
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/test/org/tolven/ccr

Modified Files:
	Document.java 
Log Message:
Refactoring to support Encryption

Index: Document.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/test/org/tolven/ccr/Document.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** Document.java	28 Aug 2006 19:37:36 -0000	1.1
--- Document.java	20 Jan 2007 19:23:18 -0000	1.2
***************
*** 13,24 ****
  
  	public void testGetBinding() throws JAXBException, IOException {
! 		DocCCR doc = new DocCCR();
! 		doc.setBinding(Demog.createCCR());
! 		System.out.println(doc.getContentString());
! 		doc.resetBinding( );
! 		Object obj = doc.getBinding();
! 		ContinuityOfCareRecord ccr = (ContinuityOfCareRecord)obj;
! 		System.out.println( ccr.getBody().getAlerts().getAlert().get(0).getDescription().getText() );
! 		System.out.println( ccr.getActors().getActor().get(0).getPerson().getName().getDisplayName() );
  	}
  
--- 13,24 ----
  
  	public void testGetBinding() throws JAXBException, IOException {
! //		DocCCR doc = new DocCCR();
! //		doc.setBinding(Demog.createCCR());
! //		System.out.println(doc.getContentString());
! //		doc.resetBinding( );
! //		Object obj = doc.getBinding();
! //		ContinuityOfCareRecord ccr = (ContinuityOfCareRecord)obj;
! //		System.out.println( ccr.getBody().getAlerts().getAlert().get(0).getDescription().getText() );
! //		System.out.println( ccr.getActors().getActor().get(0).getPerson().getName().getDisplayName() );
  	}
  

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/core/entity Account.java, 1.16, 1.17

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/entity
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/core/entity

Modified Files:
	Account.java 
Log Message:
Refactoring to support Encryption

Index: Account.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/entity/Account.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** Account.java	16 Jan 2007 06:22:24 -0000	1.16
--- Account.java	20 Jan 2007 19:23:17 -0000	1.17
***************
*** 67,73 ****
      private Set<AccountUser> accountUsers = null;
      
-     @OneToMany(mappedBy = "ownerAccount", cascade=CascadeType.ALL, fetch = FetchType.LAZY)
-     private Set<HealthRecord> healthRecords = null;
-     
      @OneToMany(mappedBy = "account", cascade=CascadeType.ALL, fetch = FetchType.LAZY)
      private Set<Sponsorship> sponsorships = null;
--- 67,70 ----
***************
*** 184,193 ****
      }
      
- 	public Set<HealthRecord> getHealthRecords() {
- 		return healthRecords;
- 	}
- 	public void setHealthRecords(Set<HealthRecord> healthRecords) {
- 		this.healthRecords = healthRecords;
- 	}
  	public String getLocale() {
  		return locale;
--- 181,184 ----

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/app MenuDataFactoryLocal.java, 1.1, NONE ECHRLocal.java, 1.1, NONE

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/app
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/app

Removed Files:
	MenuDataFactoryLocal.java ECHRLocal.java 
Log Message:
Refactoring to support Encryption

--- ECHRLocal.java DELETED ---

--- MenuDataFactoryLocal.java DELETED ---

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security/bean LoginBean.java, 1.2, 1.3 LDAPBean.java, 1.9, 1.10 LDAPLocal.java, 1.5, NONE

[John C. <jc...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/bean
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv25963/src/org/tolven/security/bean

Modified Files:
	LDAPBean.java 
Added Files:
	LoginBean.java 
Removed Files:
	LDAPLocal.java 
Log Message:
Refactoring to support Encryption

Index: LDAPBean.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/bean/LDAPBean.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** LDAPBean.java	3 Dec 2006 16:34:28 -0000	1.9
--- LDAPBean.java	20 Jan 2007 19:23:16 -0000	1.10
***************
*** 15,21 ****
  
  import java.io.IOException;
  import java.util.ArrayList;
  import java.util.List;
- import java.util.Properties;
  
  import javax.annotation.EJB;
--- 15,21 ----
  
  import java.io.IOException;
+ import java.security.Principal;
  import java.util.ArrayList;
  import java.util.List;
  
  import javax.annotation.EJB;
***************
*** 26,42 ****
  import javax.naming.NamingEnumeration;
  import javax.naming.NamingException;
- import javax.naming.directory.BasicAttributes;
  import javax.naming.directory.DirContext;
  import javax.naming.directory.SearchControls;
  import javax.naming.directory.SearchResult;
  import javax.naming.ldap.LdapContext;
! 
! import java.security.Principal;
! import javax.security.auth.login.LoginContext;
! import javax.security.auth.login.LoginException;
  import javax.security.auth.callback.Callback;
  import javax.security.auth.callback.CallbackHandler;
! import javax.resource.spi.security.PasswordCredential;
! import org.tolven.core.TolvenPropertiesLocal;
  import org.tolven.security.TolvenPerson;
  
--- 26,43 ----
  import javax.naming.NamingEnumeration;
  import javax.naming.NamingException;
  import javax.naming.directory.DirContext;
  import javax.naming.directory.SearchControls;
  import javax.naming.directory.SearchResult;
  import javax.naming.ldap.LdapContext;
! import javax.persistence.EntityManager;
! import javax.persistence.PersistenceContext;
! import javax.resource.spi.security.PasswordCredential;
  import javax.security.auth.callback.Callback;
  import javax.security.auth.callback.CallbackHandler;
! import javax.security.auth.login.LoginContext;
! import javax.security.auth.login.LoginException;
! 
! import org.jboss.annotation.ejb.Depends;
! import org.tolven.security.LDAPLocal;
  import org.tolven.security.TolvenPerson;
  
***************
*** 47,54 ****
   */
  @Stateless()
! @Local(LDAPLocal.class)        
! public class LDAPBean implements org.tolven.security.bean.LDAPLocal {
! 
!     @EJB private TolvenPropertiesLocal propertyBean;
  
  	private static final String uidField = "uid=";
--- 48,53 ----
   */
  @Stateless()
! @Local(LDAPLocal.class)
! public class LDAPBean implements LDAPLocal {
  
  	private static final String uidField = "uid=";
***************
*** 58,64 ****
      // Root User needed for updates TODO: Needs to be moved to environment variables
      private LdapContext ctx = null;
! 
!     public LDAPBean() {
!     }
      /**
       * Restore settings to their defaults
--- 57,61 ----
      // Root User needed for updates TODO: Needs to be moved to environment variables
      private LdapContext ctx = null;
!     
      /**
       * Restore settings to their defaults
***************
*** 67,73 ****
       */
      public void getLdapSettings() throws IOException {
!     	Properties props = propertyBean.getProperties();
!         baseDN = props.getProperty("tolven.ldap.baseDN");
!         genGroupDN = props.getProperty("tolven.ldap.genGroupDN");
          // User needed for updates
      }
--- 64,69 ----
       */
      public void getLdapSettings() throws IOException {
!         baseDN = System.getProperty("tolven.ldap.baseDN");
!         genGroupDN = System.getProperty("tolven.ldap.genGroupDN");
          // User needed for updates
      }

--- LDAPLocal.java DELETED ---

--- NEW FILE: LoginBean.java ---
package org.tolven.security.bean;

import java.io.IOException;
import java.util.Date;
import java.util.List;

import javax.annotation.EJB;
import javax.annotation.Resource;
import javax.ejb.EJBContext;
import javax.ejb.Local;
import javax.ejb.Stateless;
import javax.naming.NamingException;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import javax.xml.bind.JAXBException;

import org.tolven.admin.ActivateInvitation;
import org.tolven.core.ActivationLocal;
import org.tolven.core.InvitationLocal;
import org.tolven.core.bean.InvitationException;
import org.tolven.core.entity.Sponsorship;
import org.tolven.core.entity.Status;
import org.tolven.core.entity.TolvenUser;
import org.tolven.doc.entity.Invitation;
import org.tolven.security.LDAPLocal;
import org.tolven.security.LoginLocal;
import org.tolven.security.TolvenPerson;
import org.tolven.security.key.UserKeyRing;
@Stateless
@Local(LoginLocal.class)    
public class LoginBean implements LoginLocal {
	@PersistenceContext private EntityManager em;
	
	@Resource EJBContext ejbContext;
	
    @EJB private InvitationLocal invitationBean;
    @EJB private LDAPLocal ldapBean;

    /**
     * Given the principal's name, get the TolvenUser object. the parameter must be converted to lower case to ensure we find a match.
     */
     public TolvenUser findUser( String principal ) {
    	 //Support both types of active status;    	
  	   String activeStatus = Status.ACTIVE.value();
	   String oldActiveStatus = Status.OLD_ACTIVE.value(); 
  		//Activating should be replaced by New
 		String activatingStatus = Status.fromValue("ACTIVATING").value();
 		String newStatus = Status.NEW.value();
        String newLoginStatus = Status.NEW_LOGIN.value();
 		String select = "SELECT DISTINCT u FROM TolvenUser u WHERE u.ldapUID = :principal " +
        "and ( u.status = '";
 		select += oldActiveStatus + "' or u.status = '" + activeStatus + "' or u.status = '" + newStatus + "' or u.status = '" + activatingStatus + "' or u.status = '" + newLoginStatus + "') ";
    	 Query query = em.createQuery(select);
        query.setParameter("principal", principal.toLowerCase());
        query.setMaxResults(2);
        List<TolvenUser> items = query.getResultList();
        if (items.size()!=1) return null;
        return items.get(0);
     }

    public UserKeyRing findUserKeyRing(String aPrincipal) {
        return findUser(aPrincipal);
    }

    /**
     * Register a new user with an activation step that validates the userId as a valid eMail addresss.
     * <ol>
     * <li>Persist the new TolvenUser object</li>
     * <li>Create an LDAP entry</li>
     * <li>Create a TolvenUser Object</li>
     * <li>Create an invitation</li>
     * <li>Create an email referencing the invitation</li>
     * </ol>
     */
    public void register(  TolvenPerson tp, Date now ) throws Exception {
    	String rc = tp.getReferenceCode();
    	if (rc!=null) {
			findSponsorship(rc);
    	}
        ActivateInvitation detail = new ActivateInvitation( );
//      detail.setExpirationTime( DatatypeFactory.newInstance().newXMLGregorianCalendar( t));
        detail.setPrincipal( tp.getUid());
        detail.setReferenceCode( rc );
    	Invitation invitation = invitationBean.createInvitation(tp.getUid(), detail);
    	// Create an invitation
        invitation.setTitle( "Finish new user activation");
        invitation.setDispatchAction("activate");
        invitation.setTemplate("/invitation/activate.jsf");
        invitation.setAccount( null );	// No owner for registrations (could be sponsor)
        String expiration = System.getProperty("tolven.register.expiration");
        if (expiration!=null) {
        	long elapsed = Long.parseLong(expiration)*1000;
        	if (elapsed > 0) {
        		invitation.setExpiration( new Date( now.getTime()+ (Long.parseLong(expiration)*1000) ) );
        	}
        }
        // Once sent, the invitation state will be updated to reflect completion. Workflow, man. Workflow.
        invitationBean.queueInvitation( invitation );
        // Make the LDAP entry
        ldapBean.addPerson( tp );
    }
    /**
     * Activate a user. Return false if invitation has expired or logged in user does not match target user of invitation.
     * While an invitation is marked as used, there is no harm in supplying a used invitation id. 
     * This can happen if the user decides to bookmark the URL from an invitaiton eMail.
     * @param user An existing tolve user to be activated
     * @param invitation the invitation boolean indicating if this user has account administration permission
     * @param now A transactional now timestamp
     * @return A new AccountUser object
     * @throws IOException 
     * @throws JAXBException 
     * @throws InvitationException 
     * @throws NamingException 
     */
//    @WebMethod(operationName="activate", action="urn:Activate")
    public boolean activate( String principal, long invitationId, Date now) throws JAXBException, IOException, InvitationException, NamingException {
    	Invitation invitation = invitationBean.findInvitation( invitationId );
        if (invitation==null) return false;
        // If the expiration date is specified but it has past, then fail.
        if (invitation.getExpiration()!=null && invitation.getExpiration().before(now)) {
            return false;
        }
        invitationBean.executeInvitation(invitation, now);
        return true;
    }

    /**
     * Used for test, demo only. Register and immediately activate the user without sending an email. The user id does not need to be a valid email address.
     * The demoUser flag is set in the user account.
     * @param tp A TolvenPerson object representing the LDAP attributes of this user (A TolvenPerson is a transient object)
     * @param now A transactional now timestamp
     * @return A new TolvenUser object
     */
    public TolvenUser registerAndActivate(  TolvenPerson tp, Date now ) throws Exception {
       System.out.println( "registerAndActivate: " + tp.toString());
        // Create a new user object
       
    	TolvenUser user = createTolvenUser( tp.getUid(), now );
    	String rc = tp.getReferenceCode();
    	if (rc!=null) {
			Sponsorship sponsorship = findSponsorship(rc);
			user.setSponsorship(sponsorship);
    	}
    	user.setDemoUser(true);
        // Make the LDAP entry
        ldapBean.addPerson( tp );
    	return user;
    }

    /**
     * Given what is suspected to be a valid sponsorship reference code, return the Sponsorship 
     * This method fails loudly (throws an object not found exception) if the reference code is not found.
     * This should be sufficient to rollback a transaction intended to create a new user 
     * with an invalid reference code.
     * @throws NoResultException if the referenceCode is not found
     * @param referenceCode
     * @return
     */
    public Sponsorship findSponsorship( String referenceCode ) {
    	Query q = em.createQuery("SELECT s FROM Sponsorship s WHERE s.referenceCode = :rc");
    	q.setParameter("rc", referenceCode);
    	Sponsorship s = (Sponsorship) q.getSingleResult();
    	return s;
    }

    /**
     * Create a new Tolven User
     * @param principal
     * @return new TolvenUser object properly initialized and persisted
     */
    public TolvenUser createTolvenUser( String principal, Date now ) {
        System.out.println( "ceateTolvenUser: " + principal);
        TolvenUser user = new TolvenUser();
        user.setLdapUID( principal );
 		String activeStatus = Status.ACTIVE.value();
        user.setStatus( activeStatus);
        user.setLastLogin( null );    // Last login is null, never logged in before this
        user.setCreation( now ); 
        em.persist( user );
        return user;
    }
    

}

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/core/bean ActivationBean.java, 1.26, 1.27

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2714/src/org/tolven/core/bean

Modified Files:
	ActivationBean.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

Index: ActivationBean.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/ActivationBean.java,v
retrieving revision 1.26
retrieving revision 1.27
diff -C2 -d -r1.26 -r1.27
*** ActivationBean.java	1 Jan 2007 07:33:14 -0000	1.26
--- ActivationBean.java	20 Jan 2007 08:10:19 -0000	1.27
***************
*** 55,58 ****
--- 55,59 ----
  import org.tolven.security.TolvenPerson;
  import org.tolven.security.bean.LDAPLocal;
+ import org.tolven.security.key.UserKeyRing;
  
  
***************
*** 414,416 ****
--- 415,445 ----
  		return items;
     	}
+ 
+     public UserKeyRing findUserKeyRing(String aPrincipal) {
+         return findUser(aPrincipal);
+     }
+ 
+     /**
+      * Return a TolvenUser given aPrincipal
+      * @param aPrincipal
+      * @return
+      */
+     public TolvenUser findUser(String aPrincipal) {
+         //Support both types of active status;      
+         String activeStatus = Status.fromValue("active").value();
+         String oldActiveStatus = Status.fromValue("ACTIVE").value();
+         //Activating should be replaced by New
+         String activatingStatus = Status.fromValue("ACTIVATING").value();
+         String newStatus = Status.fromValue("new").value();
+         String select = "SELECT DISTINCT u FROM TolvenUser u WHERE u.ldapUID = :principal " + "and ( u.status = '";
+         select += oldActiveStatus + "' or u.status = '" + activeStatus + "' or u.status = '" + newStatus + "' or u.status = '" + activatingStatus + "') ";
+         Query query = em.createQuery(select);
+         query.setParameter("principal", aPrincipal.toLowerCase());
+         query.setMaxResults(2);
+         List<TolvenUser> items = query.getResultList();
+         if (items.size() != 1)
+             return null;
+         return items.get(0);
+     }
+ 
  }

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/core/entity TolvenUser.java, 1.15, 1.16

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/entity
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2714/src/org/tolven/core/entity

Modified Files:
	TolvenUser.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

Index: TolvenUser.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/entity/TolvenUser.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** TolvenUser.java	1 Jan 2007 10:04:21 -0000	1.15
--- TolvenUser.java	20 Jan 2007 08:10:19 -0000	1.16
***************
*** 23,26 ****
--- 23,27 ----
  
  import org.tolven.doc.entity.DocBase;
+ import org.tolven.security.key.UserKeyRing;
  import org.tolven.security.key.UserPublicKey;
  import org.tolven.security.key.UserPrivateKey;
***************
*** 53,57 ****
  @Entity
  @Table(name = "TOLVEN_USER", schema="core")
! public class TolvenUser implements Serializable {
      @Id
      @GeneratedValue(strategy=GenerationType.TABLE, generator="CORE_SEQ_GEN")
--- 54,58 ----
  @Entity
  @Table(name = "TOLVEN_USER", schema="core")
! public class TolvenUser implements Serializable, UserKeyRing {
      @Id
      @GeneratedValue(strategy=GenerationType.TABLE, generator="CORE_SEQ_GEN")
***************
*** 239,242 ****
--- 240,247 ----
          userPublicKey.init(aPublicKey);
      }
+ 
+     public void setUserPublicKey(UserPublicKey aUserPublicKey) {
+         userPublicKey = aUserPublicKey;
+     }
      
      public void initUserPrivateKey(char[] password) throws GeneralSecurityException, IOException {

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security LoginLocal.java, 1.1, NONE

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2714/src/org/tolven/security

Removed Files:
	LoginLocal.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

--- LoginLocal.java DELETED ---

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/core ActivationLocal.java, 1.15, 1.16

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2714/src/org/tolven/core

Modified Files:
	ActivationLocal.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

Index: ActivationLocal.java
===================================================================
RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/ActivationLocal.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** ActivationLocal.java	3 Dec 2006 08:34:18 -0000	1.15
--- ActivationLocal.java	20 Jan 2007 08:10:19 -0000	1.16
***************
*** 28,31 ****
--- 28,32 ----
  import org.tolven.doc.entity.Invitation;
  import org.tolven.security.TolvenPerson;
+ import org.tolven.security.key.UserKeyRing;
  
  
***************
*** 144,146 ****
--- 145,155 ----
       public List<TolvenUser> findAllActiveUsers( );
  
+      /**
+       * Find a UserKeyPair for aPrincipal
+       * @param aPrincipal
+       * @return
+       */
+      public UserKeyRing findUserKeyRing(String aPrincipal);
+ 
+      public TolvenUser findUser(String aPrincipal);
  }

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security/bean LoginBean.java, 1.1, NONE

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/bean
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2714/src/org/tolven/security/bean

Removed Files:
	LoginBean.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

--- LoginBean.java DELETED ---

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security/key UserKeyRing.java, NONE, 1.1

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2714/src/org/tolven/security/key

Added Files:
	UserKeyRing.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

--- NEW FILE: UserKeyRing.java ---
/*
 *  Copyright (C) 2006 Tolven Inc 
 *
 * This library is free software; you can redistribute it and/or modify it under the terms of 
 * the GNU Lesser General Public License as published by the Free Software Foundation; either 
 * version 2.1 of the License, or (at your option) any later version.
 * 
 * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; 
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
 * See the GNU Lesser General Public License for more details.
 * 
 * Contact: in...@to...
 */
package org.tolven.security.key;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PublicKey;

/**
 * An interface to define PublicKey/PrivateKey functionality for a user
 * 
 * @author Joseph Isaac
 */
public interface UserKeyRing {

    public UserPrivateKey getUserPrivateKey();

    public void setUserPrivateKey(UserPrivateKey privateKey);

    public boolean hasUserPrivateKey();

    public UserPublicKey getUserPublicKey();

    public PublicKey getPublicKey() throws GeneralSecurityException;

    public void setPublicKey(PublicKey aPublicKey);

    public void initUserPrivateKey(char[] password) throws GeneralSecurityException, IOException;

}

[Tolven-cvs-commit] tolvenWEB/src/org/tolven/web/security/auth KeyLoginModule.java, 1.1, 1.2 KeyLdapCallbackHandler.java, 1.1, 1.2 KeyLdapLoginModule.java, 1.4, NONE

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/auth
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2432/src/org/tolven/web/security/auth

Modified Files:
	KeyLoginModule.java KeyLdapCallbackHandler.java 
Removed Files:
	KeyLdapLoginModule.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

Index: KeyLoginModule.java
===================================================================
RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/auth/KeyLoginModule.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** KeyLoginModule.java	19 Jan 2007 08:21:39 -0000	1.1
--- KeyLoginModule.java	20 Jan 2007 08:10:13 -0000	1.2
***************
*** 16,19 ****
--- 16,20 ----
  import java.io.IOException;
  import java.security.Principal;
+ import java.security.PublicKey;
  import java.security.acl.Group;
  import java.util.Arrays;
***************
*** 31,46 ****
  import javax.security.auth.login.LoginException;
  import javax.security.auth.spi.LoginModule;
- import javax.security.jacc.PolicyContext;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpSession;
  
! import org.tolven.core.entity.TolvenUser;
! import org.tolven.security.LoginLocal;
  import org.tolven.security.TolvenPrincipal;
  import org.tolven.security.acl.TolvenGroup;
  import org.tolven.security.key.PrivateKeyRing;
  import org.tolven.security.key.UserPrivateKey;
  import org.tolven.security.key.UserPublicKey;
- import org.tolven.web.TopAction;
  
  /**
--- 32,43 ----
  import javax.security.auth.login.LoginException;
  import javax.security.auth.spi.LoginModule;
  
! import org.tolven.core.ActivationLocal;
  import org.tolven.security.TolvenPrincipal;
  import org.tolven.security.acl.TolvenGroup;
  import org.tolven.security.key.PrivateKeyRing;
+ import org.tolven.security.key.UserKeyRing;
  import org.tolven.security.key.UserPrivateKey;
  import org.tolven.security.key.UserPublicKey;
  
  /**
***************
*** 58,62 ****
      private Subject subject = null;
      private CallbackHandler callbackHandler = null;
!     private String username;
      private char[] password;
  
--- 55,59 ----
      private Subject subject = null;
      private CallbackHandler callbackHandler = null;
!     private String principalName;
      private char[] password;
  
***************
*** 76,82 ****
          try {
              callbackHandler.handle(callbacks);
!             username = nc.getName();
!             if (username == null)
!                 throw new LoginException("null username not permitted");
              char[] tmpPassword = pc.getPassword();
              if (tmpPassword == null)
--- 73,79 ----
          try {
              callbackHandler.handle(callbacks);
!             principalName = nc.getName();
!             if (principalName == null)
!                 throw new LoginException("null principalName not permitted");
              char[] tmpPassword = pc.getPassword();
              if (tmpPassword == null)
***************
*** 86,90 ****
              pc.clearPassword();
          } catch (IOException e) {
!             LoginException le = new LoginException("Failed to get username/password");
              le.initCause(e);
              throw le;
--- 83,87 ----
              pc.clearPassword();
          } catch (IOException e) {
!             LoginException le = new LoginException("Failed to get principalName/password");
              le.initCause(e);
              throw le;
***************
*** 101,130 ****
          try {
              if (System.getProperty("tolven.security.keys.activate") != null) {
!                 // Use the session to initialize TolvenUser
!                 HttpServletRequest request = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
!                 if (request == null)
!                     throw new LoginException(getClass() + ": could not obtain an HttpServletRequest");
!                 HttpSession session = request.getSession();
!                 if (session == null)
!                     throw new LoginException(getClass() + ": could not obtain an HttpSession");
!                 TopAction top = (TopAction) session.getAttribute("top");
!                 if (top == null)
!                     throw new LoginException(getClass() + ": could not obtain a TopAction");
!                 //TODO: Phase One obtain an initialized TolvenUser is valid
!                 TolvenUser user = top.intializeUser(username);
!                 if (user == null)
!                     throw new LoginException(getClass() + ": No User found, access denied");
!                 boolean userModified = false;
!                 if (!user.hasUserPrivateKey()) {
!                     System.out.println(getClass() + ": initialize keys ");
!                     user.initUserPrivateKey(password);
!                     userModified = true;
                  }
-                 UserPrivateKey userPrivateKey = user.getUserPrivateKey();
-                 System.out.println(getClass() + ": Adding  UserPrivateKey to Subject " + username);
                  userPrivateKey.unlockPrivateKey(password);
                  // Populate the Subject
!                 // Ensure there is only one Group called Roles
!                 Group group = null;;
                  for (Iterator iter = subject.getPrincipals(Group.class).iterator(); iter.hasNext();) {
                      group = (Group) iter.next();
--- 98,125 ----
          try {
              if (System.getProperty("tolven.security.keys.activate") != null) {
!                 // Obtain the UserKeyPair if it exists
!                 InitialContext ictx = new InitialContext();
!                 ActivationLocal activation = (ActivationLocal) ictx.lookup("tolven/ActivationBean/local");
!                 if (activation == null)
!                     throw new LoginException(getClass() + ": Could not locate the LoginLocal");
!                 UserPrivateKey userPrivateKey = null;
!                 UserPublicKey userPublicKey = null;
!                 UserKeyRing userKeyRing = activation.findUserKeyRing(principalName);
!                 if (userKeyRing == null || userKeyRing.getUserPrivateKey() == null) {
!                     // Create the keys
!                     System.out.println("Create new keys for " + principalName);
!                     userPrivateKey = UserPrivateKey.getInstance();
!                     PublicKey publicKey = userPrivateKey.init(password);
!                     userPublicKey = UserPublicKey.getInstance();
!                     userPublicKey.init(publicKey);
!                 } else {
!                     userPrivateKey = userKeyRing.getUserPrivateKey();
!                     userPublicKey = userKeyRing.getUserPublicKey();
                  }
                  userPrivateKey.unlockPrivateKey(password);
                  // Populate the Subject
!                 System.out.println(getClass() + ": Adding  UserPrivateKey to Subject " + principalName);
!                 // TolvenPrncipal: Ensure there is only one Group called Roles
!                 Group group = null;
                  for (Iterator iter = subject.getPrincipals(Group.class).iterator(); iter.hasNext();) {
                      group = (Group) iter.next();
***************
*** 133,137 ****
                      group = null;
                  }
!                 if(group == null) {
                  } else {
                  }
--- 128,132 ----
                      group = null;
                  }
!                 if (group == null) {
                  } else {
                  }
***************
*** 140,147 ****
                  // TODO: Currently we do not distinguish by role. When roles are supported in LDAP this code can be removed
                  boolean allRolesExists = false;
!                 Principal principal = null;
                  for (Enumeration e = group.members(); e.hasMoreElements();) {
!                     principal = (Principal) e.nextElement();
!                     if ("*".equalsIgnoreCase(principal.getName())) {
                          allRolesExists = true;
                          break;
--- 135,142 ----
                  // TODO: Currently we do not distinguish by role. When roles are supported in LDAP this code can be removed
                  boolean allRolesExists = false;
!                 Principal principalName = null;
                  for (Enumeration e = group.members(); e.hasMoreElements();) {
!                     principalName = (Principal) e.nextElement();
!                     if ("*".equalsIgnoreCase(principalName.getName())) {
                          allRolesExists = true;
                          break;
***************
*** 150,174 ****
                  if (!allRolesExists)
                      group.addMember(new TolvenPrincipal("*"));
!                 // Ensure there is only one PrivateKeyRing in a Subject by removing any that might be there
                  for (Iterator iter = subject.getPrivateCredentials(PrivateKeyRing.class).iterator(); iter.hasNext();) {
                      iter.remove();
                  }
                  subject.getPrivateCredentials().add(new PrivateKeyRing(userPrivateKey));
!                 System.out.println(getClass() + ": Adding  getUserPublicKey to Subject " + username);
!                 // Ensure there is only one UserPublicKey in a Subject by removing any that might be there
                  for (Iterator iter = subject.getPublicCredentials(UserPublicKey.class).iterator(); iter.hasNext();) {
                      iter.remove();
                  }
!                 subject.getPublicCredentials().add(user.getUserPublicKey());
!                 if (userModified) {
!                     InitialContext ictx = new InitialContext();
!                     LoginLocal loginLocal = (LoginLocal) ictx.lookup("tolven/LoginBean/local");
!                     if (loginLocal == null)
!                         throw new LoginException(getClass() + ": Could not locate the LoginBean");
!                     loginLocal.update(user);
!                     System.out.println(getClass() + ": persisted new keys user " + username);
!                 }
              }
!             System.out.println(getClass() + ": completing login for " + username);
          } catch (Exception ex) {
              ex.printStackTrace();
--- 145,163 ----
                  if (!allRolesExists)
                      group.addMember(new TolvenPrincipal("*"));
!                 // UserPrivateKey: Ensure there is only one PrivateKeyRing in a Subject by removing any that might be there
                  for (Iterator iter = subject.getPrivateCredentials(PrivateKeyRing.class).iterator(); iter.hasNext();) {
+                     iter.next();
                      iter.remove();
                  }
                  subject.getPrivateCredentials().add(new PrivateKeyRing(userPrivateKey));
!                 System.out.println(getClass() + ": Adding  getUserPublicKey to Subject " + principalName);
!                 // UserPublicKey: Ensure there is only one UserPublicKey in a Subject by removing any that might be there
                  for (Iterator iter = subject.getPublicCredentials(UserPublicKey.class).iterator(); iter.hasNext();) {
+                     iter.next();
                      iter.remove();
                  }
!                 subject.getPublicCredentials().add(userPublicKey);
              }
!             System.out.println(getClass() + ": completing login for " + principalName);
          } catch (Exception ex) {
              ex.printStackTrace();
***************
*** 190,194 ****
      private void removeAllCredentials() throws LoginException {
          callbackHandler = null;
!         username = null;
          Arrays.fill(password, '0');
          password = null;
--- 179,183 ----
      private void removeAllCredentials() throws LoginException {
          callbackHandler = null;
!         principalName = null;
          Arrays.fill(password, '0');
          password = null;

Index: KeyLdapCallbackHandler.java
===================================================================
RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/auth/KeyLdapCallbackHandler.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** KeyLdapCallbackHandler.java	10 Jan 2007 08:52:00 -0000	1.1
--- KeyLdapCallbackHandler.java	20 Jan 2007 08:10:13 -0000	1.2
***************
*** 10,14 ****
  
  /**
!  * This class, in conjuction with KeyLdapLoginModule, provides a way to verify a user's LDAP identity.
   * 
   * @author Joseph Isaac
--- 10,14 ----
  
  /**
!  * This class, in conjuction with the tolvenLDAP security domain to provides a way to verify a user's identity.
   * 
   * @author Joseph Isaac

--- KeyLdapLoginModule.java DELETED ---

[Tolven-cvs-commit] tolvenWEB build.xml,1.8,1.9

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenWEB
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2432

Modified Files:
	build.xml 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

Index: build.xml
===================================================================
RCS file: /cvsroot/tolven/tolvenWEB/build.xml,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** build.xml	10 Jan 2007 08:52:00 -0000	1.8
--- build.xml	20 Jan 2007 08:10:14 -0000	1.9
***************
*** 28,34 ****
          </fileset>
          <pathelement location="${junit.location}/junit.jar"/>
-         <fileset dir="${tolven.location}">
- 			<include name="lib/jboss/jbosssx.jar"/>
-         </fileset>
      </path>
      <target name="init">
--- 28,31 ----

[Tolven-cvs-commit] tolvenWEB/src/org/tolven/web TopAction.java, 1.30, 1.31

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2432/src/org/tolven/web

Modified Files:
	TopAction.java 
Log Message:
Removed TolvenUser modification responsibility from KeyLoginModule to TopAction, leaving key responsibility to the LoginModule. Removed LoginLocal/LoginBean and moved theirfunctionality to ActivationLocal/ActivationBean.

Index: TopAction.java
===================================================================
RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/TopAction.java,v
retrieving revision 1.30
retrieving revision 1.31
diff -C2 -d -r1.30 -r1.31
*** TopAction.java	16 Jan 2007 06:36:58 -0000	1.30
--- TopAction.java	20 Jan 2007 08:10:14 -0000	1.31
***************
*** 40,48 ****
  import org.tolven.core.entity.Status;
  import org.tolven.core.entity.TolvenUser;
- import org.tolven.security.LoginLocal;
  import org.tolven.security.TolvenPerson;
  import org.tolven.security.bean.LDAPLocal;
  import org.tolven.security.key.PrivateKeyRing;
  import org.tolven.security.key.UserPrivateKey;
  
  /**
--- 40,48 ----
  import org.tolven.core.entity.Status;
  import org.tolven.core.entity.TolvenUser;
  import org.tolven.security.TolvenPerson;
  import org.tolven.security.bean.LDAPLocal;
  import org.tolven.security.key.PrivateKeyRing;
  import org.tolven.security.key.UserPrivateKey;
+ import org.tolven.security.key.UserPublicKey;
  
  /**
***************
*** 62,67 ****
  //      @EJB
          private MenuLocal menuLocal;
- //      @EJB 
-         private LoginLocal loginLocal;
          
          
--- 62,65 ----
***************
*** 110,114 ****
             invitationBean = (InvitationLocal) ctx.lookup("tolven/InvitationBean/local");
             propertyBean = (TolvenPropertiesLocal) ctx.lookup("tolven/TolvenProperties/local");
-            loginLocal = (LoginLocal) ctx.lookup("tolven/LoginBean/local");
          }
          catch (NamingException e)
--- 108,111 ----
***************
*** 187,190 ****
--- 184,193 ----
              return dispatchingLogout("missingUserObject");
          }
+ 
+         if (System.getProperty("tolven.security.keys.activate") != null) {
+             if (!getUser().hasUserPrivateKey()) {
+                 addKeysToUser();
+             }
+         }
          
      	accountUserId = getRequestParameterAsLong( "accountUserId" );
***************
*** 234,251 ****
      }
  
-     //TODO: This method is currently used during the login process phase One. Perhaps the creation of the user should be pushed to EJB tier
-     public TolvenUser intializeUser(String userId) throws Exception {
-         user = loginLocal.findUser(userId);
-         if (user == null) {
-             user = new TolvenUser();
-             user.setLdapUID(userId);
-             user.setStatus(Status.NEW_LOGIN.value());
-             user.setLastLogin(null); // Last login is null, never logged in before this
-             user.setCreation(getNow());
-             loginLocal.update(user);
-         }
-         return user;
-     }
- 
      public String logout(){
          return dispatchingLogout("loggedOut");
--- 237,240 ----
***************
*** 296,299 ****
--- 285,304 ----
  
      /**
+      * Return the PublicKey for the user
+      * @return
+      * @throws PolicyContextException
+      * @throws GeneralSecurityException
+      */
+     public UserPublicKey getUserPublicKey() throws PolicyContextException, GeneralSecurityException {
+         Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
+         if (subject == null)
+             throw new GeneralSecurityException("No Subject found in PolicyContext for " + getUser().getLdapUID());
+         Set publicCredentials = subject.getPublicCredentials(UserPublicKey.class);
+         if (publicCredentials.isEmpty())
+             throw new GeneralSecurityException(": No UserPublicKey found for " + getUser().getLdapUID());
+         return (UserPublicKey) publicCredentials.iterator().next();
+     }
+ 
+     /**
       * Return the UserPrivateKey for the user
       * @return
***************
*** 304,307 ****
--- 309,327 ----
          return getPrivateKeyRing().getUserPrivateKey();
      }
+     
+     /**
+      * Add Keys from the Subject to what should be a new TolvenUser who is logging in
+      * @throws PolicyContextException
+      * @throws GeneralSecurityException
+      */
+     private void addKeysToUser() throws PolicyContextException, GeneralSecurityException {
+         UserPrivateKey userPrivateKey = getUserPrivateKey();
+         if (userPrivateKey == null)
+             throw new GeneralSecurityException("User has no UserPrivateKey and none found in Subject");
+         if (!getUser().hasUserPrivateKey()) {
+             getUser().setUserPrivateKey(userPrivateKey);
+             getUser().setUserPublicKey(getUserPublicKey());
+         }
+     }
  
      /**

[Tolven-cvs-commit] tolven/jboss-config login-config.xml, 1.15, 1.16

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolven/jboss-config
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16444/jboss-config

Modified Files:
	login-config.xml 
Log Message:
KeyLoginModule is now stacked with JBoss' LdapLoginModule. The latter authenticates the user against LDAP. The latter adds no features until encryption is released...then it will add credentials to the Subject.

Index: login-config.xml
===================================================================
RCS file: /cvsroot/tolven/tolven/jboss-config/login-config.xml,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** login-config.xml	19 Jan 2007 09:08:32 -0000	1.15
--- login-config.xml	20 Jan 2007 04:48:24 -0000	1.16
***************
*** 67,71 ****
      <application-policy name="tolvenLDAP">
          <authentication>
!             <login-module code="org.tolven.web.security.auth.KeyLdapLoginModule"
                            flag="required">
                  <module-option name="java.naming.factory.initial"> 
--- 67,71 ----
      <application-policy name="tolvenLDAP">
          <authentication>
!             <login-module code="org.jboss.security.auth.spi.LdapLoginModule"
                            flag="required">
                  <module-option name="java.naming.factory.initial"> 
***************
*** 93,96 ****
--- 93,99 ----
                  <module-option name="roleAttributeIsDN">false </module-option>
              </login-module>
+             <login-module code="org.tolven.web.security.auth.KeyLoginModule"
+                           flag="required">
+             </login-module>
          </authentication>
      </application-policy>

[Tolven-cvs-commit] tolven/jboss-config login-config.xml, 1.14, 1.15

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolven/jboss-config
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv29734/jboss-config

Modified Files:
	login-config.xml 
Log Message:
Reverting to previouis version. An unexpected 'cannot locate account' occurs under register conditions with security activation OFF, but does not occur with security ON and needs to be checked.

Index: login-config.xml
===================================================================
RCS file: /cvsroot/tolven/tolven/jboss-config/login-config.xml,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** login-config.xml	19 Jan 2007 08:40:58 -0000	1.14
--- login-config.xml	19 Jan 2007 09:08:32 -0000	1.15
***************
*** 67,71 ****
      <application-policy name="tolvenLDAP">
          <authentication>
!             <login-module code="org.jboss.security.auth.spi.LdapLoginModule"
                            flag="required">
                  <module-option name="java.naming.factory.initial"> 
--- 67,71 ----
      <application-policy name="tolvenLDAP">
          <authentication>
!             <login-module code="org.tolven.web.security.auth.KeyLdapLoginModule"
                            flag="required">
                  <module-option name="java.naming.factory.initial"> 
***************
*** 93,99 ****
                  <module-option name="roleAttributeIsDN">false </module-option>
              </login-module>
-             <login-module code="org.tolven.web.security.auth.KeyLoginModule"
-                           flag="required">
-             </login-module>
          </authentication>
      </application-policy>
--- 93,96 ----

[Tolven-cvs-commit] tolven/jboss-config login-config.xml, 1.13, 1.14

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolven/jboss-config
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv17837/jboss-config

Modified Files:
	login-config.xml 
Log Message:
KeyLoginModule is now stacked with JBoss' LdapLoginModule. The latter authenticates the user against LDAP. The latter adds no features until encryption is released...then it will add credentials to the Subject.

Index: login-config.xml
===================================================================
RCS file: /cvsroot/tolven/tolven/jboss-config/login-config.xml,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** login-config.xml	10 Jan 2007 09:14:27 -0000	1.13
--- login-config.xml	19 Jan 2007 08:40:58 -0000	1.14
***************
*** 67,71 ****
      <application-policy name="tolvenLDAP">
          <authentication>
!             <login-module code="org.tolven.web.security.auth.KeyLdapLoginModule"
                            flag="required">
                  <module-option name="java.naming.factory.initial"> 
--- 67,71 ----
      <application-policy name="tolvenLDAP">
          <authentication>
!             <login-module code="org.jboss.security.auth.spi.LdapLoginModule"
                            flag="required">
                  <module-option name="java.naming.factory.initial"> 
***************
*** 93,96 ****
--- 93,99 ----
                  <module-option name="roleAttributeIsDN">false </module-option>
              </login-module>
+             <login-module code="org.tolven.web.security.auth.KeyLoginModule"
+                           flag="required">
+             </login-module>
          </authentication>
      </application-policy>

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security TolvenPrincipal.java, NONE, 1.1

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv10391/src/org/tolven/security

Added Files:
	TolvenPrincipal.java 
Log Message:
TolvenPrincipal and TolvenGroup free Tolven from using the JBoss class equivalents.

--- NEW FILE: TolvenPrincipal.java ---
/*
 *  Copyright (C) 2006 Tolven Inc 
 *
 * This library is free software; you can redistribute it and/or modify it under the terms of 
 * the GNU Lesser General Public License as published by the Free Software Foundation; either 
 * version 2.1 of the License, or (at your option) any later version.
 * 
 * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; 
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
 * See the GNU Lesser General Public License for more details.
 * 
 * Contact: in...@to...
 */
package org.tolven.security;

import java.security.Principal;

/**
 * A Tolven specific principal
 * 
 * @author Joseph Isaac
 *
 */
public class TolvenPrincipal implements Principal {

    private String name;

    public TolvenPrincipal(String name) {
        this.name = name;
    }

    public String getName() {
        return name;
    }

}

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security/acl TolvenGroup.java, NONE, 1.1

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/acl
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv10391/src/org/tolven/security/acl

Added Files:
	TolvenGroup.java 
Log Message:
TolvenPrincipal and TolvenGroup free Tolven from using the JBoss class equivalents.

--- NEW FILE: TolvenGroup.java ---
/*
 *  Copyright (C) 2006 Tolven Inc 
 *
 * This library is free software; you can redistribute it and/or modify it under the terms of 
 * the GNU Lesser General Public License as published by the Free Software Foundation; either 
 * version 2.1 of the License, or (at your option) any later version.
 * 
 * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; 
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
 * See the GNU Lesser General Public License for more details.
 * 
 * Contact: in...@to...
 */
package org.tolven.security.acl;

import java.security.Principal;
import java.security.acl.Group;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;

/**
 * A Tolven specific Group
 * 
 * @author Joseph Isaac
 *
 */
public class TolvenGroup implements Group {

    private String name;
    private HashSet members;

    public TolvenGroup(String name) {
        this.name = name;
        members = new HashSet();
    }

    public boolean addMember(Principal user) {
        return members.add(user);
    }

    public boolean removeMember(Principal user) {
        return members.remove(user);
    }

    public boolean isMember(Principal member) {
        Principal myPrincipal = null;
        Object obj = null;
        for (Enumeration e = Collections.enumeration(members); e.hasMoreElements();) {
            obj = e.nextElement();
            if (obj instanceof Group) {
                System.out.println("JOE: instanceof Group " + ((Group) obj).isMember(member));
                return ((Group) obj).isMember(member);
            } else if (obj instanceof Principal) {
                myPrincipal = (Principal) obj;
                System.out.println("JOE: instanceof " + myPrincipal.getName() + " AND " + myPrincipal.getName() != null && myPrincipal.getName().equals(member.getName()));
                return myPrincipal.getName() != null && myPrincipal.getName().equals(member.getName());
            }
        }
        return false;
    }

    public Enumeration<? extends Principal> members() {
        return Collections.enumeration(members);
    }

    public String getName() {
        return name;
    }

}

[Tolven-cvs-commit] tolvenEJB/src/org/tolven/security/acl - New directory

[Joseph I. <jos...@us...>]

Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/acl
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv10381/src/org/tolven/security/acl

Log Message:
Directory /cvsroot/tolven/tolvenEJB/src/org/tolven/security/acl added to the repository