2 * Copyright 2010 Electronic Business Systems Ltd.
4 * This file is part of GSS.
6 * GSS is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * GSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with GSS. If not, see <http://www.gnu.org/licenses/>.
19 package gr.ebs.gss.server;
21 import static gr.ebs.gss.server.configuration.GSSConfigurationFactory.getConfiguration;
22 import gr.ebs.gss.client.exceptions.DuplicateNameException;
23 import gr.ebs.gss.client.exceptions.ObjectNotFoundException;
24 import gr.ebs.gss.client.exceptions.RpcException;
25 import gr.ebs.gss.server.domain.User;
26 import gr.ebs.gss.server.ejb.TransactionHelper;
28 import java.io.IOException;
29 import java.util.concurrent.Callable;
31 import javax.servlet.http.HttpServletRequest;
32 import javax.servlet.http.HttpServletResponse;
34 import org.apache.commons.logging.Log;
35 import org.apache.commons.logging.LogFactory;
38 * The servlet that handles user registration.
42 public class Registration extends BaseServlet {
44 * The request parameter name for the acceptance flag.
46 private static final String ACCEPT_PARAM = "accept";
49 * The request parameter name for the firstname.
51 private static final String FIRSTNAME_PARAM = "firstname";
54 * The request parameter name for the lastname.
56 private static final String LASTNAME_PARAM = "lastname";
59 * The request parameter name for the username.
61 private static final String USERNAME_PARAM = "username";
64 * The request parameter name for the e-mail.
66 private static final String EMAIL_PARAM = "email";
69 * The request parameter name for the password.
71 private static final String PASSWORD_PARAM = "password";
74 * The request parameter name for the password confirmation.
76 private static final String PASSWORD2_PARAM = "password2";
79 * The serial version UID of the class.
81 private static final long serialVersionUID = 1L;
86 private static Log logger = LogFactory.getLog(Registration.class);
89 public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
90 if (getConfiguration().getBoolean("onlyRegisterWithCode"))
91 response.sendRedirect("invites.jsp");
93 response.sendRedirect("register.jsp");
97 public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
98 final String firstname = request.getParameter(FIRSTNAME_PARAM);
99 final String lastname = request.getParameter(LASTNAME_PARAM);
100 final String email = request.getParameter(EMAIL_PARAM);
101 final String username = request.getParameter(USERNAME_PARAM);
102 String password = request.getParameter(PASSWORD_PARAM);
103 String password2 = request.getParameter(PASSWORD2_PARAM);
104 String accept = request.getParameter(ACCEPT_PARAM);
105 response.setContentType("text/html");
107 // Validate input parameters.
108 if (username == null || username.isEmpty()) {
109 String error = encode("No username was specified");
110 String errorUrl = "register.jsp?username=&error=" + error;
111 errorUrl += "&firstname=" + (firstname == null? "": encode(firstname));
112 errorUrl += "&lastname=" + (lastname == null? "": encode(lastname));
113 errorUrl += "&email=" + (email == null? "": encode(email));
114 response.sendRedirect(errorUrl);
116 } else if (username.indexOf(' ') != -1) {
117 String error = encode("Spaces in username are not allowed");
118 String errorUrl = "register.jsp?username=&error=" + error;
119 errorUrl += "&firstname=" + (firstname == null? "": encode(firstname));
120 errorUrl += "&lastname=" + (lastname == null? "": encode(lastname));
121 errorUrl += "&email=" + (email == null? "": encode(email));
122 response.sendRedirect(errorUrl);
124 } else if (firstname == null || firstname.isEmpty()) {
125 String error = encode("No firstname was specified");
126 String errorUrl = "register.jsp?firstname=&error=" + error;
127 errorUrl += "&username=" + encode(username);
128 errorUrl += "&lastname=" + (lastname == null? "": encode(lastname));
129 errorUrl += "&email=" + (email == null? "": encode(email));
130 response.sendRedirect(errorUrl);
132 } else if (lastname == null || lastname.isEmpty()) {
133 String error = encode("No lastname was specified");
134 String errorUrl = "register.jsp?lastname=&error=" + error;
135 errorUrl += "&username=" + encode(username);
136 errorUrl += "&firstname=" + encode(firstname);
137 errorUrl += "&email=" + (email == null? "": encode(email));
138 response.sendRedirect(errorUrl);
140 } else if (email == null || email.isEmpty()) {
141 String error = encode("No e-mail was specified");
142 String errorUrl = "register.jsp?email=&error=" + error;
143 errorUrl += "&username=" + encode(username);
144 errorUrl += "&firstname=" + encode(firstname);
145 errorUrl += "&lastname=" + encode(lastname);
146 response.sendRedirect(errorUrl);
148 } else if (password == null || password.isEmpty()) {
149 String error = encode("No password was specified");
150 String errorUrl = "register.jsp?error=" + error;
151 errorUrl += "&username=" + encode(username);
152 errorUrl += "&firstname=" + encode(firstname);
153 errorUrl += "&lastname=" + encode(lastname);
154 errorUrl += "&email=" + encode(email);
155 response.sendRedirect(errorUrl);
157 } else if (!password.equals(password2)) {
158 String error = encode("Passwords do not match");
159 String errorUrl = "register.jsp?error=" + error;
160 errorUrl += "&username=" + encode(username);
161 errorUrl += "&firstname=" + encode(firstname);
162 errorUrl += "&lastname=" + encode(lastname);
163 errorUrl += "&email=" + encode(email);
164 response.sendRedirect(errorUrl);
166 } else if (!"on".equalsIgnoreCase(accept)) {
167 String error = encode("You must accept the terms and conditions");
168 String errorUrl = "register.jsp?error=" + error;
169 errorUrl += "&username=" + encode(username);
170 errorUrl += "&firstname=" + encode(firstname);
171 errorUrl += "&lastname=" + encode(lastname);
172 errorUrl += "&email=" + encode(email);
173 response.sendRedirect(errorUrl);
179 user = getService().findUser(username);
181 String error = encode("The username already exists");
182 String errorUrl = "register.jsp?username=&error=" + error;
183 errorUrl += "&firstname=" + encode(firstname);
184 errorUrl += "&lastname=" + encode(lastname);
185 errorUrl += "&email=" + encode(email);
186 response.sendRedirect(errorUrl);
190 getService().createLdapUser(username, firstname, lastname, email, password);
191 } catch (Exception e) {
193 handleException(response, e.getMessage());
196 final User userDto = new TransactionHelper<User>().tryExecute(new Callable<User>() {
198 public User call() throws Exception {
199 return getService().createUser(username, firstname + " " + lastname, email, "", "", "");
203 new TransactionHelper<Void>().tryExecute(new Callable<Void>() {
205 public Void call() throws Exception {
206 getService().updateUserPolicyAcceptance(userDto.getId(), true);
211 response.sendRedirect("registered.jsp");
212 } catch (RpcException e) {
214 handleException(response, "An error occurred while communicating with the service");
215 } catch (DuplicateNameException e) {
216 // Can't happen, but this is more user-friendly than an assert.
218 handleException(response, "The username already exists");
219 } catch (ObjectNotFoundException e) {
220 // Can't happen, but this is more user-friendly than an assert.
222 handleException(response, "No username or name was specified");
223 } catch (Exception e) {
225 handleException(response, e.getMessage());
229 private void handleException(HttpServletResponse response, String error) throws IOException {
230 String errorUrl = "register.jsp?username=&firstname=&lastname=&email=&error=" + encode(error);
231 response.sendRedirect(errorUrl);