Set all required objectClass attributes when adding an entry to LDAP. Also consistent...

diff --git a/jboss/conf/gss.properties b/jboss/conf/gss.properties
index 5d56ecf..e733a96 100644 (file)
--- a/jboss/conf/gss.properties
+++ b/jboss/conf/gss.properties
@@ -37,5 +37,6 @@ bindDn=cn=Manager\,dc=ebs\,dc=gr
 bindPassword=secret
 # The base DN where user accounts will be created.
 baseDn=ou=people\,dc=ebs\,dc=gr
-# The LDAP objectClass to use for new accounts.
-objectClass=inetOrgPerson
+# The (one or more) LDAP objectClass to use for new accounts.
+objectClass=eduPerson, inetOrgPerson, mailRecipient, organizationalPerson, person
+

diff --git a/src/gr/ebs/gss/server/Invitations.java b/src/gr/ebs/gss/server/Invitations.java
index 1ddebbb..eb39bb9 100644 (file)
--- a/src/gr/ebs/gss/server/Invitations.java
+++ b/src/gr/ebs/gss/server/Invitations.java
@@ -18,18 +18,11 @@
  */
 package gr.ebs.gss.server;
 
-import static gr.ebs.gss.server.configuration.GSSConfigurationFactory.getConfiguration;
 import gr.ebs.gss.client.exceptions.RpcException;
 import gr.ebs.gss.server.domain.Invitation;
-import gr.ebs.gss.server.ejb.ExternalAPI;
 
 import java.io.IOException;
-import java.net.URLEncoder;
 
-import javax.naming.Context;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
-import javax.rmi.PortableRemoteObject;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -57,24 +50,6 @@ public class Invitations extends Registration {
         */
        private static Log logger = LogFactory.getLog(Invitations.class);
 
-       /**
-        * A helper method that retrieves a reference to the ExternalAPI bean and
-        * stores it for future use.
-        *
-        * @return an ExternalAPI instance
-        * @throws RpcException in case an error occurs
-        */
-       private ExternalAPI getService() throws RpcException {
-               try {
-                       final Context ctx = new InitialContext();
-                       final Object ref = ctx.lookup(getConfiguration().getString("externalApiPath"));
-                       return (ExternalAPI) PortableRemoteObject.narrow(ref, ExternalAPI.class);
-               } catch (final NamingException e) {
-                       logger.error("Unable to retrieve the ExternalAPI EJB", e);
-                       throw new RpcException("An error occurred while contacting the naming service");
-               }
-       }
-
        @Override
        public void service(HttpServletRequest request, HttpServletResponse response) throws IOException {
                String code = request.getParameter(CODE_PARAM);
@@ -82,29 +57,29 @@ public class Invitations extends Registration {
 
                // Validate input parameters.
                if (code == null || code.isEmpty()) {
-                       String error = URLEncoder.encode("No code was specified", "UTF-8");
-                       String errorUrl = "invites.jsp?error=" + error;
-                       response.sendRedirect(errorUrl);
+                       response.sendRedirect("invites.jsp?error=" + encode("No code was specified"));
                        return;
                }
 
                try {
                        Invitation invite = getService().findInvite(code);
                        if (invite == null) {
-                               String error = URLEncoder.encode("The specified code was not found", "UTF-8");
-                               String errorUrl = "invites.jsp?code=&error=" + error;
-                               response.sendRedirect(errorUrl);
+                               response.sendRedirect("invites.jsp?code=&error=" + encode("The specified code was not found"));
                                return;
                        }
                        String firstname = invite.getFirstname() == null? "": invite.getFirstname();
                        String lastname = invite.getLastname() == null? "": invite.getLastname();
                        String email = invite.getEmail() == null? "": invite.getEmail();
-                       response.sendRedirect("register.jsp?firstname=" + firstname +
-                                       "&lastname=" + lastname + "&email=" + email);
+                       response.sendRedirect("register.jsp?firstname=" + encode(firstname) +
+                                       "&lastname=" + encode(lastname) + "&email=" + encode(email));
                } catch (RpcException e) {
-                       String error = "An error occurred while communicating with the service";
-                       logger.error(error, e);
-                       response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, error);
+                       logger.error(e);
+                       handleException(response, encode("An error occurred while communicating with the service"));
                }
        }
+
+       private void handleException(HttpServletResponse response, String error) throws IOException {
+               String errorUrl = "invites.jsp?username=&firstname=&lastname=&email=&error=" + error;
+               response.sendRedirect(errorUrl);
+       }
 }

diff --git a/src/gr/ebs/gss/server/Registration.java b/src/gr/ebs/gss/server/Registration.java
index dcd5835..37da8f0 100644 (file)
--- a/src/gr/ebs/gss/server/Registration.java
+++ b/src/gr/ebs/gss/server/Registration.java
@@ -28,6 +28,7 @@ import gr.ebs.gss.server.ejb.ExternalAPI;
 import gr.ebs.gss.server.ejb.TransactionHelper;
 
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.util.concurrent.Callable;
 
@@ -100,7 +101,7 @@ public class Registration extends HttpServlet {
         * @return an ExternalAPI instance
         * @throws RpcException in case an error occurs
         */
-       private ExternalAPI getService() throws RpcException {
+       protected ExternalAPI getService() throws RpcException {
                try {
                        final Context ctx = new InitialContext();
                        final Object ref = ctx.lookup(getConfiguration().getString("externalApiPath"));
@@ -132,62 +133,62 @@ public class Registration extends HttpServlet {
 
                // Validate input parameters.
                if (username == null || username.isEmpty()) {
-                       String error = URLEncoder.encode("No username was specified", "UTF-8");
+                       String error = encode("No username was specified");
                        String errorUrl = "register.jsp?username=&error=" + error;
-                       errorUrl += "&firstname=" + (firstname == null? "": firstname);
-                       errorUrl += "&lastname=" + (lastname == null? "": lastname);
-                       errorUrl += "&email=" + (email == null? "": email);
+                       errorUrl += "&firstname=" + (firstname == null? "": encode(firstname));
+                       errorUrl += "&lastname=" + (lastname == null? "": encode(lastname));
+                       errorUrl += "&email=" + (email == null? "": encode(email));
                        response.sendRedirect(errorUrl);
                        return;
                } else if (firstname == null || firstname.isEmpty()) {
-                       String error = URLEncoder.encode("No firstname was specified", "UTF-8");
+                       String error = encode("No firstname was specified");
                        String errorUrl = "register.jsp?firstname=&error=" + error;
-                       errorUrl += "&username=" + username;
-                       errorUrl += "&lastname=" + (lastname == null? "": lastname);
-                       errorUrl += "&email=" + (email == null? "": email);
+                       errorUrl += "&username=" + encode(username);
+                       errorUrl += "&lastname=" + (lastname == null? "": encode(lastname));
+                       errorUrl += "&email=" + (email == null? "": encode(email));
                        response.sendRedirect(errorUrl);
                        return;
                } else if (lastname == null || lastname.isEmpty()) {
-                       String error = URLEncoder.encode("No lastname was specified", "UTF-8");
+                       String error = encode("No lastname was specified");
                        String errorUrl = "register.jsp?lastname=&error=" + error;
-                       errorUrl += "&username=" + username;
-                       errorUrl += "&firstname=" + firstname;
-                       errorUrl += "&email=" + (email == null? "": email);
+                       errorUrl += "&username=" + encode(username);
+                       errorUrl += "&firstname=" + encode(firstname);
+                       errorUrl += "&email=" + (email == null? "": encode(email));
                        response.sendRedirect(errorUrl);
                        return;
                } else if (email == null || email.isEmpty()) {
-                       String error = URLEncoder.encode("No e-mail was specified", "UTF-8");
+                       String error = encode("No e-mail was specified");
                        String errorUrl = "register.jsp?email=&error=" + error;
-                       errorUrl += "&username=" + username;
-                       errorUrl += "&firstname=" + firstname;
-                       errorUrl += "&lastname=" + lastname;
+                       errorUrl += "&username=" + encode(username);
+                       errorUrl += "&firstname=" + encode(firstname);
+                       errorUrl += "&lastname=" + encode(lastname);
                        response.sendRedirect(errorUrl);
                        return;
                } else if (password == null || password.isEmpty()) {
-                       String error = URLEncoder.encode("No password was specified", "UTF-8");
+                       String error = encode("No password was specified");
                        String errorUrl = "register.jsp?error=" + error;
-                       errorUrl += "&username=" + username;
-                       errorUrl += "&firstname=" + firstname;
-                       errorUrl += "&lastname=" + lastname;
-                       errorUrl += "&email=" + email;
+                       errorUrl += "&username=" + encode(username);
+                       errorUrl += "&firstname=" + encode(firstname);
+                       errorUrl += "&lastname=" + encode(lastname);
+                       errorUrl += "&email=" + encode(email);
                        response.sendRedirect(errorUrl);
                        return;
                } else if (!password.equals(password2)) {
-                       String error = URLEncoder.encode("Passwords do not match", "UTF-8");
+                       String error = encode("Passwords do not match");
                        String errorUrl = "register.jsp?error=" + error;
-                       errorUrl += "&username=" + username;
-                       errorUrl += "&firstname=" + firstname;
-                       errorUrl += "&lastname=" + lastname;
-                       errorUrl += "&email=" + email;
+                       errorUrl += "&username=" + encode(username);
+                       errorUrl += "&firstname=" + encode(firstname);
+                       errorUrl += "&lastname=" + encode(lastname);
+                       errorUrl += "&email=" + encode(email);
                        response.sendRedirect(errorUrl);
                        return;
                } else if (!"on".equalsIgnoreCase(accept)) {
-                       String error = URLEncoder.encode("You must accept the terms and conditions", "UTF-8");
+                       String error = encode("You must accept the terms and conditions");
                        String errorUrl = "register.jsp?error=" + error;
-                       errorUrl += "&username=" + username;
-                       errorUrl += "&firstname=" + firstname;
-                       errorUrl += "&lastname=" + lastname;
-                       errorUrl += "&email=" + email;
+                       errorUrl += "&username=" + encode(username);
+                       errorUrl += "&firstname=" + encode(firstname);
+                       errorUrl += "&lastname=" + encode(lastname);
+                       errorUrl += "&email=" + encode(email);
                        response.sendRedirect(errorUrl);
                        return;
                }
@@ -196,11 +197,11 @@ public class Registration extends HttpServlet {
                try {
                        user = getService().findUser(username);
                        if (user != null) {
-                               String error = URLEncoder.encode("The username already exists", "UTF-8");
+                               String error = encode("The username already exists");
                                String errorUrl = "register.jsp?username=&error=" + error;
-                               errorUrl += "&firstname=" + firstname;
-                               errorUrl += "&lastname=" + lastname;
-                               errorUrl += "&email=" + email;
+                               errorUrl += "&firstname=" + encode(firstname);
+                               errorUrl += "&lastname=" + encode(lastname);
+                               errorUrl += "&email=" + encode(email);
                                response.sendRedirect(errorUrl);
                                return;
                        }
@@ -208,7 +209,7 @@ public class Registration extends HttpServlet {
                                getService().createLdapUser(username, firstname, lastname, email, password);
                        } catch (Exception e) {
                                logger.error(e);
-                               response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
+                               handleException(response, e.getMessage());
                                return;
                        }
                        final UserDTO userDto = new TransactionHelper<UserDTO>().tryExecute(new Callable<UserDTO>() {
@@ -228,22 +229,28 @@ public class Registration extends HttpServlet {
                        });
                        response.sendRedirect("registered.jsp");
                } catch (RpcException e) {
-                       String error = "An error occurred while communicating with the service";
-                       logger.error(error, e);
-                       response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, error);
+                       logger.error(e);
+                       handleException(response, "An error occurred while communicating with the service");
                } catch (DuplicateNameException e) {
                        // Can't happen, but this is more user-friendly than an assert.
-                       String error = URLEncoder.encode("The username already exists", "UTF-8");
-                       String errorUrl = "register.jsp?username=&firstname=&lastname=&email=&error=" + error;
-                       response.sendRedirect(errorUrl);
+                       logger.error(e);
+                       handleException(response, "The username already exists");
                } catch (ObjectNotFoundException e) {
                        // Can't happen, but this is more user-friendly than an assert.
-                       String error = URLEncoder.encode("No username or name was specified", "UTF-8");
-                       String errorUrl = "register.jsp?username=&firstname=&lastname=&email=&error=" + error;
-                       response.sendRedirect(errorUrl);
+                       logger.error(e);
+                       handleException(response, "No username or name was specified");
                } catch (Exception e) {
                        logger.error(e);
-                       response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
+                       handleException(response, e.getMessage());
                }
        }
+
+       private void handleException(HttpServletResponse response, String error) throws IOException {
+               String errorUrl = "register.jsp?username=&firstname=&lastname=&email=&error=" + encode(error);
+               response.sendRedirect(errorUrl);
+       }
+
+       protected String encode(String parameter) throws UnsupportedEncodingException {
+               return URLEncoder.encode(parameter, "UTF-8");
+       }
 }

diff --git a/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java b/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java
index 5fa4a3d..0cb2971 100644 (file)
--- a/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java
+++ b/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java
@@ -2644,8 +2644,7 @@ public class ExternalAPIBean implements ExternalAPI, ExternalAPIRemote {
        public void createLdapUser(String username, String firstname, String lastname, String email, String password) {
                LDAPConnection lc = new LDAPConnection();
         LDAPAttributeSet attributeSet = new LDAPAttributeSet();
-        attributeSet.add(new LDAPAttribute("objectClass",
-                       getConfiguration().getString("objectClass")));
+        attributeSet.add(new LDAPAttribute("objectClass", getConfiguration().getStringArray("objectClass")));
         attributeSet.add(new LDAPAttribute("uid", username));
         attributeSet.add(new LDAPAttribute("cn", new String[]{firstname + " " + lastname}));
         attributeSet.add(new LDAPAttribute("sn", lastname));

diff --git a/war/register.jsp b/war/register.jsp
index 76097b4..e40275e 100644 (file)
--- a/war/register.jsp
+++ b/war/register.jsp
@@ -39,19 +39,19 @@ You may sign up for the service by filling and submitting the following form. Al
     <table>
         <tr>
             <td>Firstname:</td>
-            <td><input type="text" name="firstname" title="Enter a firstname" value="<%= request.getParameter("firstname") != null? request.getParameter("firstname"): ""  %>"/></td>
+            <td><input type="text" name="firstname" title="Enter a firstname" value="<%= request.getParameter("firstname") != null? URLDecoder.decode(request.getParameter("firstname"), "UTF-8"): ""  %>"/></td>
         </tr>
         <tr>
             <td>Lastname:</td>
-            <td><input type="text" name="lastname" title="Enter a lastname" value="<%= request.getParameter("lastname") != null? request.getParameter("lastname"): ""  %>"/></td>
+            <td><input type="text" name="lastname" title="Enter a lastname" value="<%= request.getParameter("lastname") != null? URLDecoder.decode(request.getParameter("lastname"), "UTF-8"): ""  %>"/></td>
         </tr>
         <tr>
             <td>E-Mail:</td>
-            <td><input type="text" name="email" title="Enter an e-mail address" value="<%= request.getParameter("email") != null? request.getParameter("email"): "" %>"/></td>
+            <td><input type="text" name="email" title="Enter an e-mail address" value="<%= request.getParameter("email") != null? URLDecoder.decode(request.getParameter("email"), "UTF-8"): "" %>"/></td>
         </tr>
         <tr>
             <td>Username:</td>
-            <td><input type="text" name="username" title="Enter a username" value="<%= request.getParameter("username") != null? request.getParameter("username"): "" %>"/></td>
+            <td><input type="text" name="username" title="Enter a username" value="<%= request.getParameter("username") != null? URLDecoder.decode(request.getParameter("username"), "UTF-8"): "" %>"/></td>
         </tr>
         <tr>
             <td>Password:</td>