- From: Anselm Baird_Smith <abaird@www43.inria.fr>
- Date: Fri, 15 Nov 1996 10:03:42 +0100 (MET)
- To: "Kai Schmidt" <serkom@schwaben.de>
- Cc: "www-jigsaw@w3.org" <www-jigsaw@w3.org>
Kai Schmidt writes:
> Based on the sample PostableResource.java I wrote a little (dummy) MyPostableResource1
> which I compiled in the w3c.forms Dir beside PostableResource.class.
>
> I than created a resource MPR1 (but this was already different than creating the original
> PostableResource) ??? [The orginal PostableResource works]
>
> In /Test/PostResTest.html I used HTML-Tag <form method=POST action=../MPR1>
>
> If I click on the submit button of the form I obtain an ugly exception.
>
> Could someone scetch how to install a POST Form?
I have attached below a newly written ChangePassword resource that is
a direct subclass of PostableResource (as some example, it will be
included in next release).
The only problem I can see from what you say is that if your HTML is
dynamically generated, you should not hard-code MPR1, but rather do
somehting like:
htmlgenerator.append("<form method=\"POST\" action=\""+getURL()+"\">");
Anselm.
// PasswordEditor.java
// $Id: PasswordEditor.java,v 1.1 1996/11/08 15:54:23 abaird Exp $
// (c) COPYRIGHT MIT and INRIA, 1996.
// Please first read the full copyright statement in file COPYRIGHT.html
package w3c.jigsaw.contrib;
import w3c.www.http.HTTP;
import w3c.jigsaw.http.*;
import w3c.jigsaw.resources.*;
import w3c.jigsaw.forms.*;
import w3c.jigsaw.auth.*;
import w3c.jigsaw.html.*;
/**
* A resource that allows you to change your password.
* This resource should be suitably protected when installed, of course.
*/
public class PasswordEditor extends PostableResource {
/**
* Attribute index - The name of the realm to edit.
*/
protected static int ATTR_REALM = -1;
static {
Class c = null;
Attribute a = null;
try {
c = Class.forName("w3c.jigsaw.contrib.PasswordEditor");
} catch (Exception ex) {
ex.printStackTrace();
System.exit(1);
}
// Register the name of the realm to edit
a = new StringAttribute("realm"
, null
, Attribute.EDITABLE);
ATTR_REALM = AttributeRegistry.registerAttribute(c, a);
}
/**
* The loaded realm, when loaded.
*/
AuthRealm realm = null;
/**
* Get the name of the realm to edit.
* @return The name of the realm to edit, as a String.
*/
public String getRealm() {
return getString(ATTR_REALM, null);
}
protected synchronized boolean changePassword(String username
, String oldpassword
, String newpassword) {
// Get a handle on the authentication realm:
if ( realm == null ) {
// Load the realm from the auth realm catalog:
RealmsCatalog c = getServer().getRealmsCatalog();
String r = getRealm();
if ( r == null ) {
getServer().errlog("PasswordEditor@"+getURL()
+ ": attribute realm no initialized.");
return false;
}
// Really, load the store now:
realm = c.loadRealm(r);
}
// If we did get the realm:
if ( realm != null ) {
// Get the user:
AuthUser user = realm.loadUser(username);
if ( user == null )
return false;
// Check the old password first:
String passwd = user.getPassword();
if ((passwd == null) || ! passwd.equals(oldpassword))
return false;
// Set the new password:
user.setPassword(newpassword);
return true;
}
return false;
}
protected HtmlGenerator generateForm(String msg) {
// Create the HTML and set title:
HtmlGenerator g = new HtmlGenerator("Password editor for "+getRealm());
g.append("<h1>Password editor for "
, getRealm()
, "</h1>");
// If some message is available, dump it:
if ( msg != null )
g.append("<hr>", msg, "</hr>");
// And then display the form:
g.append("<form method=\"POST\" action=\""
, getURL()
, "\">");
g.append("<table width=\"100%\">");
g.append("<tr><th align=right>username");
g.append("<th align=left><input type=\"text\" name=\"username\">");
g.append("<tr><th align=right>old password");
g.append("<th align=left><input type=\"password\" name=\"opasswd\">");
g.append("<tr><th align=right>new password");
g.append("<th align=left><input type=\"password\" name=\"npasswd\">");
g.append("<tr><th align=right>confirm");
g.append("<th align=left><input type=\"password\" name=\"cpasswd\">");
g.append("</table>");
g.append("<input type=\"submit\" value=\"Change\">");
g.append("</form>");
return g;
}
protected final HtmlGenerator generateForm() {
return generateForm(null);
}
/**
* Handle a get request on the password editor.
* Dump a form suitable for editing a user entry.
* @param request The request to handle.
* @return An HTTP Reply instance.
*/
public Reply get(Request request) {
Reply reply = createDefaultReply(request, HTTP.OK);
reply.setStream(generateForm());
return reply;
}
/**
* Handle a post request.
* Do change the password, when possible.
* @param request The request to handle.
* @param data The form decoded data.
* @return An HTTP Reply instance.
*/
public Reply handle(Request request, URLDecoder data) {
String username = data.getValue("username");
String opasswd = data.getValue("opasswd");
String npasswd = data.getValue("npasswd");
String cpasswd = data.getValue("cpasswd");
HtmlGenerator g = null;
if ((username == null)
|| (opasswd == null)
|| (npasswd == null)
|| (cpasswd == null)) {
// Check that all values are available:
if (username == null)
g = generateForm("Fill in <em>all</em> the fields.");
else
g = generateForm("Hey, "+username+", could you feel in "
+ "<em>all</em> the fields please.");
} else if ( ! npasswd.equals(cpasswd) ) {
// Check that new and confirmed password are the same:
g = generateForm("New and confirmed password don't "
+ " match, try again "
+ ((username == null) ? "." : (username+".")));
} else if ( changePassword(username, opasswd, npasswd) ) {
// Run the change:
g = new HtmlGenerator("Password now changed.");
g.append("<h1>Your password has been changed</h1>");
g.append("<p>Operation succeeded, have fun !");
} else {
// Changing the password failed, don't provide explanations:
g = new HtmlGenerator("Password change failed");
g.append("<h1>Changing the password failed</h1>");
g.append("You were not allowed to change the password for user \""
, username
, "\".");
}
// We always succeed, that's cool:
Reply reply = createDefaultReply(request, HTTP.OK);
reply.setStream(g);
return reply;
}
/**
* Empty constructor for dynamic instantiation.
*/
public PasswordEditor() {
}
}
Received on Friday, 15 November 1996 04:03:50 UTC