[Fedora-directory-commits] admservconsole/src/com/netscape/management/admserv/panel CGIAccessSetup.java, 1.3, 1.4

Noriko Hosoi (nhosoi) fedora-directory-commits at redhat.com
Mon Dec 10 18:24:15 UTC 2007 

Author: nhosoi

Update of /cvs/dirsec/admservconsole/src/com/netscape/management/admserv/panel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5734

Modified Files:
	CGIAccessSetup.java 
Log Message:
Resolves: #400341
Summary: Console: unable to reset admin user password (Comment #7)
Description: Adding the code to check if the login user matches the 
Admin User or not using the regular expression.



Index: CGIAccessSetup.java
===================================================================
RCS file: /cvs/dirsec/admservconsole/src/com/netscape/management/admserv/panel/CGIAccessSetup.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- CGIAccessSetup.java	5 Dec 2007 19:54:23 -0000	1.3
+++ CGIAccessSetup.java	10 Dec 2007 18:24:13 -0000	1.4
@@ -50,6 +50,7 @@
     /**
       * CGI arguments used in setConfiguration()
      */
+    // We may want to remove this since we won't be calling set with a new UID
     public String getCGIParamsForSetOp() {
         String uid = getAttribute(AttrNames.ADMPW_UID);
         return "op=set&" + AttrNames.ADMPW_UID + "=" +
@@ -61,7 +62,7 @@
 
         super.save();
 
-        // Use change-sie-passwod command to change the password
+        // Use change-sie-password command to change the password
         String pwd = getAttribute(AttrNames.ADMPW_PWD);
 
         if (pwd != null) {
@@ -74,21 +75,25 @@
                         _consoleInfo.getAuthenticationDN(),
                         _consoleInfo.getAuthenticationPassword());
             } catch (MalformedURLException e) {
-                Debug.println("CGIAccessSetup.save: "+e);
+                Debug.println("CGIDataModel.setConfiguration "+e);
                 throw new RemoteRequestException(e);
             }
 
             if (0 == task.exec()) {
                 // Since we've updated the Admin Password, 
                 // let's update the one in _consoleInfo.
-                _consoleInfo.setAuthenticationPassword(pwd);
+                // But, only do this if we are logged in as the admin user!
+                String authDN = _consoleInfo.getAuthenticationDN().toLowerCase();
+                String authUID = getAttribute(AttrNames.ADMPW_UID).toLowerCase();
+                if (authDN.matches("uid=" + authUID + ", *ou=administrators, *ou=topologymanagement, *o=netscaperoot")) {
+                    _consoleInfo.setAuthenticationPassword(pwd);
+                }
             }
 
             int status = task.getStatus();
+            Debug.println(adminURL + " "+status);
             AdminOperation.processAdmTaskStatus(adminURL, task,
                     _consoleInfo);
         }
     }
-
-
 }

More information about the Fedora-directory-commits mailing list