[opencms-dev] Has anyone created a Web User selfregistration JSP???

Isaac R. Higgins isaac.higgins at isaacray.com
Wed Feb 7 21:44:33 CET 2007 

user.setPassword("newpassword");

is a valid function.  it will encrypt it before it goes into the DB


-----Original Message-----
From: opencms-dev-bounces at opencms.org on behalf of Mick Knutson
Sent: Wed 2/7/2007 3:30 PM
To: The OpenCms mailing list
Subject: Re: RE : [opencms-dev] Has anyone created a Web User selfregistration JSP???
 
So does the cms.addWebUser encrypt the password for me?

Also, is there a way I can set the password myself? So, how can I take a
cleartext password and encrypt it then update the user table?



On 2/7/07, Marc Fiévet <marc at fievet.be> wrote:
>
> Hello, try this:
> <%@ page session="false" %>
> > <%@ taglib prefix="cms" uri="http://www.opencms.org/taglib/cms" %>
> >
> > <%@ page import="org.opencms.jsp.CmsJspActionElement,
> >       org.opencms.file.CmsObject,
> >       org.opencms.file.CmsUser,
> >       java.sql.*,
> >       java.io.*,
> >       java.util.Hashtable"
> > %>
> > <%
> > String firstName = request.getParameter("fname");
> > String lastName = request.getParameter("lname");
> > String userName = request.getParameter("uname");
> > String email = request.getParameter("email");
> > String password1 = request.getParameter("pw1");
> > String password2 = request.getParameter("pw2");
> > String group = "Guests";
> > CmsJspActionElement cmsjsp =
> > new CmsJspActionElement( pageContext, request, response );
> >
> > CmsObject cms = cmsjsp.getCmsObject();
> >
> > // simple validation
> > if ( userName == null || "".equals(userName) ) {
> > throw new Exception( "User Name is required." );
> > } else if ( email == null || "".equals(email) ) {
> > throw new Exception( "Email is required." );
> > } else if ( password1 == null || "".equals( password1 ) ) { throw new
> > Exception( "Password is required." ); } else if ( password2 == null ||
>
> > "".equals( password2 ) ) { throw new Exception( "Password Again is
> > required." ); } else if ( email  == null || "".equals( email ) ) {
> > throw new Exception( "Email address must be valid." ); } else if (
> > !password1.equals( password2 )) { throw new Exception( "Passwords do
> > not match." ); } else if ( password1.length() < 7 ) { throw new
> > Exception( "Password must be at least 7 characters." ); } // Set
> > default values for optional params. if ( firstName == null ) {
> > firstName = ""; }
> >
> >
> >
> > group = "Guests";
> >
> >
> > if ( lastName == null ) {
> > lastName = "";
> > }
> > // Hashtable for custom parameters
> > Hashtable params = new Hashtable();
> > params.put("test",new Timestamp(System.currentTimeMillis()));
> >
> > CmsUser user = null;
> > try {
> >       user = cms.addWebUser( userName, // Username
> >       password1, // Password
> >       group, // Default Group
> >       "Web User", // Comment
> >       params // Params Hashtable
> >       );
> >       user.setFirstname( firstName );
> >       user.setLastname( lastName );
> >       user.setEmail( email );
> >       cms.writeWebUser( user ); // Write changes to DB.
> > }
> > catch (Exception e) {
> >       e.printStackTrace(new PrintWriter(out));
> > }
> > %>
>
> -----Message d'origine-----
> De : opencms-dev-bounces at opencms.org
> [mailto:opencms-dev-bounces at opencms.org] De la part de Christian
> Steinert
> Envoyé : mercredi 7 février 2007 19:27
> À : The OpenCms mailing list
> Objet : Re: [opencms-dev] Has anyone created a Web User self
> registration JSP???
>
>
> > I would just create my own JSP if I could find out how the passwords
> > are encrypted with OpenCms...???
> >
>
> Why do you need this?I have not used web users until now, but there
> should be a setPassword method for them, right? And if it exists, you
> should hand over the unencrypted password as it is.
>
> ___
>
> The principle should be as follows:
>
> 1. - when you create a new web user you set their password in plain text
> and opencms creates a hash of the password and stores that hash in the
> database
>
> 2. - Whenever your users log in, you ask opencms to check the password
> and opencms will create a hash of the password that was entered during
> login and compare that hash with the hash of the stored password. That's
> at least how it should be.
>
> For these operations there should be methods in opencms. I don't think
> that you have to encrypt the passwords yourself.
>
> christian
> ______________________________________________________________________
> XXL-Speicher, PC-Virenschutz, Spartarife & mehr: Nur im WEB.DE Club!
>
> Jetzt gratis testen! http://freemail.web.de/home/landingpad/?mc=021130
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please
> visit http://lists.opencms.org/mailman/listinfo/opencms-dev
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
>



-- 
---
Thanks,
Mick Knutson

http://www.baselogic.com
http://www.blincmagazine.com
http://www.djmick.com
http://www.myspace.com/djmick_dot_com
http://www.thumpradio.com
---



-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 5089 bytes
Desc: not available
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20070207/8ff18c95/attachment.bin>

More information about the opencms-dev mailing list