So does the cms.addWebUser encrypt the password for me?<br><br>Also, is there a way I can set the password myself? So, how can I take a cleartext password and encrypt it then update the user table?<br><br><br><br><div><span class="gmail_quote">
On 2/7/07, <b class="gmail_sendername">Marc Fiévet</b> <<a href="mailto:marc@fievet.be">marc@fievet.be</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hello, try this:<br><%@ page session="false" %><br>> <%@ taglib prefix="cms" uri="<a href="http://www.opencms.org/taglib/cms">http://www.opencms.org/taglib/cms</a>" %><br>><br>
> <%@ page import="org.opencms.jsp.CmsJspActionElement,<br>> org.opencms.file.CmsObject,<br>> org.opencms.file.CmsUser,<br>> java.sql.*,<br>> java.io.*,<br>> java.util.Hashtable
"<br>> %><br>> <%<br>> String firstName = request.getParameter("fname");<br>> String lastName = request.getParameter("lname");<br>> String userName = request.getParameter("uname");
<br>> String email = request.getParameter("email");<br>> String password1 = request.getParameter("pw1");<br>> String password2 = request.getParameter("pw2");<br>> String group = "Guests";
<br>> CmsJspActionElement cmsjsp =<br>> new CmsJspActionElement( pageContext, request, response );<br>><br>> CmsObject cms = cmsjsp.getCmsObject();<br>><br>> // simple validation<br>> if ( userName == null || "".equals(userName) ) {
<br>> throw new Exception( "User Name is required." );<br>> } else if ( email == null || "".equals(email) ) {<br>> throw new Exception( "Email is required." );<br>> } else if ( password1 == null || "".equals( password1 ) ) { throw new
<br>> Exception( "Password is required." ); } else if ( password2 == null ||<br><br>> "".equals( password2 ) ) { throw new Exception( "Password Again is<br>> required." ); } else if ( email == null || "".equals( email ) ) {
<br>> throw new Exception( "Email address must be valid." ); } else if (<br>> !password1.equals( password2 )) { throw new Exception( "Passwords do<br>> not match." ); } else if ( password1.length
() < 7 ) { throw new<br>> Exception( "Password must be at least 7 characters." ); } // Set<br>> default values for optional params. if ( firstName == null ) {<br>> firstName = ""; }<br>>
<br>><br>><br>> group = "Guests";<br>><br>><br>> if ( lastName == null ) {<br>> lastName = "";<br>> }<br>> // Hashtable for custom parameters<br>> Hashtable params = new Hashtable();
<br>> params.put("test",new Timestamp(System.currentTimeMillis()));<br>><br>> CmsUser user = null;<br>> try {<br>> user = cms.addWebUser( userName, // Username<br>> password1, // Password
<br>> group, // Default Group<br>> "Web User", // Comment<br>> params // Params Hashtable<br>> );<br>> user.setFirstname( firstName );<br>> user.setLastname( lastName );
<br>> user.setEmail( email );<br>> cms.writeWebUser( user ); // Write changes to DB.<br>> }<br>> catch (Exception e) {<br>> e.printStackTrace(new PrintWriter(out));<br>> }<br>> %>
<br><br>-----Message d'origine-----<br>De : <a href="mailto:opencms-dev-bounces@opencms.org">opencms-dev-bounces@opencms.org</a><br>[mailto:<a href="mailto:opencms-dev-bounces@opencms.org">opencms-dev-bounces@opencms.org
</a>] De la part de Christian<br>Steinert<br>Envoyé : mercredi 7 février 2007 19:27<br>À : The OpenCms mailing list<br>Objet : Re: [opencms-dev] Has anyone created a Web User self<br>registration JSP???<br><br><br>> I would just create my own JSP if I could find out how the passwords
<br>> are encrypted with OpenCms...???<br>><br><br>Why do you need this?I have not used web users until now, but there<br>should be a setPassword method for them, right? And if it exists, you<br>should hand over the unencrypted password as it is.
<br><br>___<br><br>The principle should be as follows:<br><br>1. - when you create a new web user you set their password in plain text<br>and opencms creates a hash of the password and stores that hash in the<br>database<br>
<br>2. - Whenever your users log in, you ask opencms to check the password<br>and opencms will create a hash of the password that was entered during<br>login and compare that hash with the hash of the stored password. That's
<br>at least how it should be.<br><br>For these operations there should be methods in opencms. I don't think<br>that you have to encrypt the passwords yourself.<br><br>christian<br>______________________________________________________________________
<br>XXL-Speicher, PC-Virenschutz, Spartarife & mehr: Nur im <a href="http://WEB.DE">WEB.DE</a> Club!<br><br>Jetzt gratis testen! <a href="http://freemail.web.de/home/landingpad/?mc=021130">http://freemail.web.de/home/landingpad/?mc=021130
</a><br><br><br>_______________________________________________<br>This mail is sent to you from the opencms-dev mailing list<br>To change your list options, or to unsubscribe from the list, please<br>visit <a href="http://lists.opencms.org/mailman/listinfo/opencms-dev">
http://lists.opencms.org/mailman/listinfo/opencms-dev</a><br><br><br>_______________________________________________<br>This mail is sent to you from the opencms-dev mailing list<br>To change your list options, or to unsubscribe from the list, please visit
<br><a href="http://lists.opencms.org/mailman/listinfo/opencms-dev">http://lists.opencms.org/mailman/listinfo/opencms-dev</a><br></blockquote></div><br><br clear="all"><br>-- <br>---<br>Thanks,<br>Mick Knutson<br><br><a href="http://www.baselogic.com">
http://www.baselogic.com</a><br><a href="http://www.blincmagazine.com">http://www.blincmagazine.com</a><br><a href="http://www.djmick.com">http://www.djmick.com</a><br><a href="http://www.myspace.com/djmick_dot_com">http://www.myspace.com/djmick_dot_com
</a><br><a href="http://www.thumpradio.com">http://www.thumpradio.com</a><br>---