daily pastebin goal
59%
SHARE
TWEET

Untitled

a guest May 23rd, 2018 143 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [Webr.PX]com.webridge.app.portal.methods.CacheGroupsForUserMethod
  2.  
  3. function formHandler(sch)
  4. {
  5.     var ret;
  6.     var womVars = wom.variables(); 
  7.     var pageSuccess = "page.Success";
  8.     var pageError = "page.Error";
  9.     var passwordExpirationDaysError = "passwordExpirationDays.Error";
  10.     var accountHelpError = "accountHelp.Error";
  11.                            
  12.     try {
  13.         var errors = setAttributesFromForm("Login Helper.");
  14.         if (reportJavaErrors("", errors)) {
  15.             womVars(passwordExpirationDaysError) = "<br>Error copying input from form";
  16.             throw(new Error(-1, "Error copying input from form" + errors.length + "*!*"));
  17.         }
  18.        
  19.         if (null != sch.form("clearLoginImage")) {
  20.             this.loginImage = null;
  21.         }
  22.        
  23.         this.legalNoticeText = sch.getDelimitedFormVariable("legalNoticeText", "\r\n");
  24.        
  25.         // PRS15190 add Legal Notice - adding code for the Legal Notification functionality
  26.         // Ensure there is a date in the .dateLegalNoticeUpdated attribute
  27.         if(this.dateLegalNoticeUpdated == null || this.dateLegalNoticeUpdated == "")
  28.             this.setLegalNoticeDate();
  29.        
  30.         // Check to see if the .dateLegalNoticeUpdated should be reset. During login (see .browserRedirectHook)
  31.         // this date is compared to the user's acceptance date to determine if user should see Legal Notice
  32.         if(null != sch.form("resetAcceptanceDate")){
  33.             this.setLegalNoticeDate();
  34.            
  35.             // Return message to the client
  36.             var legalNoticeDateSuccess = "legalNoticeDateSuccess";
  37.             womVars(legalNoticeDateSuccess) = "<br>Acceptance date successfully updated for all users"
  38.         }
  39.         // end PRS15190
  40.        
  41.         //ghall set the default self-register container
  42.         if (null != sch.form("folder") && "" != sch.form("folder")) {
  43.             CustomUtils.selfRegisterContainer = sch.form("folder");
  44.         }
  45.  
  46.        
  47.         // Account Help Settings
  48.         // Commonly called the "Forgot your password?" functionality.  The account help system can be ON or OFF. ON means that the "Forgot Password?"
  49.         // and "Forgot Username?" links can appear on any of the login (page) if these links are enabled in the individual login component.
  50.         // accountHelpOn is the site wide setting that can enable/disable the "Forgot your password?" and "Forgot your user name?" links from all the components
  51.         // Site Manager who then must take action.  
  52.                
  53.         // The following entity reference contains the set of administrators (UserRole) who are usually the Site Managers who then must take action.
  54.        
  55.         // Check to see if the account help system should be ON or OFF and take appropriate actions.  
  56.         var isOn = sch.form("Login Helper.accountHelpOn");
  57.         if(isOn != null){ // account help system is ON.
  58.             var accountHelpAdministrators = sch.form("Login Helper.accountHelpAdministrators");
  59.             if ((accountHelpAdministrators == null) || (accountHelpAdministrators == "")) {
  60.                 womVars(accountHelpError) = "<br>Error Account Help Manager is required when help is on";
  61.                 throw(new Error(-1, "Error Account Help Manager is required when help is on"));
  62.             }
  63.         }
  64.         // Add Users to the set of Persons whose password can not be reset using this system.
  65.         if (accountHelpPersonsToExclude != null) accountHelpPersonsToExclude.removeAllElements();
  66.         var objPerson;
  67.         var strOIDS = sch.form("adminNames");
  68.         if(strOIDS){
  69.             // The following eSet contains all those persons whose password can not be automatically reset (to prevent joe user from changing
  70.             // the "administrator" password).  Verify that the eSet is initialized, if not create it.
  71.             if(accountHelpPersonsToExclude == null){
  72.                 accountHelpPersonsToExclude = ApplicationEntity.createEntitySet("Person");
  73.             }
  74.             var personOIDArray = strOIDS.split(", ");
  75.             for(i=0;i<personOIDArray.length;i++){
  76.                 objPerson = wom.getEntityFromString(personOIDArray[i]);
  77.                 accountHelpPersonsToExclude.addElement(objPerson); 
  78.             }
  79.         }
  80.  
  81.         womVars(pageSuccess) = "<br>Policy successfully updated";
  82.         return PageUtils.returnAdminFormSuccess(sch);
  83.        
  84.     } catch(e) {
  85.         wom.log("EXCEPTION Login Helper.formHandler:" + e.description);
  86.         SystemUtils.rethrowRetryableException(e);
  87.         womVars(pageError) = "<br>Submission did not succeed, please see messages below...";
  88.         ret = sch.FormReturnValues.ABORT_REPAINT;
  89.     }
  90.    
  91.     return ret;
  92. }
  93.  
  94. function getLoginUrlWithRedirect(sch)
  95. {
  96.     if (sch == null) sch = wom.getContext("_ScriptingContextHelper");
  97.     /**
  98.     Get the url for the login page based on the container querystring value passed in.
  99.     If container is null the default root container has the login path
  100.     The user will be redirect to a container that has a login component.
  101.     **/
  102.     var loginUrl= getLoginUrl(sch);
  103.    
  104.    
  105.    
  106.  
  107.     /**
  108.         Augment the login page URL with a query string containing the
  109.         full URL used to reach this page.
  110.     **/
  111.     var augmentedLoginUrl = sch.makeUrlToRedirectToIntermediate(loginUrl);
  112.  
  113.  
  114.     return augmentedLoginUrl;
  115. }
  116.  
  117. /* 2/5/2004 Kevin Wong:  
  118.  * This method is currently called by /Rooms/RoomComponents/LoginView/DisplayLogoffRequested
  119.  * and /Rooms/RoomComponents/LoginView/DisplayLogOff.
  120.  * If this method returns a non-null non-empty string, it redirects to that string.
  121.  * Otherwise, it redirects to the default login component after logging off.
  122.  * This method should not be modified, instead subclass ExternalConnector and
  123.  * override it's getLogoffRedirectUrl() to specify a custom redirection URL.
  124.  */
  125. function getLogoffRedirectUrl()
  126. {
  127.     //
  128.     var redirectUrl = ApplicationEntity.getTypeNamed(CustomUtils.externalConnectionType).getLogoffRedirectUrl();
  129.     if (redirectUrl == null || redirectUrl == "")
  130.         redirectUrl = ApplicationEntity.getCurrentUrl();
  131.     return redirectUrl;
  132. }
  133.  
  134. [Webr.PX]com.webridge.app.portal.methods.GroupsForUserMethod
  135.  
  136. function handleAutoLogin(sch)
  137. {
  138.     //wom.log("Login Helper.handleAutoLogin:");
  139.     //Check for a logged in user  
  140.     try {
  141.         var user=Person.getCurrentUser();
  142.         if (user) {
  143.             wom.log("Login Helper.handleAutoLogin:user already exists, do nothing");           
  144.             return "";
  145.         } else {    
  146.             return checkAutoLoginCookies(sch);
  147.         }
  148.     }
  149.     catch (e) {
  150.         var womvars= wom.variables();  
  151.         var wex = WOM.getLastWebrException();
  152.         if ((null != wex) && wex.isRetryable()) {
  153.             wom.log("EXCEPTION Login Helper.handleAutoLogin: framework will retry. " + e.description);
  154.             throw e; // the framework will retry the exception 
  155.         }
  156.         wom.log("EXCEPTION Login Helper.handleAutoLogin: " + e.description);
  157.         return "Login Error: " + e.description;
  158.     }
  159. }
  160.  
  161.              
  162. function checkAutoLoginCookies(sch){
  163.     //wom.log("Login Helper.handleAutoLogin:checkAutoLoginCookies");
  164.    
  165.     try {
  166.         /**Com constants
  167.         var InvalidUserNameHresult = 0x80048315;
  168.         var InvalidPasswordHresult = 0x80048244;
  169.         var PasswordMustChangeHresult = 0x80048247;
  170.         var AccountDisabledHresult  = 0x80048245;
  171.         var TooManyLogonAttemptsHresult = 0x80048248;
  172.         **/
  173.         var InvalidUserNameHresult = -2147187947;
  174.         var InvalidPasswordHresult = -2147188156;
  175.         var PasswordMustChangeHresult = -2147188153;
  176.         var AccountDisabledHresult  = -2147188155;
  177.         var TooManyLogonAttemptsHresult = -2147188152;
  178.    
  179.         // Check to see if we have cookies with the login info.
  180.         //This can be disabled by the "autologin=no" query string.
  181.      
  182.         var autologinCookie = "autologin";
  183.         /**
  184.         To make it less obvious to the casual observer what these values are,
  185.         the cookie names are changed and defined as follows
  186.        
  187.         "qlfgh" - userName from the auto login cookie
  188.         "mglts" - password from the auto login cookie
  189.         **/
  190.         var autologinuserCookie = "qlfgh";
  191.         var autologinpasswordCookie = "mglts";
  192.        
  193.         var autologinQSValue = sch.QueryString(autologinCookie);
  194.        
  195.         if (autologinQSValue=="no"){
  196.             //Clear any autologin cookies
  197.             wom.log("Login:CheckAutoLoginCookies: Clearing auto login cookies per user request.");
  198.             clearAutologinCookies(sch);
  199.             return "";
  200.         }
  201.        
  202.         var sessionContext = wom.getSessionContext();
  203.  
  204.         if (rememberedUser(sch) =="ntuser") {
  205.             //remembered as Windows Login
  206.             //wom.log("Login Helper.handleAutoLogin.CheckAutoLoginCookies: Windows Login requested.");
  207.             if(!handleWindowsLogin(sch)){
  208.                 wom.log("Login Helper.handleAutoLogin.CheckAutoLoginCookies: Windows Login fails. Clearing auto login cookies.");          
  209.                 clearAutologinCookies(sch);
  210.                 return "Autologin error: Invalid Windows Identity login";
  211.             }
  212.             return "";
  213.         } else if (rememberedUser(sch) =="password") {
  214.             /**
  215.             remembered as password Login, autologin == "password"
  216.             Regular user name and password login
  217.             **/
  218.             var username = null;
  219.             var password = null;
  220.             var cookieUsername = sch.getCookie(autologinuserCookie);
  221.             var cookiePassword = sch.getCookie(autologinpasswordCookie);
  222.             if (cookieUsername != null)  username = decodeCookieValue(cookieUsername);
  223.             if (cookiePassword != null)  password = decodeCookieValue(cookiePassword);  
  224.             //wom.log("Login Helper.handleLoginSubmit: cookieUsername=" + cookieUsername + ", username=" + username + ", cookiePassword=" + cookiePassword + ", password=" + password);
  225.        
  226.             if (!username) {
  227.                 wom.log("Login Helper.handleAutoLogin.CheckAutoLoginCookies: username blank.  Clear cookie and return");                   
  228.                 clearAutologinCookies(sch);
  229.                 return "Autologin error: user name cannot be blank";
  230.             }
  231.  
  232.             // Retrieve the service and perform the login
  233.  
  234.             var useSecureSession = false;   // this site does not employ secure sessions
  235.             var redirectBrowser = true;     // perform standard browser redirection when done
  236.  
  237.             var svc = sessionContext.service("/Webridge/UserLoginServices");
  238.             var logonAuditMessage = "";
  239.        
  240.             try {
  241.                 svc.passwordLogin(useSecureSession, redirectBrowser, username, password);
  242.                 try {
  243.                     LogonAudit.HandleAuditTrail(sch, username, "success", "");
  244.                 } catch(aErr) {
  245.                     //ignore this
  246.                 }
  247.                 return "";
  248.             } catch (e){
  249.                 wom.log("Login Helper.handleAutoLogin.CheckAutoLoginCookies:svc.passwordLogin Error: " + e.description);  
  250.                 clearAutologinCookies(sch);
  251.                 var retError = "";
  252.                 switch (e.number) {
  253.                     case PasswordMustChangeHresult:
  254.                         setLoginStatusOnServer(sch, "autologinpasswordchange");
  255.                         // Save the username, password, and error to be able to display
  256.                         // in the component form when prompting to change password.
  257.                        
  258.                         // Caller redirect browser with appropriate query string to indicate error.
  259.                        
  260.                         /**
  261.                         To make it less obvious to the casual observer what these values are,
  262.                         the cookie names are changed and defined as follows
  263.                        
  264.                         "dmele" - login userName from the form
  265.                         "lyirm" - login password from the form
  266.                         "zflks" - during password change the confirmation of password
  267.                         "mdfpd" - during password change the old password from the form
  268.                         **/
  269.                         var loginUserCookie = "dmele";
  270.                         var loginPasswordCookie = "lyirm";
  271.                         var secureCookie = sch.usingSslEncryption   // true if our cookies are secure cookies
  272.                         var cookieScopeAllPath = scopeAllPath(sch);
  273.                         sch.writeCookie(loginUserCookie, UrlUtils.URLEncode(encodeCookieValue(username)), null, secureCookie, "", cookieScopeAllPath);
  274.                         sch.writeCookie(loginPasswordCookie, UrlUtils.URLEncode(encodeCookieValue(password)), null, secureCookie, "", cookieScopeAllPath);
  275.                         retError = "Autologin error: your password has expired. Please change your password.";
  276.                         logonAuditMessage = "Autologin: Password must change"
  277.                         break;
  278.                        
  279.                     case InvalidUserNameHresult:
  280.                         logonAuditMessage = "Autologin: Invalid username"
  281.                         retError = "Autologin error: Invalid Login.";
  282.                         break;
  283.                        
  284.                     case InvalidPasswordHresult:
  285.                         retError = "Autologin error: Invalid Login.";
  286.                         logonAuditMessage = "Autologin: Invalid password"
  287.                         break;
  288.                        
  289.                     case AccountDisabledHresult:
  290.                         retError = "Autologin error: Unable to login, your account has been disabled. Please contact your system administrator.";
  291.                         logonAuditMessage = "Autologin: Account disabled";
  292.                         break;
  293.                        
  294.                     case TooManyLogonAttemptsHresult:
  295.                         retError = "Autologin error: Invalid Login."
  296.                         logonAuditMessage = "Autologin: Too many logon attempts: account locked"
  297.                         break;
  298.                    
  299.                     default:
  300.                         logonAuditMessage = "Autologin: Internal error";
  301.                         retError = "Autologin error: Internal error: " + e.description;
  302.                 }
  303.                 try {
  304.                     LogonAudit.HandleAuditTrail(sch, username, "fail", logonAuditMessage); 
  305.                 } catch(aErr) {
  306.                     //ignore this
  307.                 }
  308.                 return retError;
  309.             }
  310.         } else {
  311.             /**
  312.             The autologin cookie was empty or null
  313.             **/
  314.             return "Autologin error: No remembered user";
  315.         }
  316.     } catch(e)   {
  317.         wom.log("Login Helper.handleAutoLogin.CheckAutoLoginCookies:Exception: " + e.description);
  318.         return "Login Helper.handleAutoLogin.CheckAutoLoginCookies:Exception: " + e.description;
  319.     }
  320. }//Function checkAutoLoginCookies
  321.  
  322. function handleWindowsLogin(sch)
  323. {
  324.     //
  325.     // FUNCTION: handleWindowsLogin
  326.     //
  327.     // --- NTLM Login Script ---
  328.      
  329.     // This page should be configured to require an insecure session.
  330.     // (If a secure session is desired, remember to also adjust
  331.     // "useSecureSession" below.)
  332.      
  333.     // This method should return 0 for success
  334.     // or any other value for failure.  See
  335.     // the MainSpan documentation for specific
  336.     // result codes.
  337.      // NTLM login pages need to force IIS to retrieve
  338.     // the client user's Windows identity:
  339.     //
  340.     // See if we're anonymous.  If so, send back a 401
  341.     // to force IIS to attempt NTLM handshake.  If it
  342.     // succeeds, we'll come back here and no longer be
  343.     // anonymous.
  344.     //
  345.     //wom.log("Login Helper:handleWindowsLogin");
  346.     var sessionContext = wom.getSessionContext();
  347.  
  348.     var servervars = sch.servervariables;
  349.     var login = servervars("LOGON_USER") ;
  350.     //wom.log("Login Helper:handleWindowsLogin: login=" + login);
  351.     if (!login) {
  352.         sch.status("401 Unauthorized");
  353.         if (getLoginStatusOnServer() != "handshake") {
  354.             setLoginStatusOnServer(sch, "handshake");
  355.         } else {
  356.             wom.log("401 Unauthorized");
  357.             setLoginStatusOnServer(sch, "handshakefailed");
  358.         }
  359.         return true;
  360.     }
  361.  
  362.     // Clear the login status cookie since we are past the handshake
  363.     clearLoginStatusOnServer(sch);
  364.  
  365.     // Retrieve the service and perform the login
  366.  
  367.     var useSecureSession = false;   // this site does not employ secure sessions
  368.     var redirectBrowser = true; // perform standard browser redirection when done
  369.  
  370.     //var InvalidUserNameHresult = 0x80048315;
  371.     //var InvalidPasswordHresult = 0x80048244;
  372.     var InvalidUserNameHresult = -2147187947;
  373.     var InvalidPasswordHresult = -2147188156;
  374.  
  375.     var svc = sessionContext.service("/Webridge/UserLoginServices") ;
  376.  
  377.     try {
  378.         svc.ntLogin(useSecureSession, redirectBrowser);
  379.         // Clear the "form" state which requests the type of login.
  380.         // (Otherwise we implicitly login this way without
  381.         // prompting the user if he logs out and attempts to log in
  382.         // in the same browser session.)
  383.         clearCookie(sch, "logintype", scopeAllPath(sch));
  384.  
  385.     } catch (e) {
  386.         //wom.log("Login Helper:handleWindowsLogin: " + e.description);
  387.         var womvars = wom.variables();
  388.         if (e.number==InvalidUserNameHresult || e.number== InvalidPasswordHresult) {
  389.             womvars("WEBR_LOGIN_ERROR") = "Invalid Windows Identity login";
  390.             wom.log(e.description);
  391.             return false;
  392.         } else {
  393.             womvars("WEBR_LOGIN_ERROR") = "Windows Identity Login error: " + e.number + " " + e.description;
  394.             // Rethrow the error out of this method.       
  395.             wom.log(e.description);
  396.             throw(e);
  397.         }
  398.     }
  399.     return true;
  400. }
  401.  
  402. function redirectToAutoLogin(sch)
  403. {
  404.     var currentUrl = sch.urlEncode(ApplicationEntity.getCurrentUrl());
  405.     var loginProtocol = getProtocolName(sch);
  406.     var autologinUrl = sch.fullUrlFromSpecificUstUrl(loginProtocol, "Rooms", "/RoomComponents/LoginView/Autologin/Autologin");
  407.     var redirect = sch.QueryString("redirect");
  408.     var redirectUrl;
  409.     if ((redirect != null) && (redirect.length > 0)) {
  410.         redirectUrl = autologinUrl + "?redirect=" + sch.urlEncode(redirect) + "&redirecterror=" + currentUrl;
  411.     } else {
  412.         redirectUrl = autologinUrl + "?redirecterror=" + currentUrl;
  413.     }
  414.     sch.redirectClientBrowser(redirectUrl);
  415. }
  416.  
  417. function sendForgotNotification(sch, personSet, username, newpassword, notifyType)
  418. {
  419.     /**
  420.     notifyType - can be forgot password or username
  421.     username - the user name provided during forgot password or
  422.         the emailaddress provided during the forgot username
  423.     **/
  424.     try {
  425.         var subject, actionURL, templates;
  426.  
  427.         // Check the per-store setting that tells whether Notification Manager capability
  428.         // was selected for this store during setup.
  429.         if (!SiteUtils.notificationsOn) return false;
  430.  
  431.         switch (notifyType) {
  432.             case "username":
  433.                 subject = "New Password for the User " +  username;
  434.                 // TODO: AAA - This template doesn't exist by default, ask someone
  435.                 templates = getElements("NMTemplateForName", "name", "ForgottenPassword");
  436.                 break;
  437.             case "password":
  438.                 subject = "Forgot user name for " +  username;
  439.                 // TODO: AAA - This template doesn't exist by default, ask someone
  440.                 templates = getElements("NMTemplateForName", "name", "ForgottenUsername");
  441.                 break;
  442.             default:
  443.                 return false;
  444.                 break;
  445.         }
  446.  
  447.         actionURL = sch.fullUrlFromUnsUrl(getLoginUrl());
  448.         if (templates.count() == 0) return false;
  449.        
  450.         webmasters = getElements("Site Managers");
  451.        
  452.         try {
  453.             NMJob.notifyPeople(null, null , personSet, subject, actionURL, webmasters.item(1), templates.item(1));
  454.         } catch(e) {
  455.             wom.log("EXCEPTION Login Helper.sendForgotNotification: NMJob.notifyPeople failed - " + e.description);
  456.             return false;
  457.         }
  458.         //A new Password had been sent to your preferred e-mail address.
  459.         return true;
  460.     } catch(e) {
  461.         wom.log("EXCEPTION Login Helper.sendForgotNotification: " + e.description);
  462.         throw(e);
  463.     }
  464. }
  465.  
  466. function writeAutologinCookiesFromSession(sch)
  467. {
  468.     //
  469.     // This should only be called from the AutoLogin page.
  470.     //
  471.    
  472.     var sessionContext = wom.getSessionContext();
  473.     if (!sessionContext.isConnected()) {
  474.         wom.log("Login Helper.writeAutologinCookiesFromSession: ERROR: no session");
  475.         return;
  476.     }
  477.     var sessionVars = sessionContext.variables();
  478.     /**
  479.     To make it less obvious to the casual observer what these values are,
  480.     the cookie names are changed and defined as follows
  481.  
  482.     "qlfgh" - userName from the auto login cookie
  483.     "mglts" - password from the auto login cookie
  484.     **/
  485.     var autologinuserCookie = "qlfgh";
  486.     var autologinpasswordCookie = "mglts";
  487.     var autologinCookie = "autologin";
  488.    
  489.     // The autologin cookie values are passed in session variables by
  490.     // Login Helper.handleLoginSubmit()
  491.     var cookieUserName = sessionVars(autologinuserCookie);
  492.     var cookiePassword = sessionVars(autologinpasswordCookie);
  493.     // Clear session values so they don't continue to be visible
  494.     // to subsequent page hits.
  495.     //
  496.     // (Note: This means that if our transaction is retried we will
  497.     // not have these values when we're reinvoked.  However retries are
  498.     // unlikely in this case since our page hit shouldn't be modifying
  499.     // any transactional state, so we should be unlikely to contend
  500.     // with anything.)
  501.     sessionVars(autologinuserCookie) = null;
  502.     sessionVars(autologinpasswordCookie) = null;
  503.      
  504.     if ((cookieUserName == null) || (cookieUserName == "")) {
  505.         wom.log("Login Helper.writeAutologinCookiesFromSession: ERROR: missing autologinuser session variable");
  506.         return;
  507.     }
  508.     if ((cookiePassword == null) || (cookiePassword == "")) {
  509.         wom.log("Login Helper.writeAutologinCookiesFromSession: ERROR: missing autologinpassword session variable");
  510.         return;
  511.     }
  512.     //wom.log("Login Helper.writeAutologinCookiesFromSession: cookieUserName=" + cookieUserName + ", cookiePassword=" + cookiePassword);
  513.    
  514.     // cookies expire 1 year from now
  515.     var nextYear = new Date();
  516.     nextYear.setYear(nextYear.getYear() + 1);
  517.     var cookieExpires = new Date(nextYear).getVarDate();
  518.    
  519.     var secureCookie = sch.usingSslEncryption;
  520.     var scopeALCPath = scopeAutologinCookiePath(sch);
  521.    
  522.     sch.writeCookie(autologinCookie, "password", cookieExpires, secureCookie, "", scopeAllPath(sch));
  523.     //scope the cookies to the Login page path
  524.     sch.writeCookie(autologinuserCookie, UrlUtils.URLEncode(cookieUserName), cookieExpires, secureCookie, "", scopeALCPath);
  525.     sch.writeCookie(autologinpasswordCookie, UrlUtils.URLEncode(cookiePassword), cookieExpires, secureCookie, "", scopeALCPath);
  526. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top