View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    * 
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   * 
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.portlets.security.users;
18  
19  import java.io.IOException;
20  import java.security.Principal;
21  import java.util.ArrayList;
22  import java.util.Collection;
23  import java.util.Date;
24  import java.util.Iterator;
25  import java.util.LinkedHashMap;
26  import java.util.LinkedList;
27  import java.util.List;
28  import java.util.ResourceBundle;
29  import java.util.Set;
30  import java.util.prefs.Preferences;
31  
32  import javax.portlet.ActionRequest;
33  import javax.portlet.ActionResponse;
34  import javax.portlet.PortletConfig;
35  import javax.portlet.PortletException;
36  import javax.portlet.PortletMode;
37  import javax.portlet.PortletPreferences;
38  import javax.portlet.PortletRequest;
39  import javax.portlet.RenderRequest;
40  import javax.portlet.RenderResponse;
41  import javax.security.auth.Subject;
42  
43  import org.apache.jetspeed.CommonPortletServices;
44  import org.apache.jetspeed.PortalReservedParameters;
45  import org.apache.jetspeed.administration.PortalConfiguration;
46  import org.apache.jetspeed.administration.PortalConfigurationConstants;
47  import org.apache.jetspeed.audit.AuditActivity;
48  import org.apache.jetspeed.components.portletregistry.PortletRegistry;
49  import org.apache.jetspeed.container.JetspeedPortletContext;
50  import org.apache.jetspeed.om.common.UserAttribute;
51  import org.apache.jetspeed.om.common.portlet.MutablePortletApplication;
52  import org.apache.jetspeed.om.folder.Folder;
53  import org.apache.jetspeed.om.folder.FolderNotFoundException;
54  import org.apache.jetspeed.page.PageManager;
55  import org.apache.jetspeed.page.document.NodeSet;
56  import org.apache.jetspeed.portlets.security.SecurityResources;
57  import org.apache.jetspeed.portlets.security.SecurityUtil;
58  import org.apache.jetspeed.profiler.Profiler;
59  import org.apache.jetspeed.profiler.rules.PrincipalRule;
60  import org.apache.jetspeed.request.RequestContext;
61  import org.apache.jetspeed.security.Group;
62  import org.apache.jetspeed.security.GroupManager;
63  import org.apache.jetspeed.security.InvalidNewPasswordException;
64  import org.apache.jetspeed.security.InvalidPasswordException;
65  import org.apache.jetspeed.security.PasswordAlreadyUsedException;
66  import org.apache.jetspeed.security.PasswordCredential;
67  import org.apache.jetspeed.security.Role;
68  import org.apache.jetspeed.security.RoleManager;
69  import org.apache.jetspeed.security.SecurityException;
70  import org.apache.jetspeed.security.User;
71  import org.apache.jetspeed.security.UserManager;
72  import org.apache.jetspeed.security.UserPrincipal;
73  import org.apache.jetspeed.security.om.InternalCredential;
74  import org.apache.portals.bridges.beans.TabBean;
75  import org.apache.portals.bridges.common.GenericServletPortlet;
76  import org.apache.portals.bridges.util.PreferencesHelper;
77  import org.apache.portals.messaging.PortletMessaging;
78  
79  /***
80   * This portlet is a tabbed editor user interface for editing user attributes
81   * and security definitions.
82   *
83   * @author <a href="mailto:jford@apache.com">Jeremy Ford</a>
84   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
85   * @version $Id: UserDetailsPortlet.java 348264 2005-11-22 22:06:45Z taylor $
86   */
87  public class UserDetailsPortlet extends GenericServletPortlet
88  {
89      private final String VIEW_USER = "user"; 
90      private final String VIEW_ROLES = "roles";
91      private final String VIEW_GROUPS = "groups";
92      private final String VIEW_RULES = "rules";
93      private final String VIEW_CREDENTIAL = "credential"; 
94      private final String VIEW_ALL_RULES = "prules";
95      private final String VIEW_PA_USER_ATTRIBUTES = "paUserAttributes";
96      
97      private final String USER_ACTION_PREFIX = "security_user.";
98      private final String ACTION_EDIT_USER = "edit_user";
99      private final String ACTION_UPDATE_ATTRIBUTE = "update_user_attribute";
100     private final String ACTION_REMOVE_ATTRIBUTE = "remove_user_attribute";
101     private final String ACTION_ADD_ATTRIBUTE = "add_user_attribute";
102     private final String ACTION_REMOVE_ROLE = "remove_user_role";
103     private final String ACTION_ADD_ROLE = "add_user_role";
104     private final String ACTION_REMOVE_GROUP = "remove_user_group";
105     private final String ACTION_ADD_GROUP = "add_user_group";
106     private final String ACTION_REMOVE_RULE = "remove_user_rule";
107     private final String ACTION_ADD_RULE = "add_rule";
108     private final String ACTION_UPDATE_CREDENTIAL = "update_user_credential";
109     
110     private final String TAB_USER = "user";
111     private final String TAB_ATTRIBUTES = "user_attributes";
112     private final String TAB_ROLE = "user_role";
113     private final String TAB_GROUP = "user_group";
114     private final String TAB_PROFILE = "user_profile";
115     private final String TAB_CREDENTIAL = "user_credential";
116     
117     /*** the id of the roles control */
118     private static final String ROLES_CONTROL = "jetspeedRoles";
119     
120     /*** the id of the rules control */
121     private static final String RULES_CONTROL = "jetspeedRules";
122     
123     /*** the id of the subsites control */
124     private static final String SUBSITES_CONTROL = "jetspeedSubsites";
125 
126     /*** the id of the groups control */
127     private static final String GROUPS_CONTROL = "jetspeedGroups";
128     
129     public static final String USER_ADMINISTRATION = "J2 User Administration";
130     
131     private PageManager pageManager;
132     private UserManager userManager;
133     private RoleManager roleManager;
134     private GroupManager groupManager;
135     private Profiler profiler;
136     private PortletRegistry registry;
137     private String paIdentifier;
138     private Collection paUserAttributes;
139     private boolean initPrefsAndAttr;
140     private PortalConfiguration configuration;
141     private AuditActivity audit;
142     
143     private LinkedHashMap userTabMap;
144     private LinkedHashMap anonymousUserTabMap;
145     
146     public void init(PortletConfig config)
147     throws PortletException 
148     {
149         super.init(config);
150         userManager = (UserManager)getPortletContext().getAttribute(CommonPortletServices.CPS_USER_MANAGER_COMPONENT);
151         if (null == userManager)
152         {
153             throw new PortletException("Failed to find the User Manager on portlet initialization");
154         }
155         roleManager = (RoleManager)getPortletContext().getAttribute(CommonPortletServices.CPS_ROLE_MANAGER_COMPONENT);
156         if (null == roleManager)
157         {
158             throw new PortletException("Failed to find the Role Manager on portlet initialization");
159         }
160         groupManager = (GroupManager)getPortletContext().getAttribute(CommonPortletServices.CPS_GROUP_MANAGER_COMPONENT);
161         if (null == groupManager)
162         {
163             throw new PortletException("Failed to find the Group Manager on portlet initialization");
164         }
165         profiler = (Profiler)getPortletContext().getAttribute(CommonPortletServices.CPS_PROFILER_COMPONENT);
166         if (null == profiler)
167         {
168             throw new PortletException("Failed to find the Profiler on portlet initialization");
169         }        
170         registry = (PortletRegistry)getPortletContext().getAttribute(CommonPortletServices.CPS_REGISTRY_COMPONENT);
171         if (null == registry)
172         {
173             throw new PortletException("Failed to find the Portlet Registry on portlet initialization");
174         }
175         
176         pageManager = (PageManager)getPortletContext().getAttribute(CommonPortletServices.CPS_PAGE_MANAGER_COMPONENT);
177         if (null == pageManager)
178         {
179             throw new PortletException("Failed to find the Page Manager on portlet initialization");
180         }
181 
182         configuration = (PortalConfiguration)getPortletContext().getAttribute(CommonPortletServices.CPS_PORTAL_CONFIGURATION);
183         if (null == configuration)
184         {
185             throw new PortletException("Failed to find the Portal Configuration on portlet initialization");
186         }
187         
188         audit = (AuditActivity)getPortletContext().getAttribute(CommonPortletServices.CPS_AUDIT_ACTIVITY);
189         if (null == audit)
190         {
191             throw new PortletException("Failed to find the Audit Activity on portlet initialization");            
192         }
193         
194         paIdentifier = ((MutablePortletApplication)((JetspeedPortletContext)config.getPortletContext())
195                 .getApplication()).getApplicationIdentifier();
196     }
197     
198     public void doView(RenderRequest request, RenderResponse response)
199     throws PortletException, IOException
200     {
201         response.setContentType("text/html");
202 
203         if ( !initPrefsAndAttr )
204         {
205             initPrefsAndAttr(request);
206         }
207         
208         String userName = (String)PortletMessaging.receive(request, 
209                                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
210 
211         User user = null;
212         if (userName != null)
213         {
214             user = lookupUser(request, userName);
215         }
216         
217         if (user != null)
218         {       
219             LinkedHashMap tabMap = null;
220             if ( userManager.getAnonymousUser().equals(userName) )
221             {
222                 tabMap = anonymousUserTabMap;
223             }
224             else
225             {
226                 tabMap = userTabMap;
227             }
228             
229             // Tabs
230             request.setAttribute("tabs", tabMap.values());        
231             TabBean selectedTab = 
232                 (TabBean) request.getPortletSession().getAttribute(SecurityResources.REQUEST_SELECT_TAB);
233 
234             if(selectedTab != null && !tabMap.containsKey(selectedTab.getId()))
235             {
236                 selectedTab = null;
237             }
238             
239             if(selectedTab == null)
240             {
241                 selectedTab = (TabBean) tabMap.values().iterator().next();
242             }
243             JetspeedUserBean bean = new JetspeedUserBean(user);
244             request.setAttribute(VIEW_USER, bean);
245             
246             if (selectedTab.getId().equals(TAB_USER))
247             {
248                 request.setAttribute(VIEW_PA_USER_ATTRIBUTES, paUserAttributes);
249                 if ( "true".equals(request.getPreferences().getValue("showPasswordOnUserTab", "false")))
250                 {
251                     request.setAttribute(VIEW_CREDENTIAL, getCredential(request, userName));
252                 }
253             }
254             else if (selectedTab.getId().equals(TAB_ROLE))
255             {                
256                 Collection userRoles = getRoles(request, userName);
257                 request.setAttribute(VIEW_ROLES, userRoles );
258                 
259                 // check for refresh on roles list
260                 String refreshRoles = (String)PortletMessaging.consume(request, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH_ROLES);
261                 List roles = null;
262                 if (refreshRoles == null)
263                 {        
264                     roles = (List) request.getPortletSession().getAttribute(ROLES_CONTROL);
265                 }
266                 
267                 // build the roles control and provide it to the view
268                 try
269                 {
270                     if (roles == null)
271                     {
272                         roles = new LinkedList();
273                         Iterator fullRoles = roleManager.getRoles("");
274                         while (fullRoles.hasNext())
275                         {
276                             Role role = (Role)fullRoles.next();
277                             roles.add(role.getPrincipal().getName());
278                         }
279                         request.getPortletSession().setAttribute(ROLES_CONTROL, roles);
280                     }
281                 }
282                 catch (SecurityException se)
283                 {
284                     throw new PortletException(se);
285                 }
286                 ArrayList selectableRoles = new ArrayList(roles);
287                 Iterator rolesIter = userRoles.iterator();
288                 while ( rolesIter.hasNext() )
289                 {
290                     Role role = (Role)rolesIter.next();
291                     int index = selectableRoles.indexOf(role.getPrincipal().getName());
292                     if (index != -1)
293                     {
294                         selectableRoles.remove(index);
295                     }
296                 }
297                 request.setAttribute(ROLES_CONTROL, selectableRoles);
298                 
299             }
300             else if (selectedTab.getId().equals(TAB_GROUP))
301             {
302                 Collection userGroups = getGroups(request, userName);
303                 request.setAttribute(VIEW_GROUPS, userGroups);
304                 
305                 // check for refresh on groups list
306                 String refreshGroups = (String)PortletMessaging.consume(request, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH_GROUPS);
307                 List groups = null;
308                 if (refreshGroups == null)
309                 {        
310                     groups = (List) request.getPortletSession().getAttribute(GROUPS_CONTROL);
311                 }
312                 
313                 // build the groups control and provide it to the view
314                 try
315                 {
316                     if (groups == null)
317                     {
318                         groups = new LinkedList();
319                         Iterator fullGroups = groupManager.getGroups("");
320                         while (fullGroups.hasNext())
321                         {
322                             Group group = (Group)fullGroups.next();
323                             groups.add(group.getPrincipal().getName());
324                         }
325                         request.getPortletSession().setAttribute(GROUPS_CONTROL, groups);
326                     }
327                 }
328                 catch (SecurityException se)
329                 {
330                     throw new PortletException(se);
331                 }        
332                 ArrayList selectableGroups = new ArrayList(groups);
333                 Iterator groupsIter = userGroups.iterator();
334                 while ( groupsIter.hasNext() )
335                 {
336                     Group group = (Group)groupsIter.next();
337                     int index = selectableGroups.indexOf(group.getPrincipal().getName());
338                     if (index != -1)
339                     {
340                         selectableGroups.remove(index);
341                     }
342                 }
343                 request.setAttribute(GROUPS_CONTROL, selectableGroups);
344                 
345             }
346             else if (selectedTab.getId().equals(TAB_PROFILE))
347             {
348                 request.setAttribute(VIEW_RULES, getRules(user));
349                 request.setAttribute(VIEW_ALL_RULES, getProfilerRules());
350             }
351             else if (selectedTab.getId().equals(TAB_CREDENTIAL))
352             {
353                 request.setAttribute(VIEW_CREDENTIAL, getCredential(request, userName));
354             }
355            
356             request.setAttribute(SecurityResources.REQUEST_SELECT_TAB, selectedTab);
357         }
358         else
359         {
360             renderRoleInformation(request);
361             renderProfileInformation(request);
362             renderSubsiteInformation(request);
363         }
364         // check for ErrorMessages
365         ArrayList errorMessages = (ArrayList)PortletMessaging.consume(request, SecurityResources.TOPIC_USER, SecurityResources.ERROR_MESSAGES);
366         if (errorMessages != null )
367         {
368             request.setAttribute(SecurityResources.ERROR_MESSAGES, errorMessages);
369         }
370         
371         super.doView(request, response);
372     }
373     
374     protected void initPrefsAndAttr(PortletRequest request)
375     {
376         initPrefsAndAttr = true;
377         if ( userTabMap == null )
378         {
379             userTabMap = new LinkedHashMap();
380             anonymousUserTabMap = new LinkedHashMap();
381         }
382         else
383         {
384             userTabMap.clear();
385             anonymousUserTabMap.clear();
386         }        
387         
388         TabBean tb;
389         PortletPreferences prefs = request.getPreferences();
390         
391         if ( "true".equals(prefs.getValue("showUserTab", "true")) )
392         {
393             tb = new TabBean(TAB_USER);
394             userTabMap.put(tb.getId(), tb);
395         }
396         if ( "true".equals(prefs.getValue("showAttributesTab", "true")) )
397         {
398             tb = new TabBean(TAB_ATTRIBUTES);
399             userTabMap.put(tb.getId(), tb);
400         }
401         if ( "true".equals(prefs.getValue("showPasswordTab", "true")) )
402         {
403             tb = new TabBean(TAB_CREDENTIAL);
404             userTabMap.put(tb.getId(), tb);
405         }
406         if ( "true".equals(prefs.getValue("showRoleTab", "true")) )
407         {
408             tb = new TabBean(TAB_ROLE);
409             userTabMap.put(tb.getId(), tb);
410             anonymousUserTabMap.put(tb.getId(), tb);
411         }
412         if ( "true".equals(prefs.getValue("showGroupTab", "true")) )
413         {
414             tb = new TabBean(TAB_GROUP);
415             userTabMap.put(tb.getId(), tb);
416             anonymousUserTabMap.put(tb.getId(), tb);
417         }
418         if ( "true".equals(prefs.getValue("showProfileTab", "true")) )
419         {
420             tb = new TabBean(TAB_PROFILE);
421             userTabMap.put(tb.getId(), tb);
422             anonymousUserTabMap.put(tb.getId(), tb);
423         }
424         // refresh PA UserAttributes (kinda hack but can't communicate between PAM and Security PA yet to signal a refresh is needed)
425         paUserAttributes = registry.getPortletApplicationByIdentifier(paIdentifier).getUserAttributes();
426     }
427 
428     protected void renderRoleInformation(RenderRequest request)
429     throws PortletException
430     {
431         // check for refresh on roles list
432         String refreshRoles = (String)PortletMessaging.consume(request, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH_ROLES);
433         List roles = null;
434         if (refreshRoles == null)
435         {        
436             roles = (List) request.getPortletSession().getAttribute(ROLES_CONTROL);
437         }
438         
439         // build the roles control and provide it to the view
440         try
441         {
442             if (roles == null)
443             {
444                 String adminName = configuration.getString(PortalConfigurationConstants.ROLES_DEFAULT_ADMIN, "admin");
445                 String managerName  = configuration.getString(PortalConfigurationConstants.ROLES_DEFAULT_MANAGER, "manager");
446                 roles = new LinkedList();
447                 Iterator fullRoles = roleManager.getRoles("");
448                 while (fullRoles.hasNext())
449                 {
450                     Role role = (Role)fullRoles.next();
451                     String roleName = role.getPrincipal().getName();
452                     // https://issues.apache.org/jira/browse/JS2-714
453                     // Filter roles for delegated security
454                     String username = request.getUserPrincipal().getName();
455                     if (roleName.equals(adminName))                        
456                     {
457                         if (roleManager.isUserInRole(username, adminName))
458                             roles.add(roleName);
459                     }
460                     else if (roleName.equals(managerName))                        
461                     {
462                         if (roleManager.isUserInRole(username, managerName))
463                             roles.add(roleName);
464                     }    
465                     else
466                     {
467                         roles.add(roleName);                        
468                     }
469                 }
470                 request.getPortletSession().setAttribute(ROLES_CONTROL, roles);
471             }
472         }
473         catch (SecurityException se)
474         {
475             throw new PortletException(se);
476         }        
477         request.setAttribute(ROLES_CONTROL, roles);        
478     }
479     
480     protected void renderProfileInformation(RenderRequest request)
481     {
482         // check for refresh on profiles list
483         String refreshProfiles = (String)PortletMessaging.consume(request, 
484                         SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH_PROFILES);
485         Collection rules = null;
486         if (refreshProfiles == null)
487         {        
488             rules = (Collection) request.getPortletSession().getAttribute(RULES_CONTROL);
489         }
490         
491         // build the profiles control and provide it to the view
492         if (rules == null)
493         {
494             rules = profiler.getRules();
495             request.getPortletSession().setAttribute(RULES_CONTROL, rules);
496         }
497         request.setAttribute(RULES_CONTROL, rules);        
498     }
499 
500     protected void renderSubsiteInformation(RenderRequest request)
501     {
502         // check for refresh on profiles list
503         String refreshSubsites = (String)PortletMessaging.consume(request, 
504                         SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH_SUBSITES);
505         Collection subsites = null;        
506         if (refreshSubsites == null)
507         {        
508             subsites = (Collection) request.getPortletSession().getAttribute(SUBSITES_CONTROL);
509         }
510         
511         // build the subsites control and provide it to the view
512         if (subsites == null)
513         {
514             subsites = new ArrayList();
515             SubsiteInfo emptyone = new SubsiteInfo("","");
516             subsites.add(emptyone);
517             String subsiteRoot = request.getPreferences().getValue("subsiteRootFolder", "");
518             if (!subsiteRoot.equals(""))
519             {
520                 try
521                 {
522                     Folder subsiteFolder = pageManager.getFolder(subsiteRoot);
523                     NodeSet set = pageManager.getFolders(subsiteFolder);
524                     if (set != null && !set.isEmpty())
525                     {
526                         Iterator setIterator = set.iterator();
527                         while (setIterator.hasNext())
528                         {
529                             Folder f = (Folder)setIterator.next();
530                             subsites.add(new SubsiteInfo(f.getPath(), f.getTitle()));
531                         }
532                     }
533                 }
534                 catch (FolderNotFoundException fnfe)
535                 {
536                     // subsites not used, ignore
537                 }
538                 catch (Exception e)
539                 {
540                     
541                 }
542             }
543             request.getPortletSession().setAttribute(SUBSITES_CONTROL, subsites);
544         }
545         request.setAttribute(SUBSITES_CONTROL, subsites);        
546     }
547     
548     public void doEdit(RenderRequest request, RenderResponse response)
549     throws PortletException, IOException
550     {
551         response.setContentType("text/html");
552         renderRoleInformation(request);
553         renderProfileInformation(request);
554         renderSubsiteInformation(request);
555         super.doEdit(request, response);
556     }
557 
558     public void processAction(ActionRequest actionRequest, ActionResponse actionResponse) 
559         throws PortletException, IOException
560     {   
561         if (actionRequest.getPortletMode() == PortletMode.EDIT)
562         {
563             PortletPreferences prefs = actionRequest.getPreferences();
564             PreferencesHelper.requestParamsToPreferences(actionRequest);
565             prefs.store();
566             actionResponse.setPortletMode(PortletMode.VIEW);
567             initPrefsAndAttr(actionRequest);
568             actionRequest.getPortletSession().removeAttribute(SUBSITES_CONTROL);
569             return;
570         }
571         
572         String selectedTab = actionRequest.getParameter(SecurityResources.REQUEST_SELECT_TAB);
573         if (selectedTab != null)
574         {
575             TabBean tab = (TabBean) userTabMap.get(selectedTab);
576             if (tab != null)
577             {
578                 actionRequest.getPortletSession().setAttribute(
579                         SecurityResources.REQUEST_SELECT_TAB, tab);
580             }            
581         }             
582         String action = actionRequest.getParameter(SecurityResources.PORTLET_ACTION);
583         if (action != null && action.equals("remove.user"))
584         {
585             removeUser(actionRequest, actionResponse);
586         }
587         else if (action != null && action.equals("add.new.user"))
588         {
589             PortletMessaging.cancel(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
590         }
591         else if (action != null && action.equals("add.user"))
592         {
593             addUser(actionRequest);
594         }
595         else if (action != null && isUserPortletAction(action))
596         {
597             action = getAction(USER_ACTION_PREFIX, action);                
598             if (action.endsWith(ACTION_EDIT_USER))
599             {
600                 editUser(actionRequest, actionResponse);
601             }
602             else if (action.endsWith(ACTION_UPDATE_ATTRIBUTE))
603             {
604                 updateUserAttribute(actionRequest, actionResponse);
605             }
606             else if (action.endsWith(ACTION_REMOVE_ATTRIBUTE))
607             {
608                 removeUserAttributes(actionRequest, actionResponse);
609             }
610             else if (action.endsWith(ACTION_ADD_ATTRIBUTE))
611             {
612                 addUserAttribute(actionRequest, actionResponse);
613             }
614             else if (action.endsWith(ACTION_REMOVE_ROLE))
615             {
616                 removeUserRoles(actionRequest, actionResponse);
617             }
618             else if (action.endsWith(ACTION_ADD_ROLE))
619             {
620                 addUserRole(actionRequest, actionResponse);
621             }
622             else if (action.endsWith(ACTION_REMOVE_GROUP))
623             {
624                 removeUserGroups(actionRequest, actionResponse);
625             }
626             else if (action.endsWith(ACTION_ADD_GROUP))
627             {
628                 addUserGroup(actionRequest, actionResponse);
629             }
630             else if (action.endsWith(this.ACTION_ADD_RULE))
631             {
632                 addUserProfile(actionRequest, actionResponse);
633             }
634             else if (action.endsWith(this.ACTION_REMOVE_RULE))
635             {
636                 removeUserProfile(actionRequest, actionResponse);
637             }
638             else if (action.endsWith(this.ACTION_UPDATE_CREDENTIAL))
639             {
640                 updateUserCredential(actionRequest, actionResponse);
641             }
642         }
643     }
644         
645     public void removeUser(ActionRequest actionRequest, ActionResponse actionResponse) 
646     throws PortletException
647     {
648         String userName = (String)PortletMessaging.receive(actionRequest, 
649                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);        
650         User user = lookupUser(actionRequest, userName);
651         if (user != null)
652         {
653             try
654             {
655                 Preferences attributes = user.getUserAttributes();
656                 String subsite = attributes.get(User.USER_INFO_SUBSITE, null);                
657                 userManager.removeUser(userName);
658                 PortletMessaging.publish(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH, "true");
659                 if (subsite == null)
660                 {
661                     subsite = Folder.USER_FOLDER + userName;
662                 }
663                 if (pageManager.folderExists(subsite))
664                 {
665                     Folder folder = pageManager.getFolder(subsite);                    
666                     pageManager.removeFolder(folder);
667                 }                
668                 audit.logAdminUserActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE, USER_ADMINISTRATION);            
669                 // remove selected user from USERS_TOPIC
670                 PortletMessaging.cancel(actionRequest,SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
671                 // TODO: send message to site manager portlet
672                 
673             }
674             catch (Exception ex)
675             {
676                 SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, ex.getMessage());
677             }
678         }
679     }
680     
681     public Principal createPrincipal(Subject subject, Class classe)
682     {
683         Principal principal = null;
684         Iterator principals = subject.getPrincipals().iterator();
685         while (principals.hasNext())
686         {
687             Principal p = (Principal) principals.next();
688             if (classe.isInstance(p))
689             {
690                 principal = p;
691                 break;
692             }
693         }
694         return principal;
695     }    
696 
697     private void updateUserCredential(ActionRequest actionRequest, ActionResponse actionResponse)
698     {
699         ResourceBundle bundle = ResourceBundle.getBundle("org.apache.jetspeed.portlets.security.resources.UsersResources",actionRequest.getLocale());
700 
701         String userName = (String)PortletMessaging.receive(actionRequest, 
702                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
703         User user = lookupUser(actionRequest, userName);
704         if (user != null)
705         {
706             try
707             {
708                 String password = actionRequest.getParameter("user_cred_value");
709                 boolean passwordSet = false;
710                 if ( password != null && password.trim().length() > 0 )
711                 {
712                     userManager.setPassword(userName, null, password);
713                     audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_RESET, USER_ADMINISTRATION);                                                                                            
714                     passwordSet = true;
715                 }
716                 PasswordCredential credential = getCredential(actionRequest, userName);
717                 if ( credential != null )
718                 {
719                     String updateRequiredStr = actionRequest.getParameter("user_cred_updreq");
720                     if (updateRequiredStr != null)
721                     {
722                         boolean updateRequired = Boolean.valueOf(updateRequiredStr).booleanValue();
723                         if (updateRequired != credential.isUpdateRequired())
724                         {
725                             userManager.setPasswordUpdateRequired(userName,updateRequired);
726                             audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);                                                                                                                        
727                         }
728                     }
729                     String enabledStr = actionRequest.getParameter("user_cred_enabled");
730                     if (enabledStr != null)
731                     {
732                         boolean enabled = Boolean.valueOf(enabledStr).booleanValue();
733                         if (enabled != credential.isEnabled())
734                         {
735                             userManager.setPasswordEnabled(userName,enabled);
736                             String activity = (enabled) ? AuditActivity.PASSWORD_ENABLED : AuditActivity.PASSWORD_DISABLED;
737                             audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, activity, USER_ADMINISTRATION);                                                                                                                                                                                
738                         }
739                     }
740                     String expiredFlagStr = actionRequest.getParameter("user_expired_flag");
741                     if (expiredFlagStr != null)
742                     {
743                         if ( !passwordSet && expiredFlagStr.equals("expired"))
744                         {
745                             java.sql.Date today = new java.sql.Date(new Date().getTime());
746                             userManager.setPasswordExpiration(userName,today);                            
747                             audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXPIRE, USER_ADMINISTRATION);                                                                                                                                                                                                            
748                         }
749                         else if (expiredFlagStr.equals("extend"))
750                         {
751                             userManager.setPasswordExpiration(userName,null);
752                             audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXTEND, USER_ADMINISTRATION);                                                                                                                                                                                                                                        
753                         }
754                         else if (expiredFlagStr.equals("unlimited"))
755                         {
756                             userManager.setPasswordExpiration(userName,InternalCredential.MAX_DATE);
757                             audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UNLIMITED, USER_ADMINISTRATION);                                                                                                                                                                                                                                                                    
758                         }
759                     }
760                 }
761             }
762             catch ( InvalidPasswordException ipe )
763             {
764                 SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, bundle.getString("chgpwd.error.invalidPassword"));
765             }
766             catch ( InvalidNewPasswordException inpe )
767             {
768                 SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, bundle.getString("chgpwd.error.invalidNewPassword"));
769             }
770             catch ( PasswordAlreadyUsedException paue )
771             {
772                 SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, bundle.getString("chgpwd.error.passwordAlreadyUsed"));
773             }
774             catch (SecurityException e)
775             {
776                 SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, e.getMessage());
777             }
778         }
779     }
780     
781     private void editUser(ActionRequest actionRequest, ActionResponse actionResponse)
782     {
783         String userName = (String)PortletMessaging.receive(actionRequest, 
784                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
785         User user = lookupUser(actionRequest, userName);
786         if (user != null)
787         {
788             Iterator attrIter = paUserAttributes.iterator();
789             UserAttribute attr;
790             String value;
791             while( attrIter.hasNext() )
792             {
793                 attr = (UserAttribute)attrIter.next();
794                 value = actionRequest.getParameter("attr_"+attr.getName());
795                 if (value != null)
796                 {
797                     user.getUserAttributes().put(attr.getName(), value);
798                     audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, attr.getName(), value, value, USER_ADMINISTRATION);                                
799                 }
800             }
801         }
802         if ( "true".equals(actionRequest.getPreferences().getValue("showPasswordOnUserTab", "false")))
803         {
804             updateUserCredential(actionRequest, actionResponse);
805         }
806     }
807     
808     private void updateUserAttribute(ActionRequest actionRequest, ActionResponse actionResponse)
809     {
810         String userName = (String)PortletMessaging.receive(actionRequest, 
811                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
812         User user = lookupUser(actionRequest, userName);
813         if (user != null)
814         {
815             String[] userAttrNames = actionRequest.getParameterValues("user_attr_id");
816             if(userAttrNames != null)
817             {                
818                 for (int i=0; i<userAttrNames.length; i++)
819                 {
820                     String userAttrName = userAttrNames[i];
821                     String value = actionRequest.getParameter(userAttrName + ":value");
822                     String before = user.getUserAttributes().get(userAttrName, "");
823                     user.getUserAttributes().put(userAttrName, value);
824                     audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_UPDATE_ATTRIBUTE, userAttrName, before, value, USER_ADMINISTRATION);                                                    
825                 }                
826             }        
827         }
828     }
829     
830     private void addUserAttribute(ActionRequest actionRequest, ActionResponse actionResponse)
831     {
832         String userName = (String)PortletMessaging.receive(actionRequest, 
833                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);        
834         User user = lookupUser(actionRequest, userName);
835         if (user != null)
836         {
837             String userAttrName = actionRequest.getParameter("user_attr_name");
838             String userAttrValue = actionRequest.getParameter("user_attr_value");
839             if (userAttrName != null && userAttrName.trim().length() > 0)
840             {
841                 Preferences attributes = user.getUserAttributes();
842                 attributes.put(userAttrName, userAttrValue);
843                 audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, userAttrName, "", userAttrValue, USER_ADMINISTRATION);                                                
844             }
845         }
846     }
847 
848     private void removeUserAttributes(ActionRequest actionRequest, ActionResponse actionResponse)
849     {
850         String userName = (String)PortletMessaging.receive(actionRequest, 
851                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);        
852         
853         User user = lookupUser(actionRequest, userName);
854         if (user != null)
855         {
856             String[] userAttrNames = actionRequest.getParameterValues("user_attr_id");
857 
858             if(userAttrNames != null)
859             {
860                 Preferences attributes = user.getUserAttributes();
861                 for(int ix = 0; ix < userAttrNames.length; ix++)
862                 {
863                     try
864                     {
865                         String before = attributes.get(userAttrNames[ix], "");                        
866                         attributes.remove(userAttrNames[ix]);
867                         audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ATTRIBUTE, userAttrNames[ix], before, "", USER_ADMINISTRATION);                                                                        
868                     }
869                     catch (Exception e) 
870                     {
871                       e.printStackTrace();  
872                     }
873                 }
874             }            
875         }
876     }
877     
878     private void removeUserRoles(ActionRequest actionRequest, ActionResponse actionResponse)
879     {
880         String userName = (String)PortletMessaging.receive(actionRequest, 
881                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
882         User user = lookupUser(actionRequest, userName);
883         if (user != null)
884         {
885             String[] roleNames = actionRequest.getParameterValues("user_role_id");
886 
887             if(roleNames != null)
888             {
889                 for (int ix = 0; ix < roleNames.length; ix++)
890                 {
891                     try
892                     {
893                         if (roleManager.roleExists(roleNames[ix]))
894                         {
895                             roleManager.removeRoleFromUser(userName, roleNames[ix]);
896                             audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ROLE, roleNames[ix], USER_ADMINISTRATION);                                                                                                    
897                         }
898                     }
899                     catch (SecurityException e)
900                     {
901                         SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, e.getMessage());
902                     }                
903                 }
904             }            
905         }
906     }    
907     
908     private void addUserRole(ActionRequest actionRequest, ActionResponse actionResponse)
909     {
910         String userName = (String)PortletMessaging.receive(actionRequest, 
911                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);       
912         User user = lookupUser(actionRequest, userName);
913         if (user != null)
914         {
915             String roleName = actionRequest.getParameter("role_name");
916             if (roleName != null && roleName.trim().length() > 0)
917             {
918                 try
919                 {
920                     roleManager.addRoleToUser(userName, roleName);
921                     audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ROLE, roleName, USER_ADMINISTRATION);                                                                                                                        
922                 }
923                 catch (SecurityException e)
924                 {
925                     SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, e.getMessage());
926                 }
927             }
928         }
929     }
930     
931     private void removeUserGroups(ActionRequest actionRequest, ActionResponse actionResponse)
932     {
933         String userName = (String)PortletMessaging.receive(actionRequest, 
934                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
935         User user = lookupUser(actionRequest, userName);
936         if (user != null)
937         {
938             String[] groupNames = actionRequest.getParameterValues("user_group_id");
939 
940             if(groupNames != null)
941             {
942                 for (int ix = 0; ix < groupNames.length; ix++)
943                 {
944                     try
945                     {
946                         if (groupManager.groupExists(groupNames[ix]))
947                         {
948                             groupManager.removeUserFromGroup(userName, groupNames[ix]);
949                             audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_GROUP, groupNames[ix], USER_ADMINISTRATION);                                                                                                                                
950                         }
951                     }
952                     catch (SecurityException e)
953                     {
954                         SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, e.getMessage());
955                     }                
956                 }
957             }            
958         }
959     }    
960     
961     private void addUserGroup(ActionRequest actionRequest, ActionResponse actionResponse)
962     {
963         String userName = (String)PortletMessaging.receive(actionRequest, 
964                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
965         User user = lookupUser(actionRequest, userName);
966         if (user != null)
967         {
968             String groupName = actionRequest.getParameter("group_name");
969             if (groupName != null && groupName.trim().length() > 0)
970             {
971                 try
972                 {
973                     groupManager.addUserToGroup(userName, groupName);
974                     audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_GROUP, groupName, USER_ADMINISTRATION);                                                                                                                                            
975                 }
976                 catch (SecurityException e)
977                 {
978                     SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, e.getMessage());
979                 }
980             }
981         }
982     }
983         
984     private String getAction(String prefix, String action)
985     {
986         return action.substring(prefix.length());
987     }
988 
989     private boolean isUserPortletAction(String action)
990     {
991         return action.startsWith(USER_ACTION_PREFIX);
992     }
993     
994     private Collection getRoles(PortletRequest request, String userName)
995     {
996         try
997         {
998             return roleManager.getRolesForUser(userName); 
999         }
1000         catch (SecurityException e)
1001         {
1002             SecurityUtil.publishErrorMessage(request, SecurityResources.TOPIC_USER, e.getMessage());
1003         }
1004         return new LinkedList();
1005     }
1006     
1007     private Collection getGroups(PortletRequest request, String userName)
1008     {
1009         try
1010         {
1011             return groupManager.getGroupsForUser(userName); 
1012         }
1013         catch (SecurityException e)
1014         {
1015             SecurityUtil.publishErrorMessage(request, SecurityResources.TOPIC_USER, e.getMessage());
1016         }
1017         return new LinkedList();
1018     }
1019     
1020     private PasswordCredential getCredential(User user)
1021     {
1022         PasswordCredential credential = null;
1023         
1024         Set credentials = user.getSubject().getPrivateCredentials();
1025         Iterator iter = credentials.iterator();
1026         while (iter.hasNext())
1027         {
1028             Object o = iter.next();
1029             if (o instanceof PasswordCredential)
1030             {
1031                 credential = (PasswordCredential)o;
1032                 break;
1033             }
1034         }
1035         return credential;
1036     }
1037     private PasswordCredential getCredential(PortletRequest request, String userName)
1038     {
1039         return getCredential(lookupUser(request, userName));
1040     }
1041     
1042     private User lookupUser(PortletRequest request, String userName)
1043     {
1044         User user = null;
1045         try
1046         {
1047             user = userManager.getUser(userName);
1048         }
1049         catch (Exception e)
1050         {
1051             SecurityUtil.publishErrorMessage(request, SecurityResources.TOPIC_USER, e.getMessage());
1052         }    
1053         return user;
1054     }
1055     
1056     private Collection getProfilerRules()
1057     {        
1058         return profiler.getRules();
1059     }
1060     
1061     private Collection getRules(User user)
1062     {
1063         Principal userPrincipal = createPrincipal(user.getSubject(), UserPrincipal.class);
1064         return profiler.getRulesForPrincipal(userPrincipal);
1065     }
1066 
1067     private void addUserProfile(ActionRequest actionRequest, ActionResponse actionResponse)
1068     {
1069         String userName = (String)PortletMessaging.receive(actionRequest, 
1070                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
1071         User user = lookupUser(actionRequest, userName);
1072         if (user != null)
1073         {
1074             String locatorName = actionRequest.getParameter("locator_name");
1075             if (locatorName != null && locatorName.trim().length() > 0)
1076             {
1077                 try
1078                 {
1079                     Principal userPrincipal = createPrincipal(user.getSubject(), UserPrincipal.class);                          
1080                     String ruleName = actionRequest.getParameter("select_rule");
1081                     profiler.setRuleForPrincipal(userPrincipal, 
1082                             profiler.getRule(ruleName),
1083                             locatorName);              
1084                     audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_PROFILE, ruleName + "-" + locatorName, USER_ADMINISTRATION);                                                                                                                                            
1085                 }
1086                 catch (Exception e)
1087                 {
1088                     SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, e.getMessage());
1089                 }
1090             }
1091             
1092         }
1093     }
1094     
1095     private void removeUserProfile(ActionRequest actionRequest, ActionResponse actionResponse)
1096     {
1097         String userName = (String)PortletMessaging.receive(actionRequest, 
1098                 SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
1099         User user = lookupUser(actionRequest, userName);
1100         if (user != null)
1101         {
1102             String[] locatorNames = actionRequest.getParameterValues("user_profile_id");
1103 
1104             if(locatorNames != null)
1105             {
1106                 Principal userPrincipal = createPrincipal(user.getSubject(), UserPrincipal.class);                                              
1107                 Collection rules = profiler.getRulesForPrincipal(userPrincipal);
1108                 for (int ix = 0; ix < locatorNames.length; ix++)
1109                 {
1110                     try
1111                     {
1112                         Iterator it = rules.iterator();
1113                         while (it.hasNext())
1114                         {
1115                             PrincipalRule rule = (PrincipalRule)it.next();
1116                             if (rule.getLocatorName().equals(locatorNames[ix]))
1117                             {
1118                                 profiler.deletePrincipalRule(rule);
1119                                 audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_PROFILE, rule.getProfilingRule().getId() + "-" + rule.getLocatorName(), USER_ADMINISTRATION);                                                                                                                                                        
1120                             }
1121                         }
1122                     }
1123                     catch (Exception e)
1124                     {
1125                         SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, e.getMessage());
1126                     }                
1127                 }
1128             }                                    
1129         }
1130     }        
1131     
1132     protected void addUser(ActionRequest actionRequest)
1133     {
1134         String userName = actionRequest.getParameter("jetspeed.user");
1135         String password = actionRequest.getParameter("jetspeed.password");            
1136         if (!SecurityUtil.isEmpty(userName))
1137         {
1138             try
1139             {            
1140                 if (SecurityUtil.isEmpty(password))
1141                 {
1142                     throw new SecurityException(SecurityException.PASSWORD_REQUIRED);
1143                 }
1144                 userManager.addUser(userName, password);
1145                 audit.logAdminUserActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest), userName, AuditActivity.USER_CREATE, USER_ADMINISTRATION);            
1146                 
1147                 PortletMessaging.publish(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH, "true");
1148                 PortletMessaging.publish(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED, userName);
1149                                                 
1150                 User user = userManager.getUser(userName);
1151                 
1152                 PasswordCredential credential = getCredential(user);
1153                 if ( credential != null )
1154                 {
1155                     String updateRequiredStr = actionRequest.getParameter("user_cred_updreq");
1156                     if (updateRequiredStr != null)
1157                     {
1158                         boolean updateRequired = Boolean.valueOf(updateRequiredStr).booleanValue();
1159                         if (updateRequired != credential.isUpdateRequired())
1160                         {
1161                             userManager.setPasswordUpdateRequired(userName,updateRequired);
1162                         }
1163                     }                    
1164                 }
1165                 
1166                 String requiredRole = actionRequest.getPreferences().getValue("requiredRole", "");
1167                 if (!requiredRole.equals("") && user != null)
1168                 {
1169                     roleManager.addRoleToUser(userName, requiredRole);
1170                 }
1171 
1172                 String role = actionRequest.getParameter(ROLES_CONTROL);
1173                 if (!SecurityUtil.isEmpty(role) && user != null) 
1174                 {
1175                     roleManager.addRoleToUser(userName, role);
1176                 }
1177                 
1178                 String templateFolder = actionRequest.getPreferences().getValue("newUserTemplateDirectory", "/_user/template/");
1179                 String subsite = actionRequest.getParameter(SUBSITES_CONTROL);
1180                 if (SecurityUtil.isEmpty(subsite))
1181                 {
1182                     subsite = Folder.USER_FOLDER + userName;
1183                 }
1184                 else
1185                 {
1186                     subsite  = subsite + Folder.USER_FOLDER +  userName;
1187                     Preferences attributes = user.getUserAttributes();
1188                     attributes.put(User.USER_INFO_SUBSITE, subsite);                    
1189                 }
1190                 
1191                 // copy the entire dir tree from the template folder
1192                 Folder source = pageManager.getFolder(templateFolder);                
1193                 pageManager.deepCopyFolder(source, subsite, userName);
1194                 
1195                 // TODO: send message that site tree portlet invalidated
1196                 
1197                 String rule = actionRequest.getParameter(RULES_CONTROL);
1198                 if (!SecurityUtil.isEmpty(rule) && user != null) 
1199                 {
1200                     Principal principal = SecurityUtil.getPrincipal(user.getSubject(), UserPrincipal.class);                         
1201                     profiler.setRuleForPrincipal(principal, profiler.getRule(rule), "page");
1202                 }                
1203                                 
1204             }
1205             catch (SecurityException sex)
1206             {
1207                 SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, sex.getMessage());
1208             }
1209             catch (Exception ex)
1210             {
1211                 SecurityUtil.publishErrorMessage(actionRequest, SecurityResources.TOPIC_USER, ex.getMessage());
1212             }
1213         }
1214     }
1215     
1216     /*
1217     private void setSecurityConstraints(Folder folder, String userName)
1218     {
1219         SecurityConstraints constraints = pageManager.newSecurityConstraints();
1220         constraints.setOwner(userName);
1221         folder.setSecurityConstraints(constraints);        
1222     }
1223     */    
1224     
1225     protected String getIPAddress(PortletRequest request)
1226     {
1227         RequestContext context = (RequestContext)request.getAttribute(PortalReservedParameters.REQUEST_CONTEXT_ATTRIBUTE);
1228         if (context == null)
1229             return "";
1230         return context.getRequest().getRemoteAddr();
1231     }
1232 }