Merge remote branch 'upstream/master'

8 files changed, 96 insertions, 15 deletions

diff --git a/src/com.gluster.storage.management.core/src/com/gluster/storage/management/core/constants/CoreConstants.java b/src/com.gluster.storage.management.core/src/com/gluster/storage/management/core/constants/CoreConstants.java
index 67ab1695..a9309c85 100644
--- a/src/com.gluster.storage.management.core/src/com/gluster/storage/management/core/constants/CoreConstants.java
+++ b/src/com.gluster.storage.management.core/src/com/gluster/storage/management/core/constants/CoreConstants.java
@@ -32,7 +32,7 @@ public class CoreConstants {
 	public static final String PURE_DATE_FORMAT = "MM/dd/yyyy";
 	public static final String PURE_TIME_FORMAT = "HH:mm:ss.SSS";
 	public static final String NA = "NA";
-	public static final String DEFAULT_PASSWORD = "gluster";
+	public static final String DEFAULT_PASSWORD = "syst3m";
 	public static final String OFFLINE = "OFFLINE";
 	public static final String ONLINE = "ONLINE";
 	public static final String UNKNOWN = "UNKNOWN";
diff --git a/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/1-security-schema.sql b/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/1-security-schema.sql
index fdde5823..4f61fc9d 100644
--- a/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/1-security-schema.sql
+++ b/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/1-security-schema.sql
@@ -1,11 +1,11 @@
 create table users(
-	username varchar(50) not null primary key,
-    password varchar(50) not null,
+	username varchar(32) not null primary key,
+    password varchar(124) not null,
     enabled smallint not null
     );
 
  create table authorities (
- 	username varchar(50) not null,
+ 	username varchar(32) not null,
     authority varchar(50) not null,
     constraint fk_authorities_users foreign key(username) references users(username));
     create unique index ix_auth_username on authorities (username,authority);
@@ -21,6 +21,6 @@ create table group_authorities (
 
 create table group_members (
 	id bigint generated by default as identity(start with 0) primary key, 
-	username varchar(50) not null, 
+	username varchar(32) not null, 
 	group_id bigint not null, 
 	constraint fk_group_members_group foreign key(group_id) references groups(id));
diff --git a/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/2-users-authorities-groups.sql b/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/2-users-authorities-groups.sql
index 35ccf965..5bd73813 100644
--- a/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/2-users-authorities-groups.sql
+++ b/src/com.gluster.storage.management.gateway/WebContent/data/scripts/1.0.0/2-users-authorities-groups.sql
@@ -1,11 +1,9 @@
 -- Create users
-insert into users(username, password, enabled) values ('gluster','gluster',1);
-insert into users(username, password, enabled) values ('guest','guest',1);
+insert into users(username, password, enabled) values ('gluster','syst3m',1);
 
 -- Assign authorities to users (to be removed after implementing user group functionality)
 insert into authorities(username,authority) values ('gluster','ROLE_USER');
 insert into authorities(username,authority) values ('gluster','ROLE_ADMIN');
-insert into authorities(username,authority) values ('guest','ROLE_USER');
 
 -- Create user groups
 insert into groups(group_name) values ('Users');
@@ -17,5 +15,4 @@ insert into group_authorities(group_id, authority) select id,'ROLE_USER' from gr
 insert into group_authorities(group_id, authority) select id,'ROLE_ADMIN' from groups where group_name='Administrators';
 
 -- Assign group members
-insert into group_members(group_id, username) select id,'guest' from groups where group_name='Users';
 insert into group_members(group_id, username) select id,'gluster' from groups where group_name='Administrators';
\ No newline at end of file
diff --git a/src/com.gluster.storage.management.gateway/build/glusterserver.ant b/src/com.gluster.storage.management.gateway/build/glusterserver.ant
index 68a5bc08..98120ba4 100644
--- a/src/com.gluster.storage.management.gateway/build/glusterserver.ant
+++ b/src/com.gluster.storage.management.gateway/build/glusterserver.ant
@@ -39,6 +39,11 @@
 				<include name="**/*.xml" />
 			</fileset>
 		</copy>
+		<copy todir="${WEB-INF}/classes">
+			<fileset dir="${basedir}/src" casesensitive="yes">
+				<include name="log4j.properties" />
+			</fileset>
+		</copy>
 		<!-- TODO: make debug option configurable in jenkins -->
 		<javac srcdir="${basedir}/src" destdir="${WEB-INF}/classes" classpathref="libs" debug="true" debuglevel="lines,vars,source"/>
 	</target>
diff --git a/src/com.gluster.storage.management.gateway/src/com/gluster/storage/management/gateway/security/UserAuthDao.java b/src/com.gluster.storage.management.gateway/src/com/gluster/storage/management/gateway/security/UserAuthDao.java
index bdc3b19e..5b920d47 100644
--- a/src/com.gluster.storage.management.gateway/src/com/gluster/storage/management/gateway/security/UserAuthDao.java
+++ b/src/com.gluster.storage.management.gateway/src/com/gluster/storage/management/gateway/security/UserAuthDao.java
@@ -23,7 +23,6 @@ package com.gluster.storage.management.gateway.security;
 import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl;
 
 /**
- * @author root
  * 
  */
 public class UserAuthDao extends JdbcDaoImpl implements GlusterUserDetailsService {
diff --git a/src/com.gluster.storage.management.gateway/src/com/gluster/storage/management/gateway/utils/PasswordManager.java b/src/com.gluster.storage.management.gateway/src/com/gluster/storage/management/gateway/utils/PasswordManager.java
new file mode 100644
index 00000000..aa2e2d8f
--- /dev/null
+++ b/src/com.gluster.storage.management.gateway/src/com/gluster/storage/management/gateway/utils/PasswordManager.java
@@ -0,0 +1,80 @@
+/*******************************************************************************
+ * Copyright (c) 2011 Gluster, Inc. <http://www.gluster.com>
+ * This file is part of Gluster Management Console.
+ *
+ * Gluster Management Console is free software; you can redistribute it and/or 
+ * modify it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *  
+ * Gluster Management Console is distributed in the hope that it will be useful, 
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License
+ * for more details.
+ *  
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *******************************************************************************/
+package com.gluster.storage.management.gateway.utils;
+
+import org.apache.derby.jdbc.EmbeddedDriver;
+import org.springframework.jdbc.datasource.SimpleDriverDataSource;
+import org.springframework.security.authentication.dao.ReflectionSaltSource;
+import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
+
+import com.gluster.storage.management.core.constants.CoreConstants;
+import com.gluster.storage.management.gateway.security.UserAuthDao;
+
+/**
+ * Tool to reset password of default user gluster
+ */
+public class PasswordManager {
+	private static final int USAGE_ERR = 1;
+	private static final int SQL_ERR = 2;
+
+	private void resetPassword(String username) {
+		try {
+			UserAuthDao userAuthDao = createUserAuthDao();
+			ReflectionSaltSource saltSource = createSaltSource();
+
+			String encodedPassword = new ShaPasswordEncoder(256).encodePassword(CoreConstants.DEFAULT_PASSWORD,
+					saltSource.getSalt(userAuthDao.loadUserByUsername(username)));
+			
+			userAuthDao.changePassword(username, encodedPassword);
+			System.out.println("Password for user [" + username + "] reset successsfully to default value of ["
+					+ CoreConstants.DEFAULT_PASSWORD + "].\n");
+		} catch (Exception e) {
+			System.err
+					.println("\n\nPassword reset for user ["
+							+ username
+							+ "] failed! \nMake sure that the Management Gateway is not running while performing password reset.\n");
+			System.exit(SQL_ERR);
+		}
+	}
+
+	private ReflectionSaltSource createSaltSource() {
+		ReflectionSaltSource saltSource = new ReflectionSaltSource();
+		saltSource.setUserPropertyToUse("username");
+		return saltSource;
+	}
+
+	private UserAuthDao createUserAuthDao() throws InstantiationException, IllegalAccessException,
+			ClassNotFoundException {
+		UserAuthDao authDao = new UserAuthDao();
+		EmbeddedDriver driver = (EmbeddedDriver) Class.forName(EmbeddedDriver.class.getName()).newInstance();
+		SimpleDriverDataSource dataSource = new SimpleDriverDataSource(driver, "jdbc:derby:/opt/glustermg/data", "gluster", "syst3m");
+		
+		authDao.setDataSource(dataSource);
+		return authDao;
+	}
+
+	public static void main(String args[]) {
+		if (args.length != 2 || !args[0].equals("reset")) {
+			System.err.println("Usage: java " + PasswordManager.class.getName() + " reset <username>\n");
+			System.exit(USAGE_ERR);
+		}
+		
+		new PasswordManager().resetPassword(args[1]);
+	}
+}
diff --git a/src/com.gluster.storage.management.gateway/src/spring/gluster-server-base.xml b/src/com.gluster.storage.management.gateway/src/spring/gluster-server-base.xml
index c89eb2f0..72eb0409 100644
--- a/src/com.gluster.storage.management.gateway/src/spring/gluster-server-base.xml
+++ b/src/com.gluster.storage.management.gateway/src/spring/gluster-server-base.xml
@@ -23,7 +23,7 @@
 		<task:scheduled ref="brickMigrationStatusTask" method="checkMigrationStatus" fixed-delay="60000" />
 	</task:scheduled-tasks-->
 
-	<!-- Cluster environment. Valid values: vmware, aws, baremetal -->
+	<!-- Discovery mechanism. Valid values: multicast, none -->
 	<bean id="discoveryMechanism" class="java.lang.String">
 		<constructor-arg value="multicast" />
 	</bean>
@@ -52,7 +52,7 @@
 		<property name="driverClassName" value="org.apache.derby.jdbc.EmbeddedDriver" />
 		<property name="url" value="jdbc:derby:/opt/glustermg/data;create=true" />
 		<property name="username" value="gluster" />
-		<property name="password" value="gluster" />
+		<property name="password" value="syst3m" />
 	</bean>
 
 	<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
diff --git a/src/com.gluster.storage.management.gateway/src/spring/gluster-server-security.xml b/src/com.gluster.storage.management.gateway/src/spring/gluster-server-security.xml
index 91df8cc9..99574afb 100644
--- a/src/com.gluster.storage.management.gateway/src/spring/gluster-server-security.xml
+++ b/src/com.gluster.storage.management.gateway/src/spring/gluster-server-security.xml
@@ -27,9 +27,9 @@
 		<beans:property name="userPropertyToUse" value="username" />
 	</beans:bean>
 
-	<beans:bean
-		class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"
-		id="passwordEncoder" />
+	<beans:bean class="org.springframework.security.authentication.encoding.ShaPasswordEncoder" id="passwordEncoder">
+		<beans:constructor-arg value="256" />
+	</beans:bean>
 
 	<authentication-manager alias="authenticationManager">
 		<authentication-provider user-service-ref="jdbcUserService">