Implementing a Notification Strategy Provider for generated Token and Password

Per default information that is required to reset a user password is delivered by an E-mail to the user requesting the password change. If you like to change the strategy to deliver that kind of notification you can implement the interface org.eclipse.stardust.engine.core.spi.security.CredentialDeliveryStrategy.

public interface CredentialDeliveryStrategy {

   void deliverPasswordResetToken(IUser user, String token);

   void deliverNewPassword(IUser user, String password);

}

Use method deliverPasswordResetToken to deliver the generated reset token to the user. Method deliverNewPassword delivers the newly generated password for the user.

Note
If implementing a custom notification strategy please have in mind that sensitive data is being passed and take care about a secure way of passing the data!

Creating a custom Implementation

To implement the CredentialDeliveryStrategy interface and publish the implementation to the engine, a file named by the interface's factory has to be created in the /META-INF/services folder of the jar. Perform the following steps:

  1. Implement the interface as in the example below
  2. Create a text file named org.eclipse.stardust.engine.core.spi.security.CredentialDeliveryStrategy. The file contents needs to be the fully qualified name of your implementation class, e.g. org.eclipse.stardust.examples.MyMailbasedCredentialDeliveryStrategy.
  3. Place the file into the META-INF/services folder of the jar that will contain your implementation class

Example Implementation

The following code shows an example implementation for a mail based provider.

package org.eclipse.stardust.examples;

import org.eclipse.stardust.common.StringUtils;
import org.eclipse.stardust.common.config.Parameters;
import org.eclipse.stardust.common.error.PublicException;
import org.eclipse.stardust.common.log.LogManager;
import org.eclipse.stardust.common.log.Logger;
import org.eclipse.stardust.engine.core.runtime.beans.IUser;
import org.eclipse.stardust.engine.core.runtime.beans.MailHelper;
import org.eclipse.stardust.engine.core.security.utils.SecurityUtils;

public class MyMailbasedCredentialDeliveryStrategy implements
      CredentialDeliveryStrategy {

   Logger trace = LogManager
         .getLogger(MailbasedCredentialDeliveryStrategy.class);


   @Override
   public void deliverPasswordResetToken(IUser user, String token) {
      if(!StringUtils.isEmpty(user.getEMail()))
      {
         try
         {
            String resetUrl = getResetServletUrl();
            String message = "Dear user '" + user.getAccount() + "'!\n\n" +
            "A password reset request has been made for your account. In order to complete the password reset request please follow the link below. \n" +
            "If you did not initiate a password reset please login as usual. This will abort the password reset request. \n\n";
            if(!StringUtils.isEmpty(resetUrl))
            {
               message += resetUrl + "?oid=" + user.getOID() + "&partition=" +user.getRealm().getPartition().getOID() + "&token=" + token;
            }
            MailHelper.sendSimpleMessage(new String[] {user.getEMail()}, "Password reset token has been generated", message);
         }
         catch (PublicException e)
         {
            throw e;
         }
      }

   }

   @Override
   public void deliverNewPassword(IUser user, String password) {
        if(!StringUtils.isEmpty(user.getEMail()))
         {
            try
            {
               String loginUrl = getLoginUrl();
               String message = "Dear user '" + user.getAccount() + "'!\n\n" +
                  "Your password has been changed to \"" + password + "\". Please change your password or contact an Administrator.\n" +
                  "Login with your new password, the Dialog will force you next to change your password.\n\n";
               if(!StringUtils.isEmpty(loginUrl))
               {
                  message += loginUrl;
               }

               MailHelper.sendSimpleMessage(new String[] {user.getEMail()}, "Password has been changed!", message);
            }
            catch (PublicException e)
            {
               throw e;
            }
         }

   }

   private static String getLoginUrl() {
      return Parameters.instance().getString(SecurityUtils.LOGIN_DIALOG_URL, "").trim();
   }

   private static String getResetServletUrl()
   {
      return Parameters.instance().getString(SecurityUtils.RESET_SERVLET_URL, "").trim();
   }

}