/* name: workspace.security.logon extends: workspace.XML.builder extends: workspace.security.md5 extends: workspace.security.coltrans */ workspace.security._logon_construct = function() { function supplementaryLogin(lUserID) { var oRetVal = "dummy" while (oRetVal) { var oRetVal = window.showModalDialog("/_security/password_prompt.asp",null,"dialogHeight:200px;dialogWidth:400px;help:no;status:no") if(oRetVal) { if (validateLogon(lUserID, oRetVal)) return oRetVal else alert("Invalid password") } } } function validateLogon(userID, password) { var oLogon = getLogon(); var genResult oLogon.putUserID(userID); oLogon.putNonce(getNonce()); oLogon.createHash(password); genResult = oLogon.post('/_security/ValidateLogon.asp') return genResult.getAttribute('valid') == 'true'; } // cache some functions var bin2str = workspace.encoding.bin2str var b642bin = workspace.encoding.b642bin var getPlainText = workspace.security.coltrans.getPlainText var getCryptText = workspace.security.coltrans.getCryptText var bin2b64 = workspace.encoding.bin2b64 var str2bin = workspace.encoding.str2bin function getLogon(source) { return new Logon(workspace.XML.getElem(source ? source : "")); } //------ Logon Class ------ function Logon(elem) { this.element = elem; } Logon.prototype = new workspace.XML.builder.Generic() Logon.prototype.getAction = function() { return this.getAttribute("action"); } Logon.prototype.putAction = function(value) { this.putAttribute("action", value); } Logon.prototype.getUserID = function() { return this.getAttribute("userID"); } Logon.prototype.putUserID = function(value) { this.putAttribute("userID", value); } Logon.prototype.getHashPassword = function() { return Nz(this.getAttribute("hashPassword", false)).toBoolean(); } Logon.prototype.putHashPassword = function(value) { this.putAttribute("hashPassword", CNull(value)); } Logon.prototype.getAdminUserID = function() { return this.getAttribute("adminUserID"); } Logon.prototype.putAdminUserID = function(value) { this.putAttribute("adminUserID", value); } Logon.prototype.getUserName = function() { return this.getSimpleChild("userName"); } Logon.prototype.putUserName = function(value) { this.putSimpleChild("userName", CNull(value.toLowerCase())); } Logon.prototype.getNTUser = function() { return this.getSimpeChild("ntUser"); } Logon.prototype.putNTUser = function(value) { this.putSimpleChild("ntUser", CNull(value.toLowerCase())); } Logon.prototype.getNonce = function() { return this.getSimpleChild("nonce"); } Logon.prototype.putNonce = function(value) { if (value && value.nonce) { this.putHashPassword(value.hashPassword); this.putSimpleChild("nonce", CNull(value.nonce)); } else { this.putSimpleChild("nonce", CNull(value)); } } Logon.prototype.getPassword = function() { this.getSimpleChild("password"); } Logon.prototype.putPassword = function(value) { this.putSimpleChild("password", CNull(value)); } Logon.prototype.getNewPassword = function(oldPassword) { if (typeof(oldPassword) == "undefined") oldPassword = this.getPassword(); if (this.getHashPassword()) oldPassword = workspace.security.md5.toB64(oldPassword); return bin2str(b642bin(getPlainText(this.getSimpleChild("newPassword"), oldPassword).rtrim('='))); } Logon.prototype.putNewPassword = function(value, oldPassword) { if (typeof(oldPassword) == "undefined") oldPassword = this.getPassword(); this.putSimpleChild("newPassword", getCryptText(bin2b64(str2bin(value)), oldPassword, '=')); } Logon.prototype.getPasswordExpired = function() { return Nz(this.getAttribute("pwdExpired"), false); } Logon.prototype.getHash = function() { return this.getSimpleChild("hash"); } Logon.prototype.putHash = function(value) { this.putSimpleChild("hash", CNull(value)); } Logon.prototype.createHash = function(password) { if (this.getHashPassword()) password = workspace.security.md5.toB64(password); if (this.getAdminUserID()) { this.putHash(workspace.security.md5.toB64(this.getAdminUserID() + password + this.getNonce())); } else if (this.getUserID()) { this.putHash(workspace.security.md5.toB64(this.getUserID() + password + this.getNonce())); } else { this.putHash(workspace.security.md5.toB64(this.getUserName() + password + this.getNonce())); } return this.getHash(); } workspace.security.supplementaryLogin = supplementaryLogin; workspace.security.Logon = Logon; workspace.security.getLogon = getLogon; } workspace.security._logon_construct()