<%@ page contentType="text/html; charset=UTF-8" %> <%-- - - Copyright (C) 2005-2008 Jive Software, 2017-2025 Ignite Realtime Foundation. All rights reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. --%> <%@ page import="org.jivesoftware.openfire.lockout.LockOutFlag" errorPage="error.jsp" %> <%@ page import="org.jivesoftware.openfire.lockout.LockOutManager" %> <%@ page import="org.jivesoftware.openfire.security.SecurityAuditManager" %> <%@ page import="org.jivesoftware.openfire.session.ClientSession" %> <%@ page import="org.jivesoftware.util.ParamUtils" %> <%@ page import="org.jivesoftware.util.StringUtils" %> <%@ page import="org.jivesoftware.util.CookieUtils" %> <%@ page import="org.xmpp.packet.JID" %> <%@ page import="org.xmpp.packet.StreamError" %> <%@ page import="java.net.URLEncoder" %> <%@ page import="java.util.Date" %> <%@ page import="java.nio.charset.StandardCharsets" %> <%@ page import="org.jivesoftware.openfire.XMPPServer" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %> <% webManager.init(request, response, session, application, out ); %> <% // Get parameters // boolean cancel = request.getParameter("cancel") != null; boolean unlock = request.getParameter("unlock") != null; boolean lock = request.getParameter("lock") != null; String username = ParamUtils.getParameter(request,"username"); String usernameUrlEncoded = URLEncoder.encode(username, StandardCharsets.UTF_8); long startdelay = ParamUtils.getLongParameter(request,"startdelay",-1); // -1 is immediate, -2 custom long duration = ParamUtils.getLongParameter(request,"duration",-1); // -1 is infinite, -2 custom if (startdelay == -2) { startdelay = ParamUtils.getLongParameter(request,"startdelay_custom", -1); } if (duration == -2) { duration = ParamUtils.getLongParameter(request,"duration_custom", -1); } Cookie csrfCookie = CookieUtils.getCookie(request, "csrf"); String csrfParam = ParamUtils.getParameter(request, "csrf"); if (lock || unlock) { if (csrfCookie == null || csrfParam == null || !csrfCookie.getValue().equals(csrfParam)) { lock = false; unlock = false; } } csrfParam = StringUtils.randomString(15); CookieUtils.setCookie(request, response, "csrf", csrfParam, -1); pageContext.setAttribute("csrf", csrfParam); // Handle a cancel if (cancel) { response.sendRedirect("user-properties.jsp?username=" + usernameUrlEncoded); return; } // Handle a user lockout: if (lock) { Date startTime = null; if (startdelay != -1) { startTime = new Date(new Date().getTime() + startdelay*60000); } Date endTime = null; if (duration != -1) { if (startTime != null) { endTime = new Date(startTime.getTime() + duration*60000); } else { endTime = new Date(new Date().getTime() + duration*60000); } } // Lock out the user webManager.getLockOutManager().disableAccount(username, startTime, endTime); if (!SecurityAuditManager.getSecurityAuditProvider().blockUserEvents()) { // Log the event webManager.logEvent("locked out user "+username, "start time = "+startTime+", end time = "+endTime); } // Close the user's connection if the lockout is immedate if (webManager.getLockOutManager().isAccountDisabled(username)) { final StreamError error = new StreamError(StreamError.Condition.not_authorized); for (ClientSession sess : webManager.getSessionManager().getSessions(XMPPServer.getInstance().createJID(username, null)) ) { sess.close(error); } // Disabled your own user account, force login if (username.equals(webManager.getAuthToken().getUsername())){ session.removeAttribute("jive.admin.authToken"); response.sendRedirect("login.jsp"); return; } } // Done, so redirect response.sendRedirect("user-properties.jsp?username=" + usernameUrlEncoded + "&locksuccess=1"); return; } // Handle a user unlock: if (unlock) { // Unlock the user's account webManager.getLockOutManager().enableAccount(username); if (!SecurityAuditManager.getSecurityAuditProvider().blockUserEvents()) { // Log the event webManager.logEvent("unlocked user "+username, null); } // Done, so redirect response.sendRedirect("user-properties.jsp?username=" + usernameUrlEncoded + "&unlocksuccess=1"); return; } pageContext.setAttribute( "usernameHtmlEscaped", StringUtils.escapeHTMLTags(JID.unescapeNode(username)) ); pageContext.setAttribute( "usernameUrlEncoded", usernameUrlEncoded ); %> <fmt:message key="user.lockout.title"/> <% if (LockOutManager.getLockOutProvider().isReadOnly()) { %>
<% } %> <% LockOutFlag flag = LockOutManager.getInstance().getDisabledStatus(username); if (flag != null) { // User is locked out %>

${usernameHtmlEscaped}"/> <% if (flag.getStartTime() != null) { %> <% } %> <% if (flag.getStartTime() != null && flag.getEndTime() != null) { %> <% } %> <% if (flag.getEndTime() != null) { %> <% } %>

"> ">
<% } else { // User is not locked out %>

${usernameHtmlEscaped}

<% if (LockOutManager.getLockOutProvider().isDelayedStartSupported()) { %>






<% } %> <% if (LockOutManager.getLockOutProvider().isTimeoutSupported()) { %>






<% } %> "> ">
<% } %> <% // Disable the form if a read-only user provider. if (LockOutManager.getLockOutProvider().isReadOnly()) { %> <% } %>