diff --git a/src/main/java/caosdb/server/CaosDBServer.java b/src/main/java/caosdb/server/CaosDBServer.java
index 22e941dbc2a20db8d7603a7e6ad95a37c582d358..89ff1b71a1f47183e5b994342cd7171da4ef9486 100644
--- a/src/main/java/caosdb/server/CaosDBServer.java
+++ b/src/main/java/caosdb/server/CaosDBServer.java
@@ -859,6 +859,7 @@ class CaosDBComponent extends Component {
@Override
public void handle(final Request request, final Response response) {
long t1 = System.currentTimeMillis();
+ // The server request ID is just a long random number
request.getAttributes().put("SRID", Utils.getUID());
response.setServerInfo(CaosDBServer.getServerInfo());
super.handle(request, response);
diff --git a/src/main/java/caosdb/server/accessControl/UserSources.java b/src/main/java/caosdb/server/accessControl/UserSources.java
index 2097478c2e8b87cb61c96b33fe2a5b389bac48a6..a3f35c11b0f3bcc10e67397bd8c48c6e969fcc7d 100644
--- a/src/main/java/caosdb/server/accessControl/UserSources.java
+++ b/src/main/java/caosdb/server/accessControl/UserSources.java
@@ -44,7 +44,7 @@ public class UserSources extends HashMap<String, UserSource> {
public static final String ANONYMOUS_ROLE = "anonymous";
private static final Logger logger = LoggerFactory.getLogger(UserSources.class);
- public static final String KEY_DEAULT_REALM = "defaultRealm";
+ public static final String KEY_DEFAULT_REALM = "defaultRealm";
public static final String KEY_REALMS = "defaultRealm";
public static final String KEY_REALM_CLASS = "class";
@@ -162,7 +162,7 @@ public class UserSources extends HashMap<String, UserSource> {
}
public static String getDefaultRealm() {
- return instance.map.getSectionProperty(Ini.DEFAULT_SECTION_NAME, KEY_DEAULT_REALM);
+ return instance.map.getSectionProperty(Ini.DEFAULT_SECTION_NAME, KEY_DEFAULT_REALM);
}
public static Set<String> resolve(final PrincipalCollection principals) {
diff --git a/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java b/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
index 709825c8176e0e759249efb41c5e8fd075829959..07fa343967a08f6dc936deca65f279199c5ae029 100644
--- a/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
+++ b/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
@@ -75,8 +75,8 @@ public abstract class AbstractCaosDBServerResource extends ServerResource {
private final HashMap<String, String> flags = new HashMap<String, String>();
private Long timestamp = null;
private static final XMLParser xmlparser = new XMLParser();
- protected String sRID = null;
- private String cRID = null;
+ protected String sRID = null; // Server side request ID
+ private String cRID = null; // Client side request ID
private String[] requestedItems = null;
private ArrayList<Integer> requestedIDs = new ArrayList<Integer>();
private ArrayList<String> requestedNames = new ArrayList<String>();
@@ -86,6 +86,11 @@ public abstract class AbstractCaosDBServerResource extends ServerResource {
private static final long serialVersionUID = -6836378704013776849L;
}
+ /**
+ * Returns the (probably unique) server request ID.
+ *
+ * @return The server request ID.
+ */
public String getSRID() {
return this.sRID;
}
@@ -156,6 +161,19 @@ public abstract class AbstractCaosDBServerResource extends ServerResource {
@Override
protected void doRelease() {}
+ /**
+ * Creates the XML root.
+ *
+ * <p>The XML root node contains:
+ *
+ * <p>
+ *
+ * <ul>
+ * <li>User info as per addUserInfo
+ * <li>The sRID (server-side request ID)
+ * <li>A timestamp
+ * <li>The URI to this resource.
+ */
protected Element generateRootElement() {
final Element retRoot = new Element("Response");
@@ -413,6 +431,11 @@ public abstract class AbstractCaosDBServerResource extends ServerResource {
return root;
}
+ /**
+ * Returns the client request ID, which can be set by the client.
+ *
+ * @return The cRID.
+ */
public String getCRID() {
return cRID;
}
diff --git a/src/main/java/caosdb/server/utils/ServerMessages.java b/src/main/java/caosdb/server/utils/ServerMessages.java
index 454834e2e065d9bd9359f73b8efbe0d19eae8c1e..124962182a114f05f7bfabee377841412594a828 100644
--- a/src/main/java/caosdb/server/utils/ServerMessages.java
+++ b/src/main/java/caosdb/server/utils/ServerMessages.java
@@ -292,7 +292,7 @@ public class ServerMessages {
new Message(
MessageType.Error,
0,
- "This password is too weak. It should be longer than 8 characters and contain at least one number, one symbol, one uppercase letter and one lowercase letter. ");
+ "This password is too weak. It should be longer than 8 characters and sufficiently random. ");
public static final Message AFFILIATION_ERROR =
new Message(
diff --git a/src/main/java/caosdb/server/utils/Utils.java b/src/main/java/caosdb/server/utils/Utils.java
index 2916b2420c0386b71eb8dec18e47781fe8bae925..1e6b60d7e0274223a1123e63aafb9568cfeaf25d 100644
--- a/src/main/java/caosdb/server/utils/Utils.java
+++ b/src/main/java/caosdb/server/utils/Utils.java
@@ -252,8 +252,9 @@ public class Utils {
}
/**
- * Intended to convert sizes to human readably sizes. TODO: might be broken because of the log
- * function above.
+ * Converts file sizes to human readably sizes.
+ *
+ * <p>For example, getReadableByteSize(2048) == "2KiB".
*/
public static String getReadableByteSize(final Long fssize) {
if (fssize == null) {
@@ -280,10 +281,10 @@ public class Utils {
/**
* Determines the strength of a password. Currently this just throws an error when the String
- * password does not at least contain - An uppercase char - A lowercase char - A number - A
+ * `password` does not at least contain - An uppercase char - A lowercase char - A number - A
* punctuation char and if the length is not at least 8 characters.
*
- * <p>correcthorsebatterystaple would be rejected.
+ * <p>correcthorsebatterystaple is also rejected.
*
* @param password The password to be checked.
*/
@@ -297,5 +298,9 @@ public class Utils {
if (!(length && uppercase && lowercase && number && punct)) {
throw ServerMessages.PASSWORD_TOO_WEAK;
}
+
+ if (password.equals("correcthorsebatterystaple")) {
+ throw ServerMessages.PASSWORD_TOO_WEAK;
+ }
}
}
diff --git a/src/test/java/caosdb/server/resource/TestAbstractCaosDBServerResource.java b/src/test/java/caosdb/server/resource/TestAbstractCaosDBServerResource.java
index 8f2cee53b1708f2185564f32f19e3ef1c3d958c7..81baabd4797842f1cbbc61f990d6ea580553de85 100644
--- a/src/test/java/caosdb/server/resource/TestAbstractCaosDBServerResource.java
+++ b/src/test/java/caosdb/server/resource/TestAbstractCaosDBServerResource.java
@@ -86,9 +86,7 @@ public class TestAbstractCaosDBServerResource {
assertNotNull(userInfo);
}
- /**
- * Creates a dummy usersources.ini and injects it into the server properties.
- */
+ /** Creates a dummy usersources.ini and injects it into the server properties. */
private void provideUserSourcesFile() throws IOException {
String usersourcesFileName = tempFolder.newFile("usersources.ini").getAbsolutePath();
String usersourcesContent =
diff --git a/src/test/java/caosdb/server/utils/UtilsTest.java b/src/test/java/caosdb/server/utils/UtilsTest.java
index 527428ee134b1e5ee23be5f27df3ccc41101c1c4..c75d5a3ad861ac5b4c5ff9dfc905767479fb1a4f 100644
--- a/src/test/java/caosdb/server/utils/UtilsTest.java
+++ b/src/test/java/caosdb/server/utils/UtilsTest.java
@@ -2,7 +2,7 @@
* ** header v3.0
* This file is a part of the CaosDB Project.
*
- * Copyright (C) 2018 Research Group Biomedical Physics,
+ * Copyright (C) 2019 Research Group Biomedical Physics,
* Max-Planck-Institute for Dynamics and Self-Organization Göttingen
*
* This program is free software: you can redistribute it and/or modify