Esup Activaccount Portlet - Installation Guide

Auteur : Fabrice Jammes, Sang Hun Bang (University of Paris 1)

Important note

Due to some limitations using AJAX in esup-commons portlet, this tools can only be used in servlet mode. This isn't a big problem
because this tool is only used by anonymous users who wish to activate their LDAP account.

How does it work ?

esup-activ offers a web interface which allow to the members of your institutions to activate their LDAP account online.

LDAP account must have been created previously with another script. For example a PERL script can export accounts from your
human ressources database to LDAP directory every night. Benoît Branciard (Benoit dot Branciard arobase univ-paris1 dot fr) has written
it for Paris 1 University.
These account are created with a null LDAP attribute shadowLastChange, a set of LDAP attributes extracted from human ressources database (name, birthdate, address, ...), and a pre-defined LDAP password, generated by a secret algorithm with a set of these LDAP attributes.

esup-activ first presents a form where the user is asked some personal informations (user ID in human ressource database, user name and birthdate by default).

Next esup-activ uses these information to retrieve the user inactive account in LDAP directory.

Then esup-activ, deduce LDAP user preset password from LDAP user attributes.

The user can now choose a secure password and is given it's LDAP login, mail address and portal login URL.

Finally, esup-activ updates LDAP attribute shadowLastChange, and LDAP user password.

Installation

esup-activation relies on esup-commons, so it can be installed as an described in esup-commons documentation : http://sourcesup.cru.fr/esup-commons/admin/index.html

Download esup-activaccount-<version>.zip from the projectsite

Unzip the file somewhere on a working directory

To configure this application you have to adapt some configuration files. Every time you will find a <fileName>-example.<extension> example file that you can copy to <fileName>.<extension> before adapting.

Adapt build.properties
Adapt properties/esup-activ.properties for exception handling configuration, SMTP configuration, LDAP configuration
esup-activaccount doesn't use any database.

Test your configuration:
- ant test-config
- ant test-smtp
- ant test-ldap

Deploy the application:
- ant deploy

You can modify application look by updating esup-activ/webapp/media/portlet.css

Configuration

You can configure your application. For this: adapt file properties/esup-activ.properties directory.

You must also modify method : org.esupportail.activ.domain.beans.Account.generateInitialPassword().

public void generateInitialPassword() {
        /* TODO : input your password generation algorithm here */
        initialPassword = "initialseed#";
        SimpleDateFormat format =
            new SimpleDateFormat("ddMMyyyy");
        initialPassword += format.format(this.birthDate)+"#";
        initialPassword += this.harpegeNumber+"#";

        initialPassword += StringTools.cleanAllSpecialChar(this.birthName)+"#";

    }

Here you must implement your algorithm of generation of initial password. It must be the same that the one implemented in the script
used to create nightly LDAP user accounts from human ressources database.

After ending configuration and conding of your password generation algorithm, use ant deploy to deploy again your application.