Revize has encountered a problem.

The problem may be due to a Revize setup problem, a server environment problem, a code error, or an unexpected combination of user actions.

Please try your operation again. If you receive this error a second time, then the problem probably requires technical support for resolution. Please consider copying and pasting the information from this browser window, including the technical details below, into an email (you can select all text in this browser window by clicking ctrl-A). The email should first be sent to your organization's Revize administrator. If the Revize administrator cannot resolve it, he/she should send the same information to idetix support staff.




Requested URL:   /revize/security/index.jsp

Revize Web Application, Version 4.4 (Build 100)
Minimum required Java Version: 1.3
Revize Software Systems

Runtime Message:

Error creating connection: Connection refused: connect

Stack Trace:

java.lang.Error: Error creating connection: Connection refused: connect

at revize.db.ConnectionPool.newConnection(ConnectionPool.java:132)
at revize.db.ConnectionPool.getConnection(ConnectionPool.java:94)
at _security._index__jsp._jspService(_index__jsp.java:857)
at com.caucho.jsp.JavaPage.service(JavaPage.java:75)
at com.caucho.jsp.Page.pageservice(Page.java:555)
at com.caucho.server.dispatch.PageFilterChain.doFilter(PageFilterChain.java:155)
at com.revize.filter.RzContextFilter.doFilter(RzContextFilter.java:88)
at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:84)
at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:177)
at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:221)
at com.caucho.server.hmux.HmuxRequest.handleRequest(HmuxRequest.java:392)
at com.caucho.server.port.TcpConnection.run(TcpConnection.java:315)
at com.caucho.util.ThreadPool.runTasks(ThreadPool.java:353)
at com.caucho.util.ThreadPool.run(ThreadPool.java:302)
at java.lang.Thread.run(Unknown Source)

-----------------------------------------------------------------
Failing source code: /WEB-INF/work/.../revize/security/_index.jsp.java
(/WEB-INF/work/_security/_index__jsp.java)

 857:             con = ConnectionPool.getInstance().getConnection(webSpaceName);
-----------------------------------------------------------------
   1: /*
   2:  * JSP generated by Resin-3.0.6 (built Tue, 20 Jan 2004 09:46:57 PST)
   3:  */
   4: 
   5: package _security;
   6: import javax.servlet.*;
   7: import javax.servlet.jsp.*;
   8: import javax.servlet.http.*;
   9: import javax.security.auth.*;
  10: import javax.servlet.http.*;
  11: import java.util.*;
  12: import java.text.*;
  13: import revize.store.*;
  14: import idetix.util.*;
  15: import idetix.security.UserContext;
  16: import idetix.security.*;
  17: import revize.publish.*;
  18: import revize.servlet.*;
  19: import revize.request.*;
  20: import revize.data.*;
  21: import revize.*;
  22: import revize.db.*;
  23: import revize.db.sql.*;
  24: import java.sql.*;
  25: import revize.RevizeConstants;
  26: import revize.resource.*;
  27: import revize.taglib.content.*;
  28: import revize.taglib.content.data.*;
  29: import ez.*;
  30: import ez.core.*;
  31: import ez.dom.*;
  32: import ez.util.*;
  33: import revize.util.*;
  34: import java.security.*;
  35: import revize.security.*;
  36: import revize.security.principal.*;
  37: import revize.security.permission.*;
  38: import revize.taglib.content.RZTagSupport;
  39: 
  40: public class _index__jsp extends com.caucho.jsp.JavaPage{
  41:   private boolean _caucho_isDead;
  42: 
  43: 
  44: 
  45:   //----- Declare class variables
  46:   RZTagSupport debug_rz;
  47:   JspWriter debug_out;
  48:   HttpSession debug_session;
  49: 
  50:   boolean debug_mode;
  51:   StringBuffer debug_line_buffer;
  52:   StringBuffer debug_detail;
  53: 
  54:   /**
  55:     *    Called at start of plugin
  56:    **/
  57:   boolean debug_open(String PLUGIN_NAME, String VERSION) throws Exception
  58:   {
  59:   if (true) return false;
  60:       debug_mode = false;
  61:       String mode = "";
  62:       String name = "";
  63:       String pageid = "";
  64:       while (true)
  65:       {
  66: 
  67:           //----- Get plugin_debug setting using reflection in case plugin_debug not defined
  68:           //        (e.g. before_endhead.*include.jsp missing when called via leftnav_init.jsp)
  69:           try
  70:           {
  71:               //out.println("class:" + this.getClass().getName());
  72:               java.lang.reflect.Field debugField = this.getClass().getDeclaredField("plugin_debug");
  73:               debug_mode = debugField.getBoolean(this);
  74:               if (debug_mode) break;
  75:           }
  76:           catch (Exception e)
  77:           {
  78:               //out.println("Exception: " + e.getMessage());
  79:               //e.printStackTrace();
  80:           }
  81: 
  82:           //----- Get debug options
  83:           String debugOptions = "";    //debug_session.getAttribute("REVIZE_DEBUG_PLUGIN") + "";
  84: 
  85:   /***************************************************/
  86:   /*BOOKMARK ***** hardcode debugOptions below ******/
  87:   /*************************************************/
  88:   debugOptions = "mode=burlington,name=,pageid=news_list";
  89:   debugOptions = "mode=reidsville,name=,pageid=news_list";
  90:   debugOptions = "mode=reidsville,name=,pageid=links-64";
  91: 
  92:           mode = debug_rz.getvalue(debugOptions,"mode");
  93:           name = debug_rz.getvalue(debugOptions,"name");
  94:           if (name.equals("[all]")) name = "";
  95:           pageid = debug_rz.getvalue(debugOptions,"pageid");
  96: 
  97:           if (!mode.equals(debug_rz.webspace)) break;
  98:           if (name.length() > 0 && PLUGIN_NAME.indexOf(name) == -1) break;
  99:           if (pageid.length() > 0  && !pageid.equals(debug_rz.pageid)) break;
 100:           debug_mode = true;
 101:           break;
 102:       }
 103:       //debug_out.println("webspace="+debug_rz.webspace+" pageid="+debug_rz.pageid+" PLUGIN_NAME="+PLUGIN_NAME);
 104:       //debug_out.println("mode="+mode+" name="+name+" pageid="+pageid+" debug_mode="+debug_mode);
 105:       debug_println("DEBUG enabled for: " + PLUGIN_NAME + " " + VERSION);
 106:       return debug_mode;
 107:   }
 108: 
 109:   /**
 110:    **/
 111:   void debug_print(String msg)
 112:   {
 113:       if (!debug_mode) return;
 114:       debug_line_buffer.append(msg);
 115:   }
 116:   /**
 117:    **/
 118:   void debug_println(String msg)
 119:   {
 120:       if (!debug_mode) return;
 121: 
 122:       //convert leading spaces to  
 123:       msg = msg.replaceFirst("^( )*","$1".replaceAll(" "," "));
 124: 
 125:       debug_line_buffer.append(msg);            //append to current line
 126:       debug_line_buffer.append("@@\n");        //end line
 127:       debug_detail.append(debug_line_buffer);    //append to detail
 128:       debug_line_buffer = new StringBuffer();    //clear current line
 129:   }
 130:   /**
 131:     *    Called at end of plugin to save debug output
 132:    **/
 133:   void debug_close() throws Exception
 134:   {
 135:       if (!debug_mode) return;
 136: 
 137:       debug_println("");                        //flush debug_line_buffer
 138:       if (debug_detail == null || debug_detail.length() == 0) return;
 139: 
 140:       String detail = "<div class=\"revize_debug_plugin\" style=\"display:none\">"
 141:                     + debug_detail + "</div>";
 142: 
 143:       debug_out.println(detail);
 144:   }
 145: 
 146: 
 147:   
 148: 
 149:   //***** Global (i.e. class) variables *****\\
 150: 
 151:   
 152: 
 153:   //        Going forward, please use lowercase and prefix global variables with "revize_".
 154: 
 155:   //        This convention should be followed for any variable that that might be exposed
 156: 
 157:   //        on any page created by Revize developer.  This file is exposed because it is
 158: 
 159:   //        currently included on all edit form pages via setup_editform_header.jsp.
 160: 
 161:   
 162: 
 163:   boolean isAuthenticated = true;
 164: 
 165:   boolean revize_authenticated = true;
 166: 
 167:   String revize_securitylevel = "none";
 168: 
 169:   boolean revize_access = false;
 170: 
 171:   String revize_log = "";
 172: 
 173:   
 174: 
 175:   String revize_webspace = "";
 176: 
 177:   UserContext revize_userContext = null;
 178: 
 179:   Credential revize_credential = null;
 180: 
 181:   Subject revize_subject = null;
 182: 
 183:   User revize_user = null;
 184: 
 185:   String revize_username = "";
 186: 
 187:   String revize_roles = "";
 188: 
 189:   
 190: 
 191:   boolean revize_superuser = false;
 192: 
 193:   
 194: 
 195:   DataStore revize_store = null;
 196: 
 197:   Permission revize_permission = null;
 198: 
 199:   String [] revize_permits = {"create", "read", "update", "delete"};
 200: 
 201:   
 202: 
 203:   Exception revize_exception = null;
 204: 
 205:   String revize_exception_trace = "";
 206: 
 207:   
 208: 
 209:   //***** Global (i.e. class) methods *****\\
 210: 
 211:   
 212: 
 213:   /**
 214: 
 215:   *    Get roles for revize_webspace and revize_subject
 216: 
 217:   *    Called internally and by authentication.jsp after webSpace selection
 218: 
 219:   *
 220: 
 221:   *    Input Globals
 222: 
 223:   *        revize_webspace
 224: 
 225:   *        revize_username
 226: 
 227:   *        revize_subject
 228: 
 229:   *
 230: 
 231:   *    Output Globals
 232: 
 233:   *        revize_roles
 234: 
 235:   */
 236: 
 237:   void revize_getRoles()
 238: 
 239:   {
 240: 
 241:       revize_roles = "";
 242: 
 243:       revize_credential = SecurityUtils.getSubjectCredential( revize_subject );
 244: 
 245:       if (revize_credential != null)
 246: 
 247:       {
 248: 
 249:           revize_username = revize_credential.getName();
 250: 
 251:   
 252: 
 253:           //----- Code to find out the roles of current user (MF Pooja added)
 254: 
 255:           Iterator listIterator = revize_subject.getPrincipals(Role.class).iterator();
 256: 
 257:           while( listIterator.hasNext() )
 258: 
 259:           {
 260: 
 261:               Role role = ((Role)listIterator.next());
 262: 
 263:   
 264: 
 265:               // Checks if the current role is for the current WebSpace.
 266: 
 267:               if( !role.getWebSpace().equalsIgnoreCase(revize_webspace) ) continue;
 268: 
 269:   
 270: 
 271:               String roleName = role.getName();
 272: 
 273:               if( !roleName.startsWith("_") ) revize_roles += roleName + "|";
 274: 
 275:           }
 276: 
 277:           if(revize_roles.endsWith("|"))
 278: 
 279:               revize_roles = revize_roles.substring(0, revize_roles.length()-1);
 280: 
 281:       }
 282: 
 283:   }
 284: 
 285:   
 286: 
 287:   
 288: 
 289:   /**
 290: 
 291:   *    Get module permissions for specified module.  Originally used during login
 292: 
 293:   *    (authentication.jsp and control_panel.jsp) to get links module permissions.
 294: 
 295:   *
 296: 
 297:   *    Usage will probably be extended to get all module permissions in the future.
 298: 
 299:   *
 300: 
 301:   *     @param webspace        String object specifing the webspace
 302: 
 303:   *     @param module        String specifying a module
 304: 
 305:   *     @return String        Returns a string to store as the RZpermits cookie value
 306: 
 307:   */
 308: 
 309:   String revize_getPermits( String webspace, RZTagSupport rz)
 310: 
 311:   {
 312: 
 313:       String allPermits = "";
 314: 
 315:   
 316: 
 317:       //----- It appears exceptions are not automatically caught by resin for class
 318: 
 319:       //        methods so we add code to catch them here.  Before try/catch page was
 320: 
 321:       //        forwarding back to login.jsp without any error message.
 322: 
 323:       try
 324: 
 325:       {
 326: 
 327:           String permits = "";
 328: 
 329:           String[] module = null;
 330: 
 331:           String modules="";
 332: 
 333:   
 334: 
 335:           //----- Get list of modules from page permissions (options record)
 336: 
 337:           String permissions_module = RevizeConstants.PAGE_PERMISSIONS_MODULE;
 338: 
 339:           String field = "page_roles";
 340: 
 341:           String options = "raw,noerrormessage";
 342: 
 343:           String where = permissions_module + "." + "page_key=options";
 344: 
 345:   
 346: 
 347:           if(!rz.isvalidmodule(permissions_module))
 348: 
 349:           {
 350: 
 351:               modules = "*all modules";
 352: 
 353:               rz.allmodules=rz.getModuleList(webspace);
 354: 
 355:           }
 356: 
 357:           else
 358: 
 359:           {
 360: 
 361:               modules = rz.fetch(permissions_module,field,options,where);
 362: 
 363:               if (modules.trim().length() == 0)
 364: 
 365:                   modules = permissions_module + ",home,links,content,list,list_items,global";
 366: 
 367:           }
 368: 
 369:   
 370: 
 371:           //----- If getting permits for all modules, build list of all modules
 372: 
 373:           if (!modules.startsWith("*all"))
 374: 
 375:               module = StringUtils.split( modules, "," );
 376: 
 377:           else
 378: 
 379:           {
 380: 
 381:               if (rz.allmodules == null) return "";
 382: 
 383:               module = new String[rz.allmodules.length];
 384: 
 385:               for (int i=0; i<rz.allmodules.length; i++)
 386: 
 387:               {
 388: 
 389:                   module[i] = rz.allmodules[i].getLabel();
 390: 
 391:               }
 392: 
 393:           }
 394: 
 395:   
 396: 
 397:           //----- Look up permissions for each specified module
 398: 
 399:           revize_access = false;
 400: 
 401:           revize_log += "@@Determine permits for each module";
 402: 
 403:   
 404: 
 405:           for (int j=0; j<module.length; j++)
 406: 
 407:           {
 408: 
 409:               permits = "";
 410: 
 411:               revize_log += "@@  " + module[j] + ":@@   ";
 412: 
 413:               if (revize_superuser 
 414: 
 415:               || (","+revize_roles+",").indexOf(",administrator,") != -1
 416: 
 417:               || module[j].indexOf("webspace_") != 0)
 418: 
 419:               {
 420: 
 421:                   for (int i=0; i<revize_permits.length; i++)    //for each permission...
 422: 
 423:                   {
 424: 
 425:                       revize_permission = new RecordPermission( webspace, module[j], revize_permits[i] );
 426: 
 427:                       if (revize_permission != null
 428: 
 429:                       && SecurityUtils.hasValidPermissions(revize_subject, revize_permission) )
 430: 
 431:                       {
 432: 
 433:                           permits += revize_permits[i].substring(0,1);
 434: 
 435:                           revize_access = true;
 436: 
 437:                           revize_log += " " + revize_permits[i];
 438: 
 439:                       }
 440: 
 441:                   }
 442: 
 443:               }
 444: 
 445:   
 446: 
 447:               revize_log += "@@";
 448: 
 449:               if ( !permits.equals("crud") )         //if full permissions, skip
 450: 
 451:                   allPermits += "," + module[j] + ":" + permits;
 452: 
 453:           }
 454: 
 455:       }
 456: 
 457:       catch (Exception e)
 458: 
 459:       {
 460: 
 461:           e.printStackTrace();
 462: 
 463:           revize_exception = e;
 464: 
 465:           revize_exception_trace = "Exception in isAuthentication.jsp::getPermits():\n"
 466: 
 467:                                  + idetix.util.StringUtils.convertStackTraceToString(e);
 468: 
 469:       }
 470: 
 471:       if (allPermits.startsWith(","))
 472: 
 473:           allPermits = allPermits.substring(1);
 474: 
 475:       return allPermits;
 476: 
 477:   }
 478: 
 479: 
 480:   
 481:   public void
 482:   _jspService(javax.servlet.http.HttpServletRequest request,
 483:               javax.servlet.http.HttpServletResponse response)
 484:     throws java.io.IOException, javax.servlet.ServletException
 485:   {
 486:     com.caucho.jsp.PageContextImpl pageContext = com.caucho.jsp.QJspFactory.allocatePageContext(this, request, response, "/admincenter/error.jsp", true, 8192, true);
 487:     javax.servlet.jsp.JspWriter out = (javax.servlet.jsp.JspWriter) pageContext.getOut();
 488:     javax.servlet.ServletConfig config = getServletConfig();
 489:     javax.servlet.Servlet page = this;
 490:     javax.servlet.http.HttpSession session = pageContext.getSession();
 491:     javax.servlet.ServletContext application = pageContext.getServletContext();
 492:     response.setContentType("text/html");
 493:     try {
 494:       out.write(_jsp_string0, 0, _jsp_string0.length);
 495:       
 496:   // set some headers to force various browsers to not cache pages
 497:   response.setHeader("Cache-Control", "no-cache");
 498:   response.setHeader("Pragma", "no-cache");
 499: 
 500:   // set expired date to previous day, tricking some browsers into
 501:   // thinking that thier cache is too old.
 502:   GregorianCalendar cal = new GregorianCalendar();
 503:   cal.roll( Calendar.DAY_OF_MONTH, -1 );
 504:   java.util.Date yesterday = cal.getTime();
 505:   SimpleDateFormat formatter = new SimpleDateFormat();
 506:   formatter.applyPattern( "EEE, dd MMM yyyy HH:mm:ss z" );
 507:   String expiredDate = formatter.format(yesterday);
 508:   response.setHeader("Expires", expiredDate ); 
 509: 
 510:       out.write(_jsp_string1, 0, _jsp_string1.length);
 511:       
 512: //From - /util/setup_editlist_header.jsp
 513: String revize_menus_leftnav = "";
 514: String revize_menu_filter = "";
 515: String revize_menu_linkplacement = "";
 516: String revize_menu_minlevel = "";
 517: boolean revize_menu_empty = false;
 518: String revize_menu_leftnav_embedded = "";
 519:     //----- Set up the ContentSupport class if not already created in the request scope
 520:     //         must be made available to the taglib via the pageContext attribute.
 521:     RZTagSupport rz = (RZTagSupport)
 522:     pageContext.getAttribute( ContentSupport.ATTRIBUTE_PAGE_TAG_SUPPORT );
 523: 
 524:     if ( rz == null )
 525:     {
 526:         rz = new RZTagSupport(pageContext);
 527:         pageContext.setAttribute( ContentSupport.ATTRIBUTE_PAGE_TAG_SUPPORT, rz );
 528:     }
 529: 
 530:     //----- revize declared as ResourceReader on edit page (not servlet class)
 531:     ResourceReader revize = null;            // now initialized in rz.setup()
 532:     rz.setup (revize, "list", request, response);    // fixed page type (list)
 533:     revize = rz.revize;
 534:     DataStore RZstore = rz.getDataStore();
 535: 
 536: 
 537:       
 538: 
 539: //***** TODO: move to RZTagSupport *****\\
 540: /**
 541: *    Determine topsection id for some plugins (e.g. flash banner, slideshow)
 542: **/
 543: String topsectionid = rz.pagesectionid;
 544: if (!topsectionid.equals(""))
 545: {
 546:     String myparentid = rz.pageparentid;
 547:     int cnt = 0;
 548:     while (true && !rz.pagerecordid.equals(""))    //not top section or home page
 549:     {
 550:         cnt++;
 551:         rz.fetch("links","linktosectionid", "_recordid="+topsectionid);
 552:         if (rz.content.equals("0")) break;    //parent section is home
 553: 
 554:         topsectionid = rz.content;
 555:         if (cnt == 10) break;
 556:     }
 557: }
 558: 
 559:       
 560: 
 561: 
 562: //----- Initialize class variables
 563: /*
 564: debug_rz = rz;
 565: debug_out = out;
 566: debug_session = request.getSession();
 567: */
 568: 
 569: debug_mode = false;
 570: debug_detail = new StringBuffer();
 571: debug_line_buffer = new StringBuffer();
 572: 
 573: 
 574:       out.write(_jsp_string2, 0, _jsp_string2.length);
 575:       
 576: //***** Inline code executed where include occurs *****\\
 577: 
 578: //----- Initialize any changable variables
 579: isAuthenticated = true;
 580: revize_authenticated = true;
 581: revize_securitylevel = "none";
 582: revize_access = false;
 583: revize_log = "";
 584: 
 585: revize_webspace = "";
 586: revize_userContext = null;
 587: revize_credential = null;
 588: revize_subject = null;
 589: revize_user = null;
 590: revize_username = "";
 591: revize_roles = "";
 592: 
 593: revize_superuser = false;
 594: 
 595: revize_store = null;
 596: revize_permission = null;
 597: 
 598: Exception revize_exception = null;
 599: String revize_exception_trace = "";
 600: 
 601: //----- Get userContext if defined (else create)
 602: revize_userContext = (UserContext)session.getAttribute( SessionAccess.USER_CONTEXT_ATTRIBUTE );
 603: if ( revize_userContext == null )
 604: {
 605:     isAuthenticated = false;
 606:     revize_userContext = new UserContext();
 607:     session.putValue( SessionAccess.USER_CONTEXT_ATTRIBUTE, revize_userContext );
 608: }
 609: 
 610: //----- If webspace undefined, set to REVIZE
 611: //revize_webspace = revize_userContext.getWebSpaceName();
 612: revize_webspace=request.getParameter("webspace");
 613: if( revize_webspace == null || revize_webspace.equals("") )
 614:     revize_webspace = DataStore.DEFAULT_WEBSPACE_NAME;
 615: 
 616: //----- If webspace is REVIZE, look for webspace parameter
 617: if( revize_webspace.equals(DataStore.DEFAULT_WEBSPACE_NAME) )
 618: {
 619:     String webspace = idetix.util.StringUtils.getParameter(request,"webspace");
 620:     if (webspace.length() > 0)
 621:     {
 622:         revize_webspace = webspace;
 623:         revize_userContext.setWebSpaceName( DataStore.DEFAULT_WEBSPACE_NAME );
 624:     }
 625: }
 626: 
 627: //----- If Security Enabled, determine level and check subject
 628: if ( RevizeProperties.isAuthenticationActive() )
 629: {
 630:     // determine security level
 631:     revize_securitylevel = "login";
 632:     if ( RevizeProperties.isAuthorizationActive() )
 633:         revize_securitylevel = "full";
 634: 
 635:     // determine if valid user (subject exists)
 636:     if ( revize_userContext.getSubject() == null )
 637:     {
 638:         isAuthenticated = false;
 639:         //TODO: this might be security hole that passes authentication
 640:         //revize_userContext.setSubject( new Subject() );
 641:     }
 642: }
 643: //----- If security NOT Enabled, always return authenticated
 644: else
 645: {
 646:     isAuthenticated = true;
 647: }
 648: 
 649: if (isAuthenticated)
 650: {
 651:     revize_subject = revize_userContext.getSubject();
 652:     revize_user = SecurityUtils.getSubjectUser( revize_subject );
 653: 
 654:     revize_getRoles();
 655: 
 656:     revize_store = DataStoreFactory.createDefault( revize_webspace, revize_subject );
 657: 
 658:     revize_superuser = true;
 659:     if (revize_securitylevel.equals("full"))
 660:         revize_superuser = SecurityUtils.isSubjectSuperUser( revize_subject );
 661: }
 662: revize_authenticated = isAuthenticated;
 663: 
 664:       out.write(_jsp_string3, 0, _jsp_string3.length);
 665:       
 666: 
 667: /*---------------------------------------------------------------------------------------------
 668: Called to logout or login user to a supplied or selected webSpace
 669: 
 670: Ideally this section of code will go into a JSP include file that is included
 671: for pages performing authentication functions by the <rz:setup...> tag.
 672: 
 673: Currently the logic assumes this page is at: /revize/security/
 674: (see TODO: commemts)
 675: 
 676: Funtion Descriptions
 677: --------------------
 678: When the login button is pressed, the login credentials are submitted to Revize
 679: and control transfers to authentication.jsp if the login is sucessfull or back
 680: to this page if the login is unsuccessful (in which case an error message is
 681: displayed)
 682: 
 683: The authentication.jsp page saves login information in cookies that is
 684: subsequently used by edit and published pages.  Published pages only display
 685: action buttons if the logged in user is logged into the same webSpace as used
 686: the for publishing pages.
 687: 
 688: After saving login information, authentication.jsp transfers control to the
 689: calling page as determined when this page is first called and saved in a cookie.
 690: If the calling page can not be determined, a stock page displayed whether the
 691: login was sucessfull or canceled.
 692: 
 693: When cancel is clicked, control transfers to the calling page if appropriate.
 694: 
 695: When logout is clicked, the current login credentials are discarded, login
 696: information stored in cookies cleared and control transfers to the calling page
 697: if appropriate.
 698: 
 699: A status message displays Demosite password when website is unknown or "demositeII"
 700: 
 701: 
 702: Determining the return page
 703: ---------------------------
 704: This gets a bit complicated because this page can be called in the following ways:
 705: 
 706: 1.    By entering /revize/security/ (or /revize/security/index.jsp) into the browser url.
 707:     In this case, the location property will contain this pages actual filename.
 708:     The referrer property will be blank.  When login is sucessfull, we either return
 709:     to a page specified when this page was first called or the login_complete page
 710:     simply indicates a successfull login.  Cancel uses the login_canceled to display
 711:     a message.  If cancel is pressed before submitting and login credentials, we can
 712:     simply go back to the prior page.
 713: 
 714: 2.    From a link on a published page or non-Revize controled page.  In this case the
 715:     referrer property will provide the url of the calling page.
 716: 
 717: 3.    Automatically from an edit form page (or optionally from an edit list page)
 718:     when no user is currently logged in or the current logged user does not have
 719:     proper access to the module to be edited.
 720: 
 721:     When called from an editform or editlist page due to improper permissions, a
 722:     jsp:forward command is used and this page's url will reflect the url of the
 723:     editform/list page.  In this case the referrer property represents the prior page.
 724:     In this case the pagetype parameter is specified on the url.
 725: 
 726:     NOTE: The screen size might not be correct if called from a popup edit form.
 727: 
 728: 4.    By the Revize servlet when invalid login credentials are submitted or by
 729:     authentication.jsp when the user does not have appropriate permissions based
 730:     on information passed from an editform or editlist page automatic call.  We
 731:     know we have been called this way by checking the request paramter on the url.
 732: 
 733: 5.    TODO: This screen could be opened in a popup window itself.  The code does not
 734:     yet deal with this scenario.
 735: 
 736: Only when this page is first called, can we most acurately determine how we have
 737: been called.  The referrer property and edit page url are not available after login
 738: credentials have been submitted to Revize and an error is reported.
 739: 
 740: 
 741: Determining the webSpace name
 742: -----------------------------
 743: The webspace name can be passed on the Url as described below and takes precedence.
 744: 
 745: If called from a Revize controled page, the webSpace name may be passed on the
 746: url, as the currently set webSpace (edit pages), or available in a cookie set by
 747: published pages (templates) when hyperlinked from the Revize web server.
 748: 
 749: If called non-Revize pages and the webSpace is not passed on the url, it can be
 750: selected after login is sucessfull.  If there is only one choice, it is selected
 751: automatically.
 752: 
 753: 
 754: Arguments - passed on Url
 755: -------------------------
 756: returnurl        Indicates where control should transfer after all sucessfull
 757: returnUrl        operations or cancel clicked.  If not specified control returns
 758:                 the calling page on sucessful login, logout or cancel unless
 759:                 automatically called from an edit list or edit form page because
 760:                 no user is currently logged in or does not has access to create
 761:                 or update records in the module being edited.
 762: 
 763: cancelurl        Page where control transfer if login canceled (optional)
 764:                 If not specified, control returns to calling page
 765: 
 766: pagetype        Type of calling page assumed to be set if automatically called
 767:                 from an editlist or editform page.
 768: 
 769: request            (internal use only ) Set to last request when calling Revize
 770:                 from this page.  If blank, additional initialization occurs.
 771: 
 772: 
 773: Cookies - Input
 774: ---------------
 775: RZmodule        Optional module being created or updated.  Login not sucessfull unless
 776:                 user has proper access to either read or create modules.
 777: 
 778: RZeditaction    Required Record permissions on RZmodule in order to access page.
 779: 
 780: RZwebspace        Contains the webspace name and page url that set the Cookie.  This
 781:                 can be used to determine the webspace when not passed on the url
 782:                 (it is only used if the calling page url matches the cookie url)
 783: 
 784: RZmessage        Set by authentication after login if user does not have permissions.
 785:                 It is cleared prior to submitting login credentials and not used
 786:                 when login page is first displayed.
 787: 
 788: 
 789: Cookies - Output
 790: ----------------
 791: RZlogin                Login sets to *ALL if authentication and/or authorization
 792:                     is disabled.  Logout clears in all cases.
 793: 
 794: RZnextUrl            Page to recieve control on after a successfull login.
 795: RZcancelUrl            Canidate to recieve control when login is canceled.
 796: 
 797: RZeditFormReturnUrl If not blank, used when login is canceled on edit form call.
 798: RZeditListReturnUrl used when login is canceled on edit list call.
 799: 
 800: ---------------------------------------------------------------------------------------------*/
 801: 
 802:     //----- Get arguments for this page.
 803:     String str="";
 804:     String lastrequest = StringUtils.getParameter(request,"request");
 805:     String pagetype = StringUtils.getParameter(request,"pagetype");
 806:     String returnUrl = StringUtils.getParameter(request,"returnurl");
 807:     if ( returnUrl.equals("") )    //backward compatibility
 808:         StringUtils.getParameter(request,"returnUrl");
 809:     String cancelUrl = StringUtils.getParameter(request,"cancelurl");
 810:     String webSpaceName = StringUtils.getParameter(request,"webspace");
 811:     String live_channel_url="";
 812:     String revize_channel_url="";
 813:     String filename= StringUtils.getParameter(request,"filename");
 814:     filename=StringUtils.replaceAll(filename,"*decodeand*","&");
 815: 
 816: 
 817:       out.write(_jsp_string4, 0, _jsp_string4.length);
 818:       out.print(( !RevizeProperties.isAuthenticationActive() ));
 819:       out.write(_jsp_string5, 0, _jsp_string5.length);
 820:       out.print(( isAuthenticated ));
 821:       out.write(_jsp_string6, 0, _jsp_string6.length);
 822:       out.print((revize_username));
 823:       out.write(_jsp_string7, 0, _jsp_string7.length);
 824:       out.print(( pagetype ));
 825:       out.write(_jsp_string8, 0, _jsp_string8.length);
 826:       out.print(( lastrequest ));
 827:       out.write(_jsp_string9, 0, _jsp_string9.length);
 828:       out.print((returnUrl));
 829:       out.write(_jsp_string10, 0, _jsp_string10.length);
 830:       out.print((filename));
 831:       out.write(_jsp_string11, 0, _jsp_string11.length);
 832:       
 833:     //----- Check for auto login
 834:     boolean autologin = false;
 835:     if (lastrequest.equals("")
 836:     && request.getParameter("userid") != null
 837:     && request.getParameter("password") != null)
 838:         autologin = true;
 839: 
 840:     //----- If autologin and returnUrl is specified
 841:     if (autologin && !returnUrl.equals("") )
 842:     {
 843:         
 844:       out.write(_jsp_string12, 0, _jsp_string12.length);
 845:       out.print((request.getParameter("set")));
 846:       out.write(_jsp_string13, 0, _jsp_string13.length);
 847:       
 848:     }
 849: 
 850: 
 851:     //Derive the revize channel url
 852:     Connection con=null;
 853:     if(!webSpaceName.equals(""))
 854:     {
 855:         try
 856:         {
 857:             con = ConnectionPool.getInstance().getConnection(webSpaceName);
 858:             List channels = ChannelSQL.getInstance().readChannels(con);
 859:             Channel live_channel = PublishingUtils.getLiveChannel(channels);
 860:             live_channel_url = live_channel.getBaseUrl();
 861: 
 862:             Iterator itr = channels.iterator();
 863:             while(itr.hasNext())
 864:             {
 865:                 //System.out.println("revize channel url = " + revize_channel_url);
 866:                 ChannelImpl c = (ChannelImpl)itr.next();
 867:                 if(c.getLabel().equals("revize") || c.getDescription().startsWith("Revize Server"))
 868:                 {
 869:                     revize_channel_url = c.getBaseUrl();
 870:                     break;
 871: 
 872:                 }
 873:             }
 874:         }
 875:         catch(Exception e)
 876:         {
 877:             e.printStackTrace();
 878:         }
 879:         finally
 880:         {
 881:             ConnectionPool.getInstance().replaceConnection(con);
 882:         }
 883:     }
 884: 
 885:       out.write(_jsp_string14, 0, _jsp_string14.length);
 886:       out.print((cancelUrl));
 887:       out.write(_jsp_string15, 0, _jsp_string15.length);
 888:       out.print((webSpaceName));
 889:       out.write(_jsp_string16, 0, _jsp_string16.length);
 890:       out.print((revize_channel_url));
 891:       out.write(_jsp_string17, 0, _jsp_string17.length);
 892:       out.print((live_channel_url));
 893:       out.write(_jsp_string18, 0, _jsp_string18.length);
 894:       
 895:                 webSpaceName = SessionAccess.getWebSpaceName( request );
 896:                 // if not currently set or its REVIZE, set to blank meaning unknown
 897:                 if (webSpaceName == null || webSpaceName.equals("REVIZE"))
 898:                     webSpaceName = "";
 899:                 
 900:       out.write(_jsp_string19, 0, _jsp_string19.length);
 901:       out.print((webSpaceName));
 902:       out.write(_jsp_string20, 0, _jsp_string20.length);
 903:        if (autologin)
 904:                 {
 905:                     
 906:       out.write(_jsp_string21, 0, _jsp_string21.length);
 907:       
 908:                 }
 909:                 else    // ***** Start of NOT autologin code
 910:                 {
 911:                 
 912:       out.write(_jsp_string22, 0, _jsp_string22.length);
 913:       
 914:                 String errorReason = (String)request.getAttribute(XmlRequestServlet.ERROR_MESSAGE_ATTRIBUTE );
 915:                 if ( errorReason != null )
 916:                 {
 917:                 
 918:       out.write(_jsp_string23, 0, _jsp_string23.length);
 919:       out.print(( errorReason ));
 920:       out.write(_jsp_string24, 0, _jsp_string24.length);
 921:       }
 922:       out.write(_jsp_string25, 0, _jsp_string25.length);
 923:       if(errorReason == null){
 924:       out.write(_jsp_string25, 0, _jsp_string25.length);
 925:       }
 926:       out.write(_jsp_string26, 0, _jsp_string26.length);
 927:       
 928:                     //-- PERMISSION DETAILS IF AVAILABLE (future <error...> tag) --
 929:                     //***** NOTE: please review and update comments at top of page when changing logic
 930:                     // RZeditPage only known when login page first displayed
 931:                     // and called from editform or editlist page
 932:                     if ( pagetype.equals("editform") || pagetype.equals("editlist") )
 933:                     {
 934:                         if ( lastrequest.equals("") )
 935:                         {
 936:                 
 937:       out.write(_jsp_string27, 0, _jsp_string27.length);
 938:       }
 939:                   }
 940: 
 941:                 
 942:       out.write(_jsp_string28, 0, _jsp_string28.length);
 943:       
 944:                 if ( RevizeProperties.isAuthenticationActive())
 945:                     {
 946:               
 947:       out.write(_jsp_string29, 0, _jsp_string29.length);
 948:       }
 949:       out.write(_jsp_string30, 0, _jsp_string30.length);
 950:       }
 951:       out.write(_jsp_string31, 0, _jsp_string31.length);
 952:        if(autologin) { 
 953:       out.write(_jsp_string32, 0, _jsp_string32.length);
 954:       out.print((StringUtils.getParameter(request,"userid")));
 955:       out.write(_jsp_string33, 0, _jsp_string33.length);
 956:       out.print((StringUtils.getParameter(request,"password")));
 957:       out.write(_jsp_string34, 0, _jsp_string34.length);
 958:        } 
 959:       out.write(_jsp_string35, 0, _jsp_string35.length);
 960:       out.print(( isAuthenticated ));
 961:       out.write(_jsp_string36, 0, _jsp_string36.length);
 962:       
 963:     // There may be two types of actions: login or invalidateandlogin. invalidate and login will only
 964:     // occur if a login was attempted with session management on and there was already a session
 965:     // open for the userid. We default the action to login.
 966:     String action = new String("login");
 967: 
 968:     String sessionException = (String)request.getAttribute("sessionException");
 969:     if(sessionException != null && sessionException.equalsIgnoreCase("true")) {
 970:         action = new String("invalidateandlogin");
 971:     }
 972: 
 973:       out.write(_jsp_string37, 0, _jsp_string37.length);
 974:       out.print((action));
 975:       out.write(_jsp_string38, 0, _jsp_string38.length);
 976:     } catch (java.lang.Throwable _jsp_e) {
 977:       pageContext.handlePageException(_jsp_e);
 978:     } finally {
 979:       com.caucho.jsp.QJspFactory.freePageContext(pageContext);
 980:     }
 981:   }
 982: 
 983:   private com.caucho.java.LineMap _caucho_line_map;
 984:   private java.util.ArrayList _caucho_depends = new java.util.ArrayList();
 985: 
 986:   public boolean _caucho_isModified()
 987:   {
 988:     if (_caucho_isDead)
 989:       return true;
 990:     if (com.caucho.util.CauchoSystem.getVersionId() != 1174304628)
 991:       return true;
 992:     for (int i = _caucho_depends.size() - 1; i >= 0; i--) {
 993:       com.caucho.make.Dependency depend;
 994:       depend = (com.caucho.make.Dependency) _caucho_depends.get(i);
 995:       if (depend.isModified())
 996:         return true;
 997:     }
 998:     return false;
 999:   }
1000: 
1001:   public long _caucho_lastModified()
1002:   {
1003:     return 0;
1004:   }
1005: 
1006:   public com.caucho.java.LineMap _caucho_getLineMap()
1007:   {
1008:     return _caucho_line_map;
1009:   }
1010: 
1011:   public void destroy()
1012:   {
1013:       _caucho_isDead = true;
1014:       super.destroy();
1015:   }
1016: 
1017:   public void init(com.caucho.java.LineMap lineMap,
1018:                    com.caucho.vfs.Path appDir)
1019:     throws javax.servlet.ServletException
1020:   {
1021:     com.caucho.vfs.Path resinHome = com.caucho.util.CauchoSystem.getResinHome();
1022:     com.caucho.vfs.MergePath mergePath = new com.caucho.vfs.MergePath();
1023:     mergePath.addMergePath(appDir);
1024:     mergePath.addMergePath(resinHome);
1025:     com.caucho.loader.DynamicClassLoader loader;
1026:     loader = (com.caucho.loader.DynamicClassLoader) getClass().getClassLoader();
1027:     String resourcePath = loader.getResourcePathSpecificFirst();
1028:     mergePath.addClassPath(resourcePath);
1029:     _caucho_line_map = new com.caucho.java.LineMap("_index__jsp.java", "foo");
1030:     _caucho_line_map.add("/util/setup_common_header.jsp", 65, 43);
1031:     _caucho_line_map.add("/security/isAuthenticated.jsp", 65, 147);
1032:     _caucho_line_map.add("/util/cacheControl.jsp", 3, 495);
1033:     _caucho_line_map.add("/util/setup_editlist_header.jsp", 31, 525);
1034:     _caucho_line_map.add("/util/setup_common_header.jsp", 1, 576);
1035:     _caucho_line_map.add(51, 598);
1036:     _caucho_line_map.add("/security/isAuthenticated.jsp", 231, 614);
1037:     _caucho_line_map.add("/security/index.jsp", 39, 792);
1038:     _caucho_line_map.add(193, 1096);
1039:     _caucho_line_map.add(194, 1098);
1040:     _caucho_line_map.add(195, 1100);
1041:     _caucho_line_map.add(196, 1102);
1042:     _caucho_line_map.add(197, 1104);
1043:     _caucho_line_map.add(198, 1106);
1044:     _caucho_line_map.add(199, 1108);
1045:     _caucho_line_map.add(201, 1110);
1046:     _caucho_line_map.add(213, 1134);
1047:     _caucho_line_map.add(215, 1136);
1048:     _caucho_line_map.add(256, 1212);
1049:     _caucho_line_map.add(261, 1214);
1050:     _caucho_line_map.add(262, 1216);
1051:     _caucho_line_map.add(263, 1218);
1052:     _caucho_line_map.add(309, 1220);
1053:     _caucho_line_map.add(315, 1232);
1054:     _caucho_line_map.add(394, 1234);
1055:     _caucho_line_map.add(399, 1240);
1056:     _caucho_line_map.add(407, 1250);
1057:     _caucho_line_map.add(412, 1260);
1058:     _caucho_line_map.add(413, 1262);
1059:     _caucho_line_map.add(414, 1264);
1060:     _caucho_line_map.add(415, 1266);
1061:     _caucho_line_map.add(418, 1268);
1062:     _caucho_line_map.add(433, 1288);
1063:     _caucho_line_map.add(447, 1296);
1064:     _caucho_line_map.add(462, 1304);
1065:     _caucho_line_map.add(483, 1306);
1066:     _caucho_line_map.add(548, 1308);
1067:     _caucho_line_map.add(549, 1310);
1068:     _caucho_line_map.add(550, 1312);
1069:     _caucho_line_map.add(558, 1314);
1070:     _caucho_line_map.add(586, 1316);
1071:     _caucho_line_map.add(655, 1318);
1072:     _caucho_line_map.add(667, 1340);
1073:     com.caucho.vfs.Depend depend;
1074:     depend = new com.caucho.vfs.Depend(appDir.lookup("security/index.jsp"), "jZ5rjgdx7m/2dF3H5qEeTQ==", false);
1075:     _caucho_depends.add(depend);
1076:     depend = new com.caucho.vfs.Depend(appDir.lookup("util/cacheControl.jsp"), "RVE+9LKR4qj1X14YsV/DbQ==", false);
1077:     _caucho_depends.add(depend);
1078:     depend = new com.caucho.vfs.Depend(appDir.lookup("util/setup_editlist_header.jsp"), "tk5KqAcW5sxDRCEyFeBkIQ==", false);
1079:     _caucho_depends.add(depend);
1080:     depend = new com.caucho.vfs.Depend(appDir.lookup("util/setup_common_header.jsp"), "BuVudBuZJ3eav92cLQ2dUg==", false);
1081:     _caucho_depends.add(depend);
1082:     depend = new com.caucho.vfs.Depend(appDir.lookup("security/isAuthenticated.jsp"), "NNJD1iOqmDoqJFUwootoKw==", false);
1083:     _caucho_depends.add(depend);
1084:     depend = new com.caucho.vfs.Depend(appDir.lookup("security/revizelogin/revizelogin_usernotes.jsp"), "GxG8XP5AYVSiNNTz/x5xjA==", false);
1085:     _caucho_depends.add(depend);
1086:   }
1087: 
1088:   private final static char []_jsp_string21;
1089:   private final static char []_jsp_string36;
1090:   private final static char []_jsp_string32;
1091:   private final static char []_jsp_string5;
1092:   private final static char []_jsp_string13;
1093:   private final static char []_jsp_string24;
1094:   private final static char []_jsp_string17;
1095:   private final static char []_jsp_string22;
1096:   private final static char []_jsp_string7;
1097:   private final static char []_jsp_string6;
1098:   private final static char []_jsp_string27;
1099:   private final static char []_jsp_string16;
1100:   private final static char []_jsp_string26;
1101:   private final static char []_jsp_string1;
1102:   private final static char []_jsp_string20;
1103:   private final static char []_jsp_string30;
1104:   private final static char []_jsp_string33;
1105:   private final static char []_jsp_string8;
1106:   private final static char []_jsp_string31;
1107:   private final static char []_jsp_string23;
1108:   private final static char []_jsp_string15;
1109:   private final static char []_jsp_string2;
1110:   private final static char []_jsp_string0;
1111:   private final static char []_jsp_string3;
1112:   private final static char []_jsp_string12;
1113:   private final static char []_jsp_string28;
1114:   private final static char []_jsp_string35;
1115:   private final static char []_jsp_string10;
1116:   private final static char []_jsp_string25;
1117:   private final static char []_jsp_string34;
1118:   private final static char []_jsp_string18;
1119:   private final static char []_jsp_string29;
1120:   private final static char []_jsp_string9;
1121:   private final static char []_jsp_string14;
1122:   private final static char []_jsp_string37;
1123:   private final static char []_jsp_string11;
1124:   private final static char []_jsp_string38;
1125:   private final static char []_jsp_string4;
1126:   private final static char []_jsp_string19;
1127:   static {
1128:     _jsp_string21 = "\r\n                    <input type=\"hidden\" name=\"userID\"/>\r\n                    <input type=\"hidden\" name=\"password\"/>\r\n                    ".toCharArray();
1129:     _jsp_string36 = "\r\n------------------------------------------------------------------------------*/\r\nfunction validate()\r\n{\r\n    alert('Change Password Function Not Enabled')\r\n    return false;\r\n\r\n\r\n    if (document.login.userID.value == '') {\r\n        alert('UserId must be specified to Change Password');\r\n        document.login.userID.focus();\r\n        return false;\r\n    }\r\n    document.searchForm.searchstring.value = document.login.userID.value\r\n    return true;\r\n}\r\n\r\nfunction loginRequest1()\r\n{\r\n     window.location.href = \"../admincenter/verifyUser.jsp\";\r\n}\r\n\r\n/*------------------------------------------------------------------------------\r\ncalled by Login button; for some reason, it requires 2 calls to IsPopupBlocker()\r\n------------------------------------------------------------------------------*/\r\nfunction loginRequest()\r\n{\r\n\r\n    //----- If authentication is not enabled, create global cookie and quit.\r\n    if (RZisSecurityDisabled) {\r\n        RZsetCookieValue('RZlogin','*ALL#' + RZ.page.domain)\r\n        location = 'login_complete.html'\r\n        return false\r\n    }\r\n\r\n    if (document.login.userID.value == '')\r\n    {\r\n        alert( 'Username required for login')\r\n        document.login.userID.focus()\r\n        return false\r\n    }\r\n\r\n    if (document.login.password.value == '')\r\n    {\r\n        alert( 'Password required for login')\r\n        document.login.password.focus()\r\n        return false\r\n    }\r\n\r\n    RZsetCookieValue('RZmessage', '')\r\n\r\n    document.login.action = '/revize/XmlRequestServlet'\r\n                          + '?forward=security/authentication.jsp'\r\n                          + '&error=security/index.jsp'\r\n                          + '&request=login'\r\n                          + '&domain=' + RZ.page.domain\r\n                          + '&filename=' + filename\r\n    if (RZpagetype != '')\r\n        document.login.action += '&pagetype=' + RZpagetype\r\n\r\n    if (RZwebspace != '')\r\n        document.login.action += '&webspace=' + RZwebspace\r\n\r\n    if (RZmodule != '')\r\n        document.login.action += '&module=' + RZmodule\r\n\r\n    if (RZrecordaccess != '')\r\n        document.login.action += '&recordaccess=' + RZrecordaccess\r\n\r\n".toCharArray();
1130:     _jsp_string32 = "\r\n        document.login.userID.value = '".toCharArray();
1131:     _jsp_string5 = "\r\n    var RZisAuthenticated = ".toCharArray();
1132:     _jsp_string13 = "'\r\n        returnUrl = returnUrl+ '?new&set=' + escape(setValue);\r\n        ".toCharArray();
1133:     _jsp_string24 = "</p>\r\n                ".toCharArray();
1134:     _jsp_string17 = "'\r\n    var live_channel_url = '".toCharArray();
1135:     _jsp_string22 = "\r\n\r\n                <!-- PAGE HEADING WITH WEBSPACE NAME -->\r\n\r\n                ".toCharArray();
1136:     _jsp_string7 = "';\r\n    var RZpagetype = '".toCharArray();
1137:     _jsp_string6 = "\r\n    var RZusername = '".toCharArray();
1138:     _jsp_string27 = "\r\n                    <div class=\"alert alert-error text-left\">\r\n                         <button type=\"button\" class=\"close\" data-dismiss=\"alert\">×</button>\r\n                         Sorry You Might Not Have Permission to Edit Page:\r\n                        <script>document.write( RZeditPage.substring(8) )</script> Or You Might Have Been Logged Out. Try Logging Back In.\r\n                    </div><!-- end alert -->\r\n                ".toCharArray();
1139:     _jsp_string16 = "'    //webspace from url\r\n    var revize_channel_url = '".toCharArray();
1140:     _jsp_string26 = "\r\n\r\n\r\n                 ".toCharArray();
1141:     _jsp_string1 = "\r\n\r\n    \r\n".toCharArray();
1142:     _jsp_string20 = "'\r\n            }\r\n        }\r\n        else\r\n        {\r\n            // filename is preferred method of getting nextUrl\r\n            if (filename && revize_channel_url)\r\n            {\r\n                if(revize_channel_url.charAt(revize_channel_url.length) == '/')\r\n                    revize_channel_url = revize_channel_url.substring(0,revize_channel_url.length-1)\r\n\r\n                if(filename.charAt(0) == '/')\r\n                    filename = filename.substring(1)\r\n\r\n                nextUrl = revize_channel_url + '/' + filename;\r\n            }\r\n\r\n            // use referrer if filename and revize_channel not both defined\r\n            else if (document.referrer != '')    //called from non edit page hyperlink\r\n                nextUrl = document.referrer\r\n\r\n            // cancelUrl defaults to nextUrl if not specified\r\n            if (cancelUrl=='' && nextUrl)\r\n                cancelUrl = nextUrl;\r\n\r\n            //----- If webspace name unknown but stored in cookie by calling page, use it.\r\n            if (RZwebspace == '' && nextUrl)\r\n                RZwebspace = RZgetCookieValue('RZwebspace', nextUrl)\r\n        }\r\n\r\n\r\n        RZmessage = 'Calling Edit Page: '   + RZeditPage + '\\n'\r\n                  + 'document.referrer: '   + document.referrer + '\\n'\r\n                  + 'nextUrl: ' + nextUrl + '\\n'\r\n                  + 'cancelurl: ' + cancelUrl + '\\n'\r\n                  + 'webSpace: '            + RZwebspace + '\\n'\r\n        RZtrace(\"Initialization Information (first call)\", RZmessage)\r\n\r\n        // append bookmark if nextUrl defined and called from calendar_app\r\n        // (probably always show append but if nextUrl defined this is safer)\r\n        if (nextUrl.indexOf('/calendar_app/') != -1)\r\n            nextUrl += location.hash;\r\n        RZsetCookieValue( 'RZnextUrl', nextUrl )\r\n        RZsetCookieValue( 'RZfileName', filename )\r\n        //RZsetCookieValue( 'RZcancelUrl', cancelUrl )\r\n    }\r\n/*****     ___________________________________________________\r\n          |                                                   |\r\n          |  End of all code eligible for future JSP include  |\r\n          |___________________________________________________|\r\n*****/\r\n</script>\r\n\r\n<div class=\"container\">\r\n\r\n          <!--[if lt IE 8]>\r\n            <div class=\"span12\">\r\n                <div class=\"alert alert-error no-more-ie clearfix\">\r\n                    <div class=\"browser-icons clearfix\">\r\n                        <a href=\"https://www.google.com/intl/en/chrome/browser/\"><img src=\"/revize/util/ui/img/icons/chrome.png\" alt=\"chrome\"></a>\r\n                        <a href=\"http://www.mozilla.org/en-US/firefox/new/\"><img src=\"/revize/util/ui/img/icons/firefox.png\" alt=\"firefox\"></a>\r\n                        <a href=\"http://windows.microsoft.com/en-us/internet-explorer/download-ie\"><img src=\"/revize/util/ui/img/icons/ie.png\" alt=\"ie\"></a>\r\n                        <a href=\"http://www.apple.com/safari/\"><img src=\"/revize/util/ui/img/icons/safari.png\" alt=\"safari\"></a>\r\n                    </div>\r\n                     <span><b>You are using an outdated browser</b>. For a better experience using Revize, please upgrade to a modern browser by clicking on one of the icons to the right</span>\r\n                </div>\r\n            </div>\r\n          <![endif]-->\r\n\r\n          <div id=\"login-form\">\r\n\r\n            <div class=\"logo text-center\"><img src=\"/revize/util/ui/img/logo.png\" alt=\"Revize\"></div>\r\n            <p class=\"lead text-center\">Content Management Made Simple. Login below to edit your site</p>\r\n\r\n            <div class=\"padding\">\r\n\r\n            <form name=\"login\" method=\"post\">\r\n              <input type = \"hidden\" name = \"XMLString\"/>\r\n\r\n                ".toCharArray();
1143:     _jsp_string30 = "\r\n\r\n\r\n            <form method=POST name=\"searchForm\" action=\"\">\r\n\r\n            <div class=\"row-fluid\">\r\n                <div class=\"btn-group clearfix\">\r\n                    <input name = \"submit1\" type=\"submit\" class=\"btn btn-success\"\r\n                      onClick=\"return loginRequest();\"  value=\"Login\">\r\n\r\n                    <input name=\"reset1\" type=\"button\" class=\"btn btn-danger\"\r\n                      onClick=\"cancel();\"  value=\"Cancel\">\r\n\r\n                    <input name=\"logout\" type=\"button\" class=\"btn btn-info\"\r\n                      onClick=\"logoutRequest();\" value=\"Logout\">\r\n                </div><!-- end btn-group -->\r\n            </div>\r\n\r\n                <!-- Enter text and/or html that will be displayed on login page -->\r\n\r\n\r\n\r\n                ".toCharArray();
1144:     _jsp_string33 = "'\r\n        document.login.password.value = '".toCharArray();
1145:     _jsp_string8 = "'\r\n    var RZlastrequest = '".toCharArray();
1146:     _jsp_string31 = "\r\n            </form>\r\n\r\n            </form>\r\n\r\n            <a href=\"#myModal\" role=\"button\" data-toggle=\"modal\" class=\"forgot-pass text-left\"><small>Oh snap! I forgot my password</small></a>\r\n\r\n                <!-- Modal -->\r\n                <div id=\"myModal\" class=\"modal hide fade text-left\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"myModalLabel\" aria-hidden=\"true\">\r\n                  <div class=\"modal-header\">\r\n                    <button type=\"button\" class=\"close\" data-dismiss=\"modal\" aria-hidden=\"true\">\u00c3\u0097</button>\r\n                    <h3 id=\"myModalLabel\">Reset Your Password</h3>\r\n                  </div>\r\n                  <div class=\"modal-body\">\r\n                    <p>For security reasons you have two options to reset your password. Option #1 post a request <a href=\"http://redmine.revize.com/\">here</a>. Option #2 give us a call at 248-269-9263.</p>\r\n                  </div>\r\n                  <div class=\"modal-footer\">\r\n                    <button class=\"btn btn-inverse\" data-dismiss=\"modal\" aria-hidden=\"true\"><i class=\"fui-cross\"></i> Close</button>\r\n                  </div>\r\n                </div>\r\n\r\n            </div><!-- end padding -->\r\n\r\n    </div><!-- end login-form -->\r\n\r\n    <div class=\"count row-fluid text-center\">\r\n        <div class=\"span4\">\r\n            <h3>+1200<small> Clients</small></h3>\r\n        </div>\r\n        <div class=\"span4\">\r\n            <h3>+3 Million<small> Pages Created</small></h3>\r\n        </div>\r\n        <div class=\"span4\">\r\n            <h3>1<small> Easy CMS</small></h3>\r\n        </div>\r\n    </div>\r\n\r\n</div><!-- end container -->\r\n\r\n<div id=\"rz-fixed-footer\">\r\n    <small>\u00c2\u00a9 <script language=\"JavaScript\" type=\"text/javascript\">\r\n    now = new Date\r\n    theYear=now.getYear()\r\n    if (theYear < 1900)\r\n    theYear=theYear+1900\r\n    document.write(theYear)\r\n</script> Revize. All Rights Reserved</small>\r\n\r\n</div><!-- end rz-fixed-footer -->\r\n\r\n<script>\r\n/*****     ___________________________________________________\r\n          |                                                   |\r\n          |  Start of code eligible for a future js include   |\r\n          |___________________________________________________|\r\n*****/\r\n\r\n\r\n/*------------------------------------------------------------------------------\r\nPage onLoad handler\r\n------------------------------------------------------------------------------*/\r\nfunction setup()\r\n{\r\n\r\n    if(RZisSecurityDisabled) return\r\n    ".toCharArray();
1147:     _jsp_string23 = "\r\n                <p class=\"alert alert-error text-left\">".toCharArray();
1148:     _jsp_string15 = "'\r\n\r\n    var RZmodule = ''\r\n    var RZrecordaccess = ''\r\n    var RZloginmessage = RZgetCookieValue( 'RZmessage' )\r\n    var RZwebspace = '".toCharArray();
1149:     _jsp_string2 = "\n\n\r\n    ".toCharArray();
1150:     _jsp_string0 = "<!DOCTYPE html>\r\n<html lang=\"en\">\r\n  <head>\r\n    <meta charset=\"utf-8\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\">\r\n    <title>Revize CMS Login</title>\r\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, user-scalable=0, minimum-scale=1.0, maximum-scale=1.0\">\r\n\r\n    <!-- Loading Revize UI -->\r\n    <link href=\"/revize/util/ui/css/font-awesome.min.css\" rel=\"stylesheet\">\r\n    <link href=\"/revize/util/ui/css/revize-ui.css\" rel=\"stylesheet\">\r\n    <link href=\"/revize/security/style.css\" rel=\"stylesheet\">\r\n\r\n    <link rel=\"shortcut icon\" href=\"/revize/util/ui/img/favicon.ico\">\r\n    <link rel=\"apple-touch-icon\" href=\"/revize/util/ui/img/touch-icon-iphone.png\">\r\n    <link rel=\"apple-touch-icon\" sizes=\"72x72\" href=\"/revize/util/ui/img/touch-icon-ipad.png\">\r\n    <link rel=\"apple-touch-icon\" sizes=\"114x114\" href=\"/revize/util/ui/img/touch-icon-iphone4.png\">\r\n    <link rel=\"apple-touch-icon\" sizes=\"144x144\" href=\"/revize/util/ui/img/touch-icon-ipad2.png\">\r\n\r\n<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->\r\n<!--[if lt IE 9]>\r\n    <script src=\"http://html5shim.googlecode.com/svn/trunk/html5.js\"></script>\r\n  <script src=\"/revize/util/ui/js/respond.min.js\"></script>\r\n<![endif]-->\r\n\r\n<!--[if IE 7]>\r\n    <link rel=\"stylesheet\" href=\"/revize/util/ui/css/font-awesome-ie7.css\">\r\n<![endif]-->\r\n   </head>\r\n\r\n<body onLoad=\"setup()\">\r\n\r\n    \r\n\r\n".toCharArray();
1151:     _jsp_string3 = "\r\n\r\n    ".toCharArray();
1152:     _jsp_string12 = "\r\n        setValue= '".toCharArray();
1153:     _jsp_string28 = "\r\n\r\n            <!-- MESSAGES FROM AUTHENTICATION.JSP (future <error...> tag) -->\r\n            <script>\r\n                if (RZloginmessage != '') document.write(\r\n                    '<div class=\"alert alert-error text-left\">',\r\n                    RZloginmessage,\r\n                    '</div>',\r\n                    '')\r\n            </script>\r\n\r\n               ".toCharArray();
1154:     _jsp_string35 = "\r\n\r\n    document.login.userID.focus();\r\n    document.login.userID.select()\r\n\r\n}\r\n/*------------------------------------------------------------------------------\r\ncalled by Change Password button\r\n\r\n<securityrequest>\r\n<action>update</action>\r\n\r\n<webspacename>REVIZE</webspacename>\r\n\r\n<requestobject>\r\n<subjectwrapper>\r\n    <id>1</id>\r\n    <userid><![CDATA[daveotto]]></userid>\r\n    <version><![CDATA[0]]></version>\r\n    <firstname><![CDATA[dave]]></firstname>\r\n    <middlename><![CDATA[]]></middlename>\r\n    <lastname><![CDATA[otto]]></lastname>\r\n    <password><![CDATA[revize]]></password>\r\n    <email><![CDATA[]]></email>\r\n</subjectwrapper>\r\n</requestobject>\r\n\r\n</securityrequest>\r\n    var RZisAuthenticated = ".toCharArray();
1155:     _jsp_string10 = "';\r\n    var filename = '".toCharArray();
1156:     _jsp_string25 = "\r\n                ".toCharArray();
1157:     _jsp_string34 = "'\r\n\r\n        if(document.login.userID.value != '' && document.login.password.value != '')\r\n        {\r\n            loginRequest();\r\n            document.login.submit();\r\n            return;\r\n        }\r\n    ".toCharArray();
1158:     _jsp_string18 = "';\r\n\r\n\r\n    RZ.message = 'Security Enabled: ' + !RZisSecurityDisabled + '\\n'\r\n              + 'Authenticated: '     + RZisAuthenticated + '\\n'\r\n              + 'Caller Page Type: '  + RZpagetype + '\\n'\r\n              + 'Current Username: '  + RZusername + '\\n'\r\n              + 'Last Request: '      + RZlastrequest + '\\n'\r\n              + 'webSpace: '          + RZwebspace + '\\n'\r\n    RZtrace(\"Login Page Loaded\", RZ.message)\r\n\r\n\r\n    //----- When first called determine how called and where to return.\r\n    //        Information must be saved in cookies because on subsequent calls:\r\n    //        referrer is not correct, and edit page url can not be determined.\r\n\r\n    //***** NOTE: please review and update comments at top of page when changing logic\r\n\r\n    if (RZlastrequest == '')    // if first call\r\n    {\r\n        RZloginmessage = ''\r\n\r\n        //----- Determine calling edit page name if called via jsp:forward\r\n        //        TODO: Assumes this page is located at: /revize/security/\r\n        RZeditPage = location.pathname\r\n        var str = '/revize/security'\r\n\r\n        if (RZeditPage.substring(0,str.length) == str)    //not called via jsp forward\r\n            RZeditPage = ''\r\n\r\n        //----- Determine nextUrl for success\r\n        if (returnUrl != '')            //return url specified\r\n        {\r\n            nextUrl = returnUrl\r\n            if (cancelUrl=='') cancelUrl = nextUrl\r\n        }\r\n        else if (RZeditPage != '')            //called from an edit page...\r\n        {\r\n            nextUrl = RZeditPage + location.search\r\n            if (cancelUrl=='') cancelUrl = document.referrer    //...page that called the calling edit page\r\n\r\n            RZmodule = RZgetCookieValue( 'RZmodule' )\r\n            RZrecordaccess = RZgetCookieValue( 'RZrecordaccess' )\r\n\r\n            if (RZwebspace == '')\r\n            {\r\n                ".toCharArray();
1159:     _jsp_string29 = "\r\n\r\n            <div class=\"input-prepend controls\">\r\n                <span class=\"add-on\"><i class=\"icon-user icon-large\"></i></span>\r\n                   <input name=\"userID\" type=\"text\" id=\"appendedInput\" placeholder=\"username\" required/>\r\n            </div>\r\n\r\n            <div class=\"input-prepend controls\">\r\n                <span class=\"add-on\"><i class=\"icon-lock icon-large\"></i></span>\r\n                <input name=\"password\" type=\"password\" id=\"password\" placeholder=\"password\" required />\r\n            </div>\r\n\r\n           ".toCharArray();
1160:     _jsp_string9 = "'\r\n    var returnUrl = '".toCharArray();
1161:     _jsp_string14 = "\r\n\r\n    var RZeditPage = ''\r\n    var nextUrl = ''\r\n    var cancelUrl = '".toCharArray();
1162:     _jsp_string37 = "\r\n    document.login.XMLString.value = '<securityrequest>\\n'\r\n                                   + '<action>".toCharArray();
1163:     _jsp_string11 = "';\r\n\r\n".toCharArray();
1164:     _jsp_string38 = "</action>\\n'\r\n                                   + '<webspacename/>\\n'\r\n                                   + '<requestobject>\\n'\r\n                                   + '<subjectwrapper>\\n'\r\n                                   + '  <id>-1</id>\\n'\r\n                                   + '  <userid><![CDATA['+document.login.userID.value\r\n                                   + ']]></userid>\\n'\r\n                                   + '  <password><![CDATA['+document.login.password.value\r\n                                   + ']]></password>\\n'\r\n                                   + '</subjectwrapper>\\n'\r\n                                   + '</requestobject>\\n'\r\n                                   + '</securityrequest>\\n'\r\n\r\n\r\n    RZmessage = 'document.referrer: ' + document.referrer + '\\n'\r\n              + 'form submit action: ' + document.login.action + '\\n'\r\n              + 'XML String: \\n' + document.login.XMLString.value + '\\n'\r\n    RZtrace(\"Login Request\", RZmessage)\r\n    RZsetCookieValue( 'RZcancelUrl', cancelUrl )\r\n\r\n    return true\r\n}\r\n/*------------------------------------------------------------------------------\r\ncalled by LOGOUT button\r\n------------------------------------------------------------------------------*/\r\nfunction logoutRequest(){\r\n    document.login.action = '/revize/XmlRequestServlet'\r\n                          + '?forward=security/login_canceled.jsp'\r\n                          + '&error=security/index.jsp'\r\n                          + '&request=logout'\r\n\r\n    document.login.XMLString.value = '<securityrequest>\\n'\r\n                                   + '<action>logout</action>\\n'\r\n                                   + '<webspacename/>\\n'\r\n                                   + '<requestobject>\\n'\r\n                                   + '<subjectwrapper>\\n'\r\n                                   + '  <id>-1</id>\\n'\r\n                                   + '</subjectwrapper>\\n'\r\n                                   + '</requestobject>\\n'\r\n                                   + '</securityrequest>\\n'\r\n\r\n\r\n    RZmessage = 'document.referrer: ' + document.referrer + '\\n'\r\n              + 'form submit action: ' + document.login.action + '\\n'\r\n              + 'XML String: \\n' + document.login.XMLString.value + '\\n'\r\n    RZtrace(\"Logout Request\", RZmessage)\r\n\r\n    if (live_channel_url)\r\n    {\r\n        var pathfilename = document.referrer;\r\n        if (pathfilename)\r\n        {\r\n            var revizePath = RZgetfileinfo(revize_channel_url).pathfilename;\r\n            pathfilename = RZgetfileinfo(document.referrer).pathfilename;\r\n            pathfilename = pathfilename.substr(revizePath.length);\r\n        }\r\n        var url = live_channel_url + pathfilename;\r\n\r\n        RZsetCookieValue( 'RZcancelUrl', url )\r\n    }\r\n    RZsetCookieValue('RZlogin','')\r\n\r\n    //----- If authentication is not enabled, create global cookie and quit.\r\n    if (RZisSecurityDisabled)\r\n    {\r\n        location = 'login_complete.html'\r\n    }else\r\n    {\r\n        document.login.submit()\r\n    }\r\n}\r\n/*------------------------------------------------------------------------------\r\ncalled by Cancel button\r\n***** NOTE: please review and update comments at top of page when changing logic\r\n------------------------------------------------------------------------------*/\r\nfunction cancel()\r\n{\r\n    var url = ''\r\n    if (RZpagetype=='editform')\r\n        url = RZgetCookieValue('RZeditFormReturnUrl')\r\n    else if (RZpagetype=='editlist')\r\n        url = RZgetCookieValue('RZeditListReturnUrl')\r\n\r\n    if (url =='')\r\n        url = RZgetCookieValue('RZcancelUrl')\r\n\r\n\r\n    //----- If no cancel Url is known and we have not submitted any login\r\n    //        credentials, we can try going back to the prior screen.\r\n    //        In some cases, it may be necessary to click cancel more than once.\r\n    if (url == '' && RZlastrequest == '' && history.length > 0) url = -1\r\n\r\n\r\n    RZtrace( 'Cancel Login from index.jsp', 'next url: ' + url)\r\n\r\n    if ( url != '' && !isNaN(url))\r\n        history.go(url)\r\n    else if (url != '')\r\n        document.location.replace( url )\r\n    else\r\n        document.location.replace ( '/revize/security/login_canceled.jsp' )\r\n\r\n}\r\n</script>\r\n\r\n    <script src=\"/revize/util/ui/js/jquery-1.8.3.min.js\"></script>\r\n    <script src=\"/revize/util/ui/js/bootstrap.js\"></script><!-- also avaliable bootstrap.min.js  -->\r\n    <script src=\"/revize/security/js/supersized.js\"></script>\r\n    <script>\r\n        jQuery(function($){\r\n\r\n            $.supersized({\r\n\r\n                // Functionality\r\n                start_slide             :   0,            // Start slide (0 is random)\r\n                new_window                :    1,            // Image links open in new window/tab\r\n                image_protect            :    1,            // Disables image dragging and right click with Javascript\r\n\r\n                // Size & Position\r\n                min_width                :   0,            // Min width allowed (in pixels)\r\n                min_height                :   0,            // Min height allowed (in pixels)\r\n                vertical_center         :   1,            // Vertically center background\r\n                horizontal_center       :   1,            // Horizontally center background\r\n                fit_always                :    0,            // Image will never exceed browser width or height (Ignores min. dimensions)\r\n                fit_portrait             :   1,            // Portrait images will not exceed browser height\r\n                fit_landscape            :   0,            // Landscape images will not exceed browser width\r\n\r\n                // Components\r\n                slides                     :      [            // Slideshow Images\r\n\r\n                                                    {image : '../security/bgimages/17.jpg', title : 'Image Credit:unsplash.com'},\r\n                                                    {image : '../security/bgimages/18.jpg', title : 'Image Credit:unsplash.com'},\r\n                                                    {image : '../security/bgimages/19.jpg', title : 'Image Credit:unsplash.com'},\r\n                                                    {image : '../security/bgimages/20.jpg', title : 'Image Credit:unsplash.com'},\r\n                                                    {image : '../security/bgimages/21.jpg', title : 'Image Credit:unsplash.com'},\r\n                                                    {image : '../security/bgimages/22.jpg', title : 'Image Credit:unsplash.com'},\r\n\r\n                                            ]\r\n\r\n            });\r\n        });\r\n\r\n    </script>\r\n</body>\r\n</html>".toCharArray();
1165:     _jsp_string4 = "\r\n<script language = \"JavaScript\" src=\"/revize/util/snippet_helper.js\"></script>\r\n<script language = \"JavaScript\">\r\n    var RZisSecurityDisabled = ".toCharArray();
1166:     _jsp_string19 = "\r\n                RZwebspace = '".toCharArray();
1167:   }
1168: }