From ae84629a2eb6351bc0ece12e71cab689831cd2c0 Mon Sep 17 00:00:00 2001
From: Sofia Baltzi <>
Date: Fri, 4 May 2018 14:35:27 +0000
Subject: [PATCH] Fix javascript messages and Add some more checks for the
 input values at ResetPassword, AddPassword, Verify and Activate. Add
 InputValidator.Java

---
 .../usermanagement/ActivationCodeServlet.java | 45 +++++++-----
 .../usermanagement/AddPasswordServlet.java    | 42 ++++++++---
 .../usermanagement/ForgotPasswordServlet.java |  1 -
 .../usermanagement/RegisterServlet.java       |  1 -
 .../usermanagement/ResetPasswordServlet.java  | 42 +++++++----
 .../VerificationCodeServlet.java              | 36 +++++++---
 ...ndLinkURIAuthenticationSuccessHandler.java |  6 ++
 .../usermanagement/security/JWTGenerator.java |  1 +
 .../usermanagement/utils/InputValidator.java  | 71 +++++++++++++++++++
 src/main/webapp/activate.jsp                  | 10 +--
 src/main/webapp/addPassword.jsp               | 34 +++++----
 src/main/webapp/expiredVerificationCode.jsp   |  2 +-
 src/main/webapp/js/validation.js              | 55 +++++++++++++-
 src/main/webapp/resetPassword.jsp             | 71 +++++++++++--------
 src/main/webapp/verify.jsp                    | 19 ++---
 15 files changed, 326 insertions(+), 110 deletions(-)
 create mode 100644 src/main/java/eu/dnetlib/openaire/usermanagement/utils/InputValidator.java

diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/ActivationCodeServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/ActivationCodeServlet.java
index 6957c86..9a2cc31 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/ActivationCodeServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/ActivationCodeServlet.java
@@ -3,6 +3,7 @@ package eu.dnetlib.openaire.usermanagement;
 import eu.dnetlib.openaire.user.utils.LDAPActions;
 import eu.dnetlib.openaire.user.utils.VerificationActions;
 import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor;
+import eu.dnetlib.openaire.usermanagement.utils.InputValidator;
 import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
@@ -47,27 +48,37 @@ public class ActivationCodeServlet extends HttpServlet{
         String formUsername = request.getParameter("username").trim();
         String formVerificationCode = request.getParameter("verification_code").trim();
 
-        if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) {
-            if (!verificationActions.verificationCodeHasExpired(formUsername)) {
-                HttpSession session = request.getSession();
-                session.setAttribute("username", formUsername);
-                session.setAttribute("homeUrl", oidcHomeUrl);
-                try {
-                    ldapActions.moveUser(formUsername);
-                } catch (Exception e) {
-                    logger.error("LDAP error in moving user", e);
-                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
-                    //response.sendRedirect("./error.jsp");
+        if (InputValidator.isFilled(formUsername) && InputValidator.isFilled(formVerificationCode)) {
+            if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) {
+                if (!verificationActions.verificationCodeHasExpired(formUsername)) {
+                    HttpSession session = request.getSession();
+                    session.setAttribute("username", formUsername);
+                    session.setAttribute("homeUrl", oidcHomeUrl);
+                    try {
+                        ldapActions.moveUser(formUsername);
+                    } catch (Exception e) {
+                        logger.error("LDAP error in moving user", e);
+                        response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
+                    }
+                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "registerSuccess.jsp"));
+                } else {
+                    logger.info("Verification code has expired!");
+                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp"));
                 }
-                response.sendRedirect(UrlConstructor.getRedirectUrl(request, "registerSuccess.jsp"));
-                //response.sendRedirect("./registerSuccess.jsp");
             } else {
-                logger.info("Verification code has expired!");
-                response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp"));
-                //response.sendRedirect("./expiredVerificationCode.jsp");
+                logger.info("Username or activation code are not valid!");
+                request.getSession().setAttribute("message", "Username or activation code are not valid.");
+                response.sendRedirect("./activate.jsp");
             }
         } else {
-            request.getSession().setAttribute("message", "Username or activation code are not valid.");
+            if (!InputValidator.isFilled(formUsername)) {
+                logger.info("No username");
+                request.getSession().setAttribute("msg_username_error", "Please enter your username.");
+            }
+            if (!InputValidator.isFilled(formVerificationCode)) {
+                logger.info("No activation code");
+                request.getSession().setAttribute("msg_activation_code_error", "Please enter your activation code.");
+            }
             response.sendRedirect("./activate.jsp");
         }
         printWriter.close();
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/AddPasswordServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/AddPasswordServlet.java
index 9f48817..f85f7ef 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/AddPasswordServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/AddPasswordServlet.java
@@ -2,6 +2,7 @@ package eu.dnetlib.openaire.usermanagement;
 
 import eu.dnetlib.openaire.user.utils.LDAPActions;
 import eu.dnetlib.openaire.user.utils.VerificationActions;
+import eu.dnetlib.openaire.usermanagement.utils.InputValidator;
 import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor;
 import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -43,23 +44,42 @@ public class AddPasswordServlet extends HttpServlet {
         HttpSession session = request.getSession();
         String username = (String) session.getAttribute("username");
 
+        if (username == null){
+            logger.info("Empty username in session");
+        }
+
         String password = request.getParameter("password");
         String confirmPassword = request.getParameter("password_conf");
 
-        if (password.equals(confirmPassword) && username != null) {
-            try {
-                ldapActions.resetPassword(username, password);
-                logger.info("password added");
-            } catch (Exception e) {
-                logger.error("LDAP error in adding password", e);
-                response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
-                //response.sendRedirect("./error.jsp");
+        if (InputValidator.isFilled(password)) {
+            if (InputValidator.isValidPassword(password) && password.equals(confirmPassword) && username !=null) {
+                try {
+                    ldapActions.resetPassword(username, password);
+                    logger.info("password added");
+                    session.removeAttribute("username");
+                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "success.jsp"));
+                } catch (Exception e) {
+                    logger.error("LDAP error in adding password", e);
+                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
+                }
+            } else {
+                if (!InputValidator.isValidPassword(password)) {
+                    logger.info("No valid password");
+//                    request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed.");
+                }
+                if (!password.equals(confirmPassword)) {
+                    logger.info("No matching passwords");
+//                    request.getSession().setAttribute("msg_pass_conf_error", "These passwords don't match.");
+                }
+                response.sendRedirect("./addPassword.jsp");
             }
+        } else {
+            logger.info("Empty password");
+            request.getSession().setAttribute("msg_password_error_display", "display:block" );
+//            request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed.");
+            response.sendRedirect("./resetPassword.jsp");
         }
 
-        session.removeAttribute("username");
-        response.sendRedirect(UrlConstructor.getRedirectUrl(request, "success.jsp"));
-        //response.sendRedirect("./success.jsp");
         printWriter.close();
 
     }
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java
index 9be82e0..45063f8 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java
@@ -120,7 +120,6 @@ public class ForgotPasswordServlet extends HttpServlet {
             } catch (LDAPException ldape) {
                 logger.error("LDAP error", ldape);
                 response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
-                //response.sendRedirect("./error.jsp");
 
             } catch (MessagingException e) {
                 logger.error("Error in sending email", e);
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServlet.java
index 17a81ee..6a43da7 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServlet.java
@@ -182,7 +182,6 @@ public class RegisterServlet extends HttpServlet {
             }catch (Exception e) {
                 logger.error("LDAP error in creating user", e);
                 response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
-                //response.sendRedirect("./error.jsp");
             }
 
         } else {
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java
index edf73f5..cbd3b11 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java
@@ -2,12 +2,14 @@ package eu.dnetlib.openaire.usermanagement;
 
 import eu.dnetlib.openaire.user.utils.LDAPActions;
 import eu.dnetlib.openaire.user.utils.VerificationActions;
+import eu.dnetlib.openaire.usermanagement.utils.InputValidator;
 import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor;
 import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.context.support.SpringBeanAutowiringSupport;
 
+import javax.persistence.criteria.CriteriaBuilder;
 import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -50,21 +52,35 @@ public class ResetPasswordServlet extends HttpServlet {
         String password = request.getParameter("password");
         String confirmPassword = request.getParameter("password_conf");
 
-        if (password.equals(confirmPassword) && username != null) {
-            try {
-                ldapActions.resetPassword(username, password);
-                logger.info("password resetted");
-            } catch (Exception e) {
-                logger.error("LDAP error in resetting password", e);
-                response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
-                //response.sendRedirect("./error.jsp");
+        if (InputValidator.isFilled(password)) {
+            if (InputValidator.isValidPassword(password) && password.equals(confirmPassword) && username != null) {
+                try {
+                    ldapActions.resetPassword(username, password);
+                    logger.info("password resetted");
+                    session.removeAttribute("username");
+                    session.setAttribute("homeUrl", oidcHomeUrl);
+                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "success.jsp"));
+                } catch (Exception e) {
+                    logger.error("LDAP error in resetting password", e);
+                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
+                }
+            } else {
+                if (!InputValidator.isValidPassword(password)) {
+                    logger.info("No valid password");
+//                    request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed.");
+                }
+                if (!password.equals(confirmPassword)) {
+                    logger.info("No matching passwords");
+//                    request.getSession().setAttribute("msg_pass_conf_error", "These passwords don't match.");
+                }
+                response.sendRedirect("./resetPassword.jsp");
             }
+        } else {
+            logger.info("Empty password");
+            request.getSession().setAttribute("msg_password_error_display", "display:block" );
+//            request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed.");
+            response.sendRedirect("./resetPassword.jsp");
         }
-
-        session.removeAttribute("username");
-        session.setAttribute("homeUrl", oidcHomeUrl);
-        response.sendRedirect(UrlConstructor.getRedirectUrl(request, "success.jsp"));
-        //response.sendRedirect("./success.jsp");
         printWriter.close();
     }
 
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java
index 7c89b5e..a927f25 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java
@@ -1,6 +1,7 @@
 package eu.dnetlib.openaire.usermanagement;
 
 import eu.dnetlib.openaire.user.utils.VerificationActions;
+import eu.dnetlib.openaire.usermanagement.utils.InputValidator;
 import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor;
 import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -40,21 +41,34 @@ public class VerificationCodeServlet extends HttpServlet {
         String formUsername = request.getParameter("username").trim();
         String formVerificationCode = request.getParameter("verification_code").trim();
 
-        if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) {
-            if (!verificationActions.verificationCodeHasExpired(formUsername)) {
-                HttpSession session = request.getSession();
-                session.setAttribute("username", formUsername);
-                response.sendRedirect("./resetPassword.jsp");
+        if (InputValidator.isFilled(formUsername) && InputValidator.isFilled(formVerificationCode)) {
+            if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) {
+                if (!verificationActions.verificationCodeHasExpired(formUsername)) {
+                    HttpSession session = request.getSession();
+                    session.setAttribute("username", formUsername);
+                    response.sendRedirect("./resetPassword.jsp");
+                } else {
+                    logger.info("Verification code has expired!");
+                    response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp"));
+                    //response.sendRedirect("./expiredVerificationCode.jsp");
+                }
             } else {
-                logger.info("Verification code has expired!");
-                response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp"));
-                //response.sendRedirect("./expiredVerificationCode.jsp");
+                logger.info("Username or verification code are not valid!");
+                request.getSession().setAttribute("message", "Username or verification code are not valid.");
+                response.sendRedirect("./verify.jsp");
             }
         } else {
-            request.getSession().setAttribute("message", "Username or verification code are not valid.");
+            if (!InputValidator.isFilled(formUsername)) {
+                logger.info("No username");
+                request.getSession().setAttribute("msg_username_error", "Please enter your username.");
+            }
+            if (!InputValidator.isFilled(formVerificationCode)) {
+                logger.info("No verification code");
+                request.getSession().setAttribute("msg_verification_code_error", "Please enter your verification code.");
+            }
             response.sendRedirect("./verify.jsp");
-        }
-        printWriter.close();
+            }
 
+        printWriter.close();
     }
 }
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/security/FrontEndLinkURIAuthenticationSuccessHandler.java b/src/main/java/eu/dnetlib/openaire/usermanagement/security/FrontEndLinkURIAuthenticationSuccessHandler.java
index ebe8249..d666a11 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/security/FrontEndLinkURIAuthenticationSuccessHandler.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/security/FrontEndLinkURIAuthenticationSuccessHandler.java
@@ -40,6 +40,12 @@ public class FrontEndLinkURIAuthenticationSuccessHandler implements Authenticati
             logger.info("access token: " + authOIDC.getAccessTokenValue());
             logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n");
 
+            //TODO DELETE LOG
+//            logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n");
+//            logger.info("refresh token: " + authOIDC.getRefreshTokenValue());
+//            logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n");
+
+
             jwt.setPath(frontPath);
             if (frontDomain!=null) jwt.setDomain(frontDomain);
             accessToken.setPath(frontPath);
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/security/JWTGenerator.java b/src/main/java/eu/dnetlib/openaire/usermanagement/security/JWTGenerator.java
index e721f60..7f18ccc 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/security/JWTGenerator.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/security/JWTGenerator.java
@@ -88,6 +88,7 @@ public class JWTGenerator {
 //            claims.put("edu_person_scoped_affiliations", "faculty");
 
             Date exp = new Date(authOIDC.getIdToken().getJWTClaimsSet().getExpirationTime().getTime());
+//            logger.info("expirationTime: "+ exp);
 
             //TODO DELETE LOGS
 //            logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n");
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/InputValidator.java b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/InputValidator.java
new file mode 100644
index 0000000..3aa683b
--- /dev/null
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/InputValidator.java
@@ -0,0 +1,71 @@
+package eu.dnetlib.openaire.usermanagement.utils;
+
+import org.apache.log4j.Logger;
+
+/**
+ * Created by sofia on 20/4/2018.
+ */
+public class InputValidator {
+
+    private static Logger logger = Logger.getLogger(InputValidator.class);
+
+    /*
+         ^                 # start-of-string
+        (?=.*[0-9])       # a digit must occur at least once
+        (?=.*[a-z])       # a lower case letter must occur at least once
+        (?=.*[A-Z])       # an upper case letter must occur at least once
+        (?=.*[@#$%^&+=])  # a special character must occur at least once. This has been removed.
+                          # Please add if special character is needed.
+        (?=\S+$)          # no whitespace allowed in the entire string
+        .{6,}             # anything, at least six places though
+        $                 # end-of-string
+    */
+
+    public static String validPassword = "^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=\\S+$).{6,}$";
+
+    /*
+        ^[a-zA-Z0-9]            # starts with character or digit
+        ^[a-zA-Z0-9\\.\\_\\-]   # contains only characters, numbers, underscores, hyphens, periods
+        {4,150}                 # anything, at least eight places though
+        $                       # end-of-string
+    */
+    public static String validUsername = "^[a-zA-Z0-9][a-zA-Z0-9\\.\\_\\-]{4,150}";
+
+    /*
+        ^[a-zA-Z0-9]            # starts with character or digit
+    */
+    public static String startsWith = "^[a-zA-Z0-9].*";
+
+    /*
+        "^[a-zA-Z0-9\\.\\_\\-]"  #contains only characters, numbers, underscores, hyphens, periods
+    */
+    public static String allowedChars = "^[a-zA-Z0-9\\.\\_\\-]";
+
+    public static boolean isFilled(String input) {
+        return (input != null && !input.isEmpty());
+    }
+
+    public static boolean isValidPassword(String password) {
+        return password.matches(validPassword);
+    }
+
+    public static boolean isValidUsername(String username) {
+        return username.matches(validUsername);
+    }
+
+    public static boolean startsWithLetterOrDigit(String username) {
+        return username.matches(startsWith);
+    }
+
+    public static boolean containsOnlyAllowedChars(String username) {
+        return username.matches(allowedChars);
+    }
+
+    public static boolean containsLessCharsThan(int count, String input) {
+        return (input.length() < count);
+    }
+
+    public static boolean containsMoreCharsThan(int count, String input) {
+        return (input.length() > count);
+    }
+}
diff --git a/src/main/webapp/activate.jsp b/src/main/webapp/activate.jsp
index d520821..4a109f1 100644
--- a/src/main/webapp/activate.jsp
+++ b/src/main/webapp/activate.jsp
@@ -62,10 +62,12 @@
                                             <div class="form-group">
                                                 <span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span>
                                                 <c:remove var="message" scope="session" />
-                                                <span class="msg_username_error uk-text-danger uk-text-small uk-float-left" style="display:none">Please enter your username.</span>
+                                                <span id="server_username_error" class="uk-text-danger uk-text-small uk-float-left">${msg_username_error}</span>
+                                                <c:remove var="msg_username_error" scope="session" />
                                                 <input id="username" name="username" type="text" placeholder="Username" class="form-control"></div>
                                             <div class="form-group">
-                                                <span class="msg_activation_code_error uk-text-danger uk-text-small uk-float-left" style="display:none">Please enter your activation code.</span>
+                                                <span id="server_activation_code_error" class="uk-text-danger uk-text-small uk-float-left">${msg_activation_code_error}</span>
+                                                <c:remove var="msg_activation_code_error" scope="session" />
                                                 <input id="verification_code" name="verification_code" type="text" placeholder="Activation Code" value="${param.code}" class="form-control"></div>
                                             <div class="uk-margin uk-grid-small uk-child-width-auto uk-grid uk-text-left uk-grid-stack" uk-grid="">
                                                 <div class="uk-width-1-1 uk-grid-margin uk-first-column">
@@ -78,13 +80,13 @@
                                     <script>
                                         $("#username").focusin(function() {
                                             $(this).removeClass('aai-form-danger');
-                                            $(".msg_username_error").fadeOut();
+                                            $("#server_username_error").fadeOut();
                                             $("#server_error").fadeOut();
                                         });
 
                                         $("#verification_code").focusin(function() {
                                             $(this).removeClass('aai-form-danger');
-                                            $(".msg_verification_code_error").fadeOut();
+                                            $("#server_activation_code_error").fadeOut();
                                             $("#server_error").fadeOut();
                                         });
                                     </script>
diff --git a/src/main/webapp/addPassword.jsp b/src/main/webapp/addPassword.jsp
index 33eb088..7a5a7e1 100644
--- a/src/main/webapp/addPassword.jsp
+++ b/src/main/webapp/addPassword.jsp
@@ -62,7 +62,7 @@
                                 <%--<a href="" uk-icon="icon: heart"></a>--%>
                                 <%--<h3 uk-icon="icon: check"></h3>--%>
                                 <h3 class="uk-h4 uk-text-success"><span uk-icon="icon: check; ratio: 1.3"></span> Your email is now verified!</h3>
-                                <p>To complete the password reset process, please enter a new password. <b>Must contain at least one number and one uppercase and lowercase letter, and at least 6 or more characters.</b></p>
+                                <p>To complete the password reset process, please enter a new password. <b>Must contain at least one number and one uppercase and lowercase letter, and at least 6 or more characters. No white space allowed.</b></p>
                                 <div class="uk-width-1-3@m uk-align-center">
                                     <!-- REGISTER FORM -->
                                     <div id="registerForm">
@@ -78,14 +78,15 @@
                                                 <span class="msg_capital_letter uk-text-danger uk-text-small uk-float-left" style="display:none">A capital (uppercase) letter. &nbsp </span>
                                                 <span class="msg_number uk-text-danger uk-text-small uk-float-left" style="display:none">A number. &nbsp</span>
                                                 <span class="msg_lenght uk-text-danger uk-text-small uk-float-left" style="display:none">Minimum 6 characters. &nbsp</span>
-                                                <div id="message">
-                                                </div>
+                                                <p><span class="msg_space uk-text-danger uk-text-small uk-float-left" style="display:none">No white space allowed &nbsp</span></p>
+                                                <%--<span id="server_invalid_password_error" class="uk-text-danger uk-text-small uk-float-left">${msg_invalid_password}</span>--%>
+                                                <%--<c:remove var="msg_invalid_password" scope="session" />--%>
                                                 <input id="password" name="password" type="password" placeholder="Password" class="form-control"></div>
                                             <div class="form-group">
                                                 <input id="password_conf" name="password_conf" type="password" placeholder="Confirm password" class="form-control"></div>
                                             <div class="uk-margin uk-grid-small uk-child-width-auto uk-grid uk-text-left uk-grid-stack" uk-grid="">
                                                 <div class="uk-width-1-1 uk-grid-margin uk-first-column">
-                                                    <button type="submit" class="uk-button uk-button-primary" onclick="return validateForm();">Submit</button>
+                                                    <button type="submit" class="uk-button uk-button-primary" onclick="return  validatePasswordForm();">Submit</button>
                                                 </div>
                                             </div>
                                         </form>
@@ -93,14 +94,14 @@
                                     <!-- END OF REGISTER FORM -->
                                     <script>
 
-                                        var myInput = document.getElementById("password");
+                                        var password = document.getElementById("password");
 
                                         // When the user starts to type something inside the password field
-                                        myInput.onkeyup = function() {
+                                        password.onkeyup = function() {
 
                                             // Validate lowercase letters
                                             var lowerCaseLetters = /[a-z]/g;
-                                            if (myInput.value.match(lowerCaseLetters)) {
+                                            if (password.value.match(lowerCaseLetters)) {
                                                 $(".msg_lowercase_letter").fadeOut();
                                             } else {
                                                 $(".msg_lowercase_letter").fadeIn();
@@ -108,7 +109,7 @@
 
                                             // Validate capital letters
                                             var upperCaseLetters = /[A-Z]/g;
-                                            if (myInput.value.match(upperCaseLetters)) {
+                                            if (password.value.match(upperCaseLetters)) {
                                                 $(".msg_capital_letter").fadeOut();
                                             } else {
                                                 $(".msg_capital_letter").fadeIn();
@@ -116,21 +117,29 @@
 
                                             // Validate numbers
                                             var numbers = /[0-9]/g;
-                                            if (myInput.value.match(numbers)) {
+                                            if (password.value.match(numbers)) {
                                                 $(".msg_number").fadeOut();
                                             } else {
                                                 $(".msg_number").fadeIn();
                                             }
 
                                             // Validate length
-                                            if (myInput.value.length >= 6) {
+                                            if (password.value.length >= 6) {
                                                 $(".msg_lenght").fadeOut();
                                             } else {
                                                 $(".msg_lenght").fadeIn();
                                             }
 
-                                            if(myInput.value.match(lowerCaseLetters) && myInput.value.match(upperCaseLetters)
-                                                    && myInput.value.match(numbers) && (myInput.value.length >= 6)){
+                                            // Validate no white space
+                                            var space = /[\s]+/g;
+                                            if (password.value.match(space)){
+                                                $(".msg_space").fadeIn();
+                                            } else {
+                                                $(".msg_space").fadeOut();
+                                            }
+
+                                            if(password.value.match(lowerCaseLetters) && password.value.match(upperCaseLetters)
+                                                    && password.value.match(numbers) && (password.value.length >= 6)){
                                                 if($(".msg_please_add").css('display')!='none'){
                                                     $(".msg_please_add").fadeOut();
                                                 }
@@ -146,6 +155,7 @@
                                                 $(".msg_please_add").fadeOut();
                                                 $(".msg_password_error").fadeOut();
                                                 $(".msg_pass_conf_error").fadeOut();
+                     //                            $("#server_invalid_password_error").fadeOut();
                                                 $(".msg_lowercase_letter").fadeOut();
                                                 $(".msg_capital_letter").fadeOut();
                                                 $(".msg_number").fadeOut();
diff --git a/src/main/webapp/expiredVerificationCode.jsp b/src/main/webapp/expiredVerificationCode.jsp
index 4d7bbf0..cdbea7b 100644
--- a/src/main/webapp/expiredVerificationCode.jsp
+++ b/src/main/webapp/expiredVerificationCode.jsp
@@ -53,7 +53,7 @@
             <div class="tm-main uk-width-1-1@s uk-width-1-1@m  uk-width-1-1@l uk-row-first uk-first-column">
                 <div class="uk-width-1-1">
                     <%--<h3 class="uk-h3 uk-text-danger">Oops! Something went wrong</h3>--%>
-                    <div class="middle-box loginscreen animated fadeInDown uk-text-left ">
+                    <div class="middle-box loginscreen animated fadeInDown uk-text-center">
                         <p>Your verification code has expired. Please request for a new verification code <a href="http://mpagasas.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/forgotPassword.jsp">here</a>.</p>
                     </div>
                 </div>
diff --git a/src/main/webapp/js/validation.js b/src/main/webapp/js/validation.js
index 4195c24..125efd7 100644
--- a/src/main/webapp/js/validation.js
+++ b/src/main/webapp/js/validation.js
@@ -112,7 +112,7 @@ function validateForm() {
     }
 
 
-    // Check if password is filled
+    //Check if password is filled
     if($("#password").val() != undefined) {
         if($.trim($("#password").val()).length <= 0) {
             $("#password").addClass('uk-input aai-form-danger');
@@ -166,6 +166,59 @@ function validateForm() {
     return !hasError;
 }
 
+function validatePasswordForm() {
+
+    var password = $("#password").val();
+    var password_conf = $("#password_conf").val();
+    var isValidPassword = validatePassword(password);
+    var hasError = false;
+    var isPasswordFilled = false;
+
+    // Check if password is filled
+    if ($("#password").val() != undefined) {
+        if ($.trim($("#password").val()).length <= 0) {
+            $("#password").addClass('uk-input aai-form-danger');
+            $(".msg_password_error").show();
+        } else {
+            isPasswordFilled = true;
+            $(".msg_password_error").hide();
+            $("#password").removeClass('aai-form-danger');
+            $("#password_conf").removeClass('aai-form-danger');
+        }
+
+        if (isPasswordFilled) {
+            // Check if passwords match
+            if (!confirm(password, password_conf)) {
+                $("#password").addClass('uk-input aai-form-danger');
+                $("#password_conf").addClass('uk-input aai-form-danger');
+                $(".msg_pass_conf_error").show();
+                hasError = true;
+            } else {
+                $(".msg_pass_conf_error").hide();
+            }
+        }
+
+        if (!isValidPassword) {
+            $("#password").addClass('uk-input aai-form-danger');
+            $(".msg_please_add").show();
+            $(".msg_lowercase_letter").show();
+            $(".msg_capital_letter").show();
+            $(".msg_number").show();
+            $(".msg_lenght").show();
+            hasError = true;
+        } else {
+            $("#password").removeClass('aai-form-danger');
+            $(".msg_please_add").hide();
+            $(".msg_lowercase_letter").hide();
+            $(".msg_capital_letter").hide();
+            $(".msg_number").hide();
+            $(".msg_lenght").hide();
+        }
+    }
+
+    return !hasError;
+}
+
 function validateEmail(email) {
     var re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
     return re.test(email);
diff --git a/src/main/webapp/resetPassword.jsp b/src/main/webapp/resetPassword.jsp
index f242104..99b9574 100644
--- a/src/main/webapp/resetPassword.jsp
+++ b/src/main/webapp/resetPassword.jsp
@@ -50,8 +50,9 @@
               <!-- CENTER SIDE -->
               <div class="uk-width-1-1@m uk-width-1-1@s uk-text-center">
                 <div class="middle-box text-center loginscreen animated fadeInDown ">
-                  <p>To complete the password reset process, please enter a new password. <b>Must contain at least one number and one uppercase and lowercase letter, and at least 6 or more characters.</b></p>
-                  <div class="uk-width-1-3@m uk-align-center">
+                  <p>To complete the password reset process, please enter a new password. <b>Must contain at least one number and one uppercase and lowercase letter, and at least 6 or more characters.
+                    No white space allowed.</b></p>
+                  <div class="uk-width-1-3@m uk-align-center"></p>
                       <!-- REGISTER FORM -->
                       <div id="registerForm">
                         <form action="resetPassword" method="POST" role="form" class="m-t" id="register_form" >
@@ -66,14 +67,15 @@
                               <span class="msg_capital_letter uk-text-danger uk-text-small uk-float-left" style="display:none">A capital (uppercase) letter. &nbsp </span>
                               <span class="msg_number uk-text-danger uk-text-small uk-float-left" style="display:none">A number. &nbsp</span>
                               <span class="msg_lenght uk-text-danger uk-text-small uk-float-left" style="display:none">Minimum 6 characters. &nbsp</span>
-                              <div id="message">
-                              </div>
-                                <input id="password" name="password" type="password" placeholder="Password" class="form-control"></div>
+                              <p><span class="msg_space uk-text-danger uk-text-small uk-float-left" style="display:none">No white space allowed &nbsp</span></p>
+                              <%--<span id="server_invalid_password_error" class="uk-text-danger uk-text-small uk-float-left">${msg_invalid_password}</span>--%>
+                              <%--<c:remove var="msg_invalid_password" scope="session" />--%>
+                              <input id="password" name="password" type="password" placeholder="Password" class="form-control"></div>
                               <div class="form-group">
                                 <input id="password_conf" name="password_conf" type="password" placeholder="Confirm password" class="form-control"></div>
                               <div class="uk-margin uk-grid-small uk-child-width-auto uk-grid uk-text-left uk-grid-stack" uk-grid="">
                               <div class="uk-width-1-1 uk-grid-margin uk-first-column">
-                                <button type="submit" class="uk-button uk-button-primary" onclick="return validateForm();">Submit</button>
+                                <button type="submit" class="uk-button uk-button-primary" onclick="return validatePasswordForm();">Reset Password</button>
                               </div>
                             </div>
                         </form>
@@ -81,14 +83,14 @@
                       <!-- END OF REGISTER FORM -->
                       <script>
 
-                        var myInput = document.getElementById("password");
+                        var password = document.getElementById("password");
 
                           // When the user starts to type something inside the password field
-                          myInput.onkeyup = function() {
+                          password.onkeyup = function() {
 
                             // Validate lowercase letters
                             var lowerCaseLetters = /[a-z]/g;
-                            if (myInput.value.match(lowerCaseLetters)) {
+                            if (password.value.match(lowerCaseLetters)) {
                               $(".msg_lowercase_letter").fadeOut();
                             } else {
                               $(".msg_lowercase_letter").fadeIn();
@@ -96,7 +98,7 @@
 
                             // Validate capital letters
                             var upperCaseLetters = /[A-Z]/g;
-                            if (myInput.value.match(upperCaseLetters)) {
+                            if (password.value.match(upperCaseLetters)) {
                               $(".msg_capital_letter").fadeOut();
                             } else {
                               $(".msg_capital_letter").fadeIn();
@@ -104,21 +106,29 @@
 
                             // Validate numbers
                             var numbers = /[0-9]/g;
-                            if (myInput.value.match(numbers)) {
+                            if (password.value.match(numbers)) {
                               $(".msg_number").fadeOut();
                             } else {
                               $(".msg_number").fadeIn();
                             }
 
                             // Validate length
-                            if (myInput.value.length >= 6) {
+                            if (password.value.length >= 6) {
                               $(".msg_lenght").fadeOut();
                             } else {
                               $(".msg_lenght").fadeIn();
                             }
 
-                            if(myInput.value.match(lowerCaseLetters) && myInput.value.match(upperCaseLetters)
-                                && myInput.value.match(numbers) && (myInput.value.length >= 6)){
+                            // Validate no white space
+                            var space = /[\s]+/g;
+                            if (password.value.match(space)){
+                              $(".msg_space").fadeIn();
+                            } else {
+                              $(".msg_space").fadeOut();
+                            }
+
+                            if(password.value.match(lowerCaseLetters) && password.value.match(upperCaseLetters)
+                                && password.value.match(numbers) && (password.value.length >= 6)){
                               if($(".msg_please_add").css('display')!='none'){
                                 $(".msg_please_add").fadeOut();
                               }
@@ -128,24 +138,25 @@
                               }
                             }
 
-
-                            $("#password").focusin(function () {
-                              $(this).removeClass('aai-form-danger');
-                              $(".msg_please_add").fadeOut();
-                              $(".msg_password_error").fadeOut();
-                              $(".msg_pass_conf_error").fadeOut();
-                              $(".msg_lowercase_letter").fadeOut();
-                              $(".msg_capital_letter").fadeOut();
-                              $(".msg_number").fadeOut();
-                              $(".msg_lenght").fadeOut();
-                            });
-
-                            $("#password_conf").focusin(function () {
-                              $(this).removeClass('aai-form-danger');
-                              $(".msg_pass_conf_error").fadeOut();
-                            });
                           }
 
+                          $("#password").focusin(function () {
+                            $(this).removeClass('aai-form-danger');
+                            $(".msg_please_add").fadeOut();
+                            $(".msg_password_error").fadeOut();
+//                            $("#server_invalid_password_error").fadeOut();
+                            $(".msg_pass_conf_error").fadeOut();
+                            $(".msg_lowercase_letter").fadeOut();
+                            $(".msg_capital_letter").fadeOut();
+                            $(".msg_number").fadeOut();
+                            $(".msg_lenght").fadeOut();
+                          });
+
+                          $("#password_conf").focusin(function () {
+                            $(this).removeClass('aai-form-danger');
+                            $(".msg_pass_conf_error").fadeOut();
+                          });
+
                     </script>
                     </div>
                   </ul>
diff --git a/src/main/webapp/verify.jsp b/src/main/webapp/verify.jsp
index ef86ece..ea5960d 100644
--- a/src/main/webapp/verify.jsp
+++ b/src/main/webapp/verify.jsp
@@ -49,17 +49,20 @@
                       <div id="registerForm">
                         <form action="verifyCode" method="POST" role="form" class="m-t" id="register_form">
                           <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
-                          <%--<input type="hidden" name="username" value="${username}"/>--%>
                           <div class="alert alert-success" aria-hidden="true" style="display: none;"></div>
                           <div class="alert alert-danger" aria-hidden="true" style="display: none;"></div>
                             <div class="form-group">
                               <span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span>
                               <c:remove var="message" scope="session" />
-                              <span class="msg_username_error uk-text-danger uk-text-small uk-float-left" style="display:none">Please enter your username.</span>
-                              <input id="username" name="username" type="text" placeholder="Username" class="form-control"></div>
-                              <div class="form-group">
-                              <span class="msg_verification_code_error uk-text-danger uk-text-small uk-float-left" style="display:none">Please enter your verification code.</span>
-                              <input id="verification_code" name="verification_code" type="text" placeholder="Verification Code" value="${param.code}" class="form-control"></div>
+                              <span id="server_username_error" class="uk-text-danger uk-text-small uk-float-left">${msg_username_error}</span>
+                              <c:remove var="msg_username_error" scope="session" />
+                              <input id="username" name="username" type="text" placeholder="Username" class="form-control">
+                            </div>
+                            <div class="form-group">
+                              <span id="server_verification_code_error" class="uk-text-danger uk-text-small uk-float-left">${msg_verification_code_error}</span>
+                              <c:remove var="msg_verification_code_error" scope="session" />
+                              <input id="verification_code" name="verification_code" type="text" placeholder="Verification Code" value="${param.code}" class="form-control">
+                            </div>
                               <div class="uk-margin uk-grid-small uk-child-width-auto uk-grid uk-text-left uk-grid-stack" uk-grid="">
                               <div class="uk-width-1-1 uk-grid-margin uk-first-column">
                                 <button type="submit" class="uk-button uk-button-primary" onclick="return validateForm();">Submit</button>
@@ -71,13 +74,13 @@
                         <script>
                             $("#username").focusin(function() {
                               $(this).removeClass('aai-form-danger');
-                              $(".msg_username_error").fadeOut();
+                              $("#server_username_error").fadeOut();
                               $("#server_error").fadeOut();
                             });
 
                             $("#verification_code").focusin(function() {
                                 $(this).removeClass('aai-form-danger');
-                                $(".msg_verification_code_error").fadeOut();
+                                $("#server_verification_code_error").fadeOut();
                                 $("#server_error").fadeOut();
                             });
                       </script>