Package com.iisigroup.cap.security.exception

Examples of com.iisigroup.cap.security.exception.CapAuthenticationException


        logger.debug("Checking authentication for user {}", username);
        logger.debug("userResponse: {}",
                captchaCaptureFilter.getUserCaptchaResponse());
        boolean captchaEnabled = isCaptchaEnabled();
        if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
            throw new CapAuthenticationException(
                    "No Username and/or Password Provided.", captchaEnabled);
        } else if (captchaEnabled
                && StringUtils.isBlank(captchaCaptureFilter
                        .getUserCaptchaResponse())) {
            throw new CapAuthenticationException("Captcha Response is Empty",
                    captchaEnabled);
        } else {
            Map<String, String> policy = passwordService.getPasswordPolicy();
            boolean captchaPassed = true;
            boolean forceChangePwd = isForceChangePwd(username);
            Integer wrongCount = getWrountCount(username);
            logger.debug("wrongCount-{}: {}", username, wrongCount);
            // 密碼連錯 PWD_ACCOUNT_LOCK 次 lock user
            if (wrongCount >= Integer.parseInt(policy
                    .get(PwdPloicyKeys.PWD_ACCOUNT_LOCK.toString()
                            .toLowerCase()))) {
                accessControlService.lockUserByUserId(username);
                throw new CapAuthenticationException("User locked.",
                        captchaEnabled);
            }
            // 驗證 captcha
            if (captchaEnabled) {
                String cpatchaData = captchaCaptureFilter.getRequest()
                        .getParameter("captcha");
                CapSecurityCaptcha captcha = CapAppContext
                        .getBean(CapCaptchaServlet.DEF_RENDERER);
                captchaPassed = CaptchaStatus.SUCCESS.equals(captcha
                        .valid(cpatchaData));
                logger.debug("Is captcha valid: " + captchaPassed);
            } else {
                captchaPassed = true;
            }
            if (captchaPassed) {
                resetCaptchaFields();
                CapUserDetails user;
                try {
                    user = (CapUserDetails) userService
                            .loadUserByUsername(username);
                } catch (Exception e) {
                    throw new CapAuthenticationException(e.getMessage(),
                            captchaEnabled, forceChangePwd);
                }
                boolean currentPwdVerified = verifyPassword(username,
                        authentication.getCredentials().toString(),
                        user.getPassword());
                if (currentPwdVerified) {
                    setWrountCount(username, 0);
                    String authedPwd = checkStatus(user, username, password,
                            policy, captchaEnabled, forceChangePwd);
                    // 登入成功
                    setForceChangePwd(username, false);
                    // 檢核是否要提醒使用者變更密碼
                    notifyPasswordChange(username, captchaEnabled,
                            forceChangePwd);
                    accessControlService.login(username);
                    return new UsernamePasswordAuthenticationToken(user,
                            authedPwd, user.getAuthorities());
                } else {
                    setWrountCount(username, getWrountCount(username) + 1);
                    // 連錯 N 次,enable captcha
                    if (wrongCount >= Integer.parseInt(policy
                            .get(PwdPloicyKeys.PWD_CAPTCHA_ENABLE.toString()
                                    .toLowerCase()))) {
                        setCaptchaEnabled(true);
                    }
                    throw new CapAuthenticationException("Invalid Password.",
                            isCaptchaEnabled(), forceChangePwd);
                }
            } else {
                logger.debug("Captcha is invalid!");
                resetCaptchaFields();
                throw new CapAuthenticationException("Invalid Captcha.",
                        captchaEnabled, forceChangePwd);
            }
        }
    }
View Full Code Here


            } else {
                authedPwd = password;
            }
            break;
        case 2: // 禁用
            throw new CapAuthenticationException(CapAppContext.getMessage(
                    "error.006", new Object[] { username }), captchaEnabled,
                    forceChangePwd);
        case 3: // 密碼過期
            authedPwd = forceChangePassword(username, captchaEnabled,
                    forceChangePwd, CapAppContext.getMessage("error.012"));
            break;
        case 9: // 刪除
            throw new CapAuthenticationException(CapAppContext.getMessage(
                    "error.007", new Object[] { username }), captchaEnabled,
                    forceChangePwd);
        default:
            throw new CapAuthenticationException("Invalid User Status.",
                    captchaEnabled, forceChangePwd);
        }
        String agreeChange = captchaCaptureFilter.getRequest().getParameter(
                "agreeChange");
        if (Boolean.valueOf(agreeChange)) {
View Full Code Here

        String ignoreNotify = captchaCaptureFilter.getRequest().getParameter(
                "ignoreNotify");
        if (!Boolean.valueOf(ignoreNotify)) {
            int diff = passwordService.getPasswordChangeNotifyDay(userId) + 1;
            if (diff > 0) {
                throw new CapAuthenticationException(CapAppContext.getMessage(
                        "error.013", new Object[] { diff }), captchaEnabled,
                        forceChangePwd, true);
            }
        }
    }
View Full Code Here

                .getParameter("newPwd");
        String confirm = captchaCaptureFilter.getRequest().getParameter(
                "confirm");
        if (StringUtils.isBlank(newPwd) || StringUtils.isBlank(confirm)) {
            setForceChangePwd(username, true);
            throw new CapAuthenticationException(reason
                    + CapAppContext.getMessage("error.010"), captchaEnabled,
                    true);
        } else {
            // set new password
            try {
                passwordService.checkPasswordRule(username, newPwd, confirm,
                        true);
            } catch (Exception e) {
                throw new CapAuthenticationException(e.getMessage(),
                        captchaEnabled, forceChangePwd);
            }
            passwordService.changeUserPassword(username, newPwd);
            return newPwd;
        }
View Full Code Here

TOP

Related Classes of com.iisigroup.cap.security.exception.CapAuthenticationException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.