Package org.apache.jetspeed.security

Examples of org.apache.jetspeed.security.UserCredential


public final class SecurityHelper
{
    public static UserCredential getCredential(UserManager um, User user)
    throws SecurityException
    {
        UserCredential credential = null;
       
        Subject subject = um.getSubject(user);
        Set credentials = subject.getPrivateCredentials();
        Iterator iter = credentials.iterator();
        while (iter.hasNext())
View Full Code Here


                        setView(actionRequest, phase, SUCCESS2); // act like nothing happening
                        return;
                    }
                    userBean.setUsername(username);
                    userBean.setUser(user);                   
                    UserCredential credential = null;
                    try
                    {
                        credential = SecurityHelper.getCredential(userManager, user);
                    }
                    catch (SecurityException e)
                    {}
                    if (credential != null)
                    {
                        if (credential.isEnabled() == false)
                        {
                            userBean.setInvalidUser(true);
                            setView(actionRequest, phase, SUCCESS2);
                            userBean.setQuestion( questionFactory.getRandomQuestion() );                           
                            StatusMessage msg = new StatusMessage("The account has been disabled.", StatusMessage.ERROR);
View Full Code Here

        catch (Exception e)
        {
            logger.error("Failed to retrieve user, {}: {}", username, e.getMessage());
            return;
        }
        UserCredential pwdCredential = null;
        try
        {
            pwdCredential = SecurityHelper.getCredential(userManager, user);
        }
        catch (SecurityException e)
        {}
        RequestContext rc = SecurityHelper.getRequestContext(actionRequest);
        if (pwdCredential != null)
        {
            userBean.setUser(user);
            // Failed login processing
            HttpSession session = rc.getRequest().getSession(true);
            Integer retryCount = (Integer) session.getAttribute(MFALogin.RETRYCOUNT);
            if (retryCount == null)
                retryCount = new Integer(1);
            else
                retryCount = new Integer(retryCount.intValue() + 1);
            session.setAttribute(MFALogin.RETRYCOUNT, retryCount);
            if ( pwdCredential == null || !pwdCredential.isEnabled() )
            {
                rc.setSessionAttribute(MFALogin.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);
                nextView = FAILURE2;
            }
            else if ( pwdCredential.isExpired() )
            {
                rc.setSessionAttribute(MFALogin.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_EXPIRED);
            }
            else if ( maxNumberOfAuthenticationFailures > 1 && pwdCredential.getAuthenticationFailures() == maxNumberOfAuthenticationFailures -)
            {
                rc.setSessionAttribute(MFALogin.ERRORCODE, LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT);
            }
            else
            {
View Full Code Here

    if (!getAnonymousUser().equals(user.getName()) && credentialManager != null)
    {
      PasswordCredential pwc = getPasswordCredential(user);
      if (pwc != null)
      {
        UserCredential credential = new UserCredentialImpl(pwc);
        HashSet<Object> privateCred = new HashSet<Object>();
        privateCred.add(credential);
        return getSubject(new AuthenticatedUserImpl(user, null, privateCred));
      }
    }
View Full Code Here

                                {
                                    request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_USER_DISABLED);
                                }
                                else
                                {
                                    UserCredential userCredential = SubjectHelper.getUserCredential(um.getSubject(user));
                                    if ( userCredential == null || !userCredential.isEnabled() )
                                    {
                                        request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);
                                    }
                                    else if ( userCredential.isExpired() )
                                    {
                                        request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_EXPIRED);
                                    }
                                    else if ( maxNumberOfAuthenticationFailures > 1 && userCredential.getAuthenticationFailures() == maxNumberOfAuthenticationFailures -)
                                    {
                                        request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT);
                                    }
                                    else
                                    {
View Full Code Here

        try
        {
            if ( request.getRequest().getUserPrincipal() != null )
            {
                Subject subject = request.getSubject();
                UserCredential userCredential = SubjectHelper.getUserCredential(subject);
                Integer passwordDaysValid = null;
               
                // check for an existing password credential
                if ( userCredential != null )
                {
                    if ( userCredential.isUpdateRequired() )
                    {
                        passwordDaysValid = new Integer(0); // required change
                    }
                    if ( request.getSessionAttribute(CHECKED_KEY) == null  )
                    {
                        request.setSessionAttribute(CHECKED_KEY,Boolean.TRUE);
                        if ( userCredential.getPreviousAuthenticationDate() != null &&
                                userCredential.getLastAuthenticationDate() != null &&
                                userCredential.getExpirationDate() != null )
                        {
                            long expirationTime = userCredential.getExpirationDate().getTime();
                            long lastAuthTime = userCredential.getLastAuthenticationDate().getTime();
                            int lastAuthDaysBeforeExpiration = (int)((expirationTime-lastAuthTime)/(24*60*60*1000));
                            if lastAuthDaysBeforeExpiration < 1 )
                            {
                                passwordDaysValid = new Integer(1);
                            }
                            else if (expirationWarningDays.length > 0)
                            {
                                long prevAuthTime = Long.MIN_VALUE;
                                if (userCredential.getPreviousAuthenticationDate() != null )
                                {
                                    prevAuthTime = userCredential.getPreviousAuthenticationDate().getTime();
                                }
                                int prevAuthDaysBeforeExpiration = (int)((expirationTime-prevAuthTime)/(24*60*60*1000));
                                if ( prevAuthDaysBeforeExpiration > lastAuthDaysBeforeExpiration )
                                {
                                    for ( int i = 0; i < expirationWarningDays.length; i++ )
View Full Code Here

    if (credentialManager != null)
    {
      PasswordCredential pwc = getPasswordCredential(user);
      if (pwc != null)
      {
        UserCredential credential = new UserCredentialImpl(pwc);
        HashSet<Object> privateCred = new HashSet<Object>();
        privateCred.add(credential);
        return getSubject(new AuthenticatedUserImpl(user, null, privateCred));
      }
    }
View Full Code Here

        try
        {
            if ( request.getRequest().getUserPrincipal() != null )
            {
                Subject subject = request.getSubject();
                UserCredential userCredential = SubjectHelper.getUserCredential(subject);
                Integer passwordDaysValid = null;
               
                // check for an existing password credential
                if ( userCredential != null )
                {
                    if ( userCredential.isUpdateRequired() )
                    {
                        passwordDaysValid = new Integer(0); // required change
                    }
                    if ( request.getSessionAttribute(CHECKED_KEY) == null  )
                    {
                        request.setSessionAttribute(CHECKED_KEY,Boolean.TRUE);
                        if ( userCredential.getPreviousAuthenticationDate() != null &&
                                userCredential.getLastAuthenticationDate() != null &&
                                userCredential.getExpirationDate() != null )
                        {
                            long expirationTime = userCredential.getExpirationDate().getTime();
                            long lastAuthTime = userCredential.getLastAuthenticationDate().getTime();
                            int lastAuthDaysBeforeExpiration = (int)((expirationTime-lastAuthTime)/(24*60*60*1000));
                            if lastAuthDaysBeforeExpiration < 1 )
                            {
                                passwordDaysValid = new Integer(1);
                            }
                            else if (expirationWarningDays.length > 0)
                            {
                                long prevAuthTime = Long.MIN_VALUE;
                                if (userCredential.getPreviousAuthenticationDate() != null )
                                {
                                    prevAuthTime = userCredential.getPreviousAuthenticationDate().getTime();
                                }
                                int prevAuthDaysBeforeExpiration = (int)((expirationTime-prevAuthTime)/(24*60*60*1000));
                                if ( prevAuthDaysBeforeExpiration > lastAuthDaysBeforeExpiration )
                                {
                                    for ( int i = 0; i < expirationWarningDays.length; i++ )
View Full Code Here

    if (!getAnonymousUser().equals(user.getName()) && credentialManager != null)
    {
      PasswordCredential pwc = getPasswordCredential(user);
      if (pwc != null)
      {
        UserCredential credential = new UserCredentialImpl(pwc);
        HashSet<Object> privateCred = new HashSet<Object>();
        privateCred.add(credential);
        return getSubject(new AuthenticatedUserImpl(user, null, privateCred));
      }
    }
View Full Code Here

TOP

Related Classes of org.apache.jetspeed.security.UserCredential

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.