Package org.apache.jetspeed.security

Examples of org.apache.jetspeed.security.UserCredential

40
41
42
43
44
45
46
47
48
49
50
public final class SecurityHelper
{
    public static UserCredential getCredential(UserManager um, User user)
    throws SecurityException
    {
        UserCredential credential = null;
       
        Subject subject = um.getSubject(user);
        Set credentials = subject.getPrivateCredentials();
        Iterator iter = credentials.iterator();
        while (iter.hasNext())
View Full Code Here
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
                        setView(actionRequest, phase, SUCCESS2); // act like nothing happening
                        return;
                    }
                    userBean.setUsername(username);
                    userBean.setUser(user);                   
                    UserCredential credential = null;
                    try
                    {
                        credential = SecurityHelper.getCredential(userManager, user);
                    }
                    catch (SecurityException e)
                    {}
                    if (credential != null)
                    {
                        if (credential.isEnabled() == false)
                        {
                            userBean.setInvalidUser(true);
                            setView(actionRequest, phase, SUCCESS2);
                            userBean.setQuestion( questionFactory.getRandomQuestion() );                           
                            StatusMessage msg = new StatusMessage("The account has been disabled.", StatusMessage.ERROR);
View Full Code Here
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
        catch (Exception e)
        {
            logger.error("Failed to retrieve user, {}: {}", username, e.getMessage());
            return;
        }
        UserCredential pwdCredential = null;
        try
        {
            pwdCredential = SecurityHelper.getCredential(userManager, user);
        }
        catch (SecurityException e)
        {}
        RequestContext rc = SecurityHelper.getRequestContext(actionRequest);
        if (pwdCredential != null)
        {
            userBean.setUser(user);
            // Failed login processing
            HttpSession session = rc.getRequest().getSession(true);
            Integer retryCount = (Integer) session.getAttribute(MFALogin.RETRYCOUNT);
            if (retryCount == null)
                retryCount = new Integer(1);
            else
                retryCount = new Integer(retryCount.intValue() + 1);
            session.setAttribute(MFALogin.RETRYCOUNT, retryCount);
            if ( pwdCredential == null || !pwdCredential.isEnabled() )
            {
                rc.setSessionAttribute(MFALogin.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);
                nextView = FAILURE2;
            }
            else if ( pwdCredential.isExpired() )
            {
                rc.setSessionAttribute(MFALogin.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_EXPIRED);
            }
            else if ( maxNumberOfAuthenticationFailures > 1 && pwdCredential.getAuthenticationFailures() == maxNumberOfAuthenticationFailures -)
            {
                rc.setSessionAttribute(MFALogin.ERRORCODE, LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT);
            }
            else
            {
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
    if (!getAnonymousUser().equals(user.getName()) && credentialManager != null)
    {
      PasswordCredential pwc = getPasswordCredential(user);
      if (pwc != null)
      {
        UserCredential credential = new UserCredentialImpl(pwc);
        HashSet<Object> privateCred = new HashSet<Object>();
        privateCred.add(credential);
        return getSubject(new AuthenticatedUserImpl(user, null, privateCred));
      }
    }
View Full Code Here
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
                                {
                                    request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_USER_DISABLED);
                                }
                                else
                                {
                                    UserCredential userCredential = SubjectHelper.getUserCredential(um.getSubject(user));
                                    if ( userCredential == null || !userCredential.isEnabled() )
                                    {
                                        request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);
                                    }
                                    else if ( userCredential.isExpired() )
                                    {
                                        request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_EXPIRED);
                                    }
                                    else if ( maxNumberOfAuthenticationFailures > 1 && userCredential.getAuthenticationFailures() == maxNumberOfAuthenticationFailures -)
                                    {
                                        request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT);
                                    }
                                    else
                                    {
View Full Code Here
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
        try
        {
            if ( request.getRequest().getUserPrincipal() != null )
            {
                Subject subject = request.getSubject();
                UserCredential userCredential = SubjectHelper.getUserCredential(subject);
                Integer passwordDaysValid = null;
               
                // check for an existing password credential
                if ( userCredential != null )
                {
                    if ( userCredential.isUpdateRequired() )
                    {
                        passwordDaysValid = new Integer(0); // required change
                    }
                    if ( request.getSessionAttribute(CHECKED_KEY) == null  )
                    {
                        request.setSessionAttribute(CHECKED_KEY,Boolean.TRUE);
                        if ( userCredential.getPreviousAuthenticationDate() != null &&
                                userCredential.getLastAuthenticationDate() != null &&
                                userCredential.getExpirationDate() != null )
                        {
                            long expirationTime = userCredential.getExpirationDate().getTime();
                            long lastAuthTime = userCredential.getLastAuthenticationDate().getTime();
                            int lastAuthDaysBeforeExpiration = (int)((expirationTime-lastAuthTime)/(24*60*60*1000));
                            if lastAuthDaysBeforeExpiration < 1 )
                            {
                                passwordDaysValid = new Integer(1);
                            }
                            else if (expirationWarningDays.length > 0)
                            {
                                long prevAuthTime = Long.MIN_VALUE;
                                if (userCredential.getPreviousAuthenticationDate() != null )
                                {
                                    prevAuthTime = userCredential.getPreviousAuthenticationDate().getTime();
                                }
                                int prevAuthDaysBeforeExpiration = (int)((expirationTime-prevAuthTime)/(24*60*60*1000));
                                if ( prevAuthDaysBeforeExpiration > lastAuthDaysBeforeExpiration )
                                {
                                    for ( int i = 0; i < expirationWarningDays.length; i++ )
View Full Code Here
126
127
128
129
130
131
132
133
134
135
136
    if (credentialManager != null)
    {
      PasswordCredential pwc = getPasswordCredential(user);
      if (pwc != null)
      {
        UserCredential credential = new UserCredentialImpl(pwc);
        HashSet<Object> privateCred = new HashSet<Object>();
        privateCred.add(credential);
        return getSubject(new AuthenticatedUserImpl(user, null, privateCred));
      }
    }
View Full Code Here
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
        try
        {
            if ( request.getRequest().getUserPrincipal() != null )
            {
                Subject subject = request.getSubject();
                UserCredential userCredential = SubjectHelper.getUserCredential(subject);
                Integer passwordDaysValid = null;
               
                // check for an existing password credential
                if ( userCredential != null )
                {
                    if ( userCredential.isUpdateRequired() )
                    {
                        passwordDaysValid = new Integer(0); // required change
                    }
                    if ( request.getSessionAttribute(CHECKED_KEY) == null  )
                    {
                        request.setSessionAttribute(CHECKED_KEY,Boolean.TRUE);
                        if ( userCredential.getPreviousAuthenticationDate() != null &&
                                userCredential.getLastAuthenticationDate() != null &&
                                userCredential.getExpirationDate() != null )
                        {
                            long expirationTime = userCredential.getExpirationDate().getTime();
                            long lastAuthTime = userCredential.getLastAuthenticationDate().getTime();
                            int lastAuthDaysBeforeExpiration = (int)((expirationTime-lastAuthTime)/(24*60*60*1000));
                            if lastAuthDaysBeforeExpiration < 1 )
                            {
                                passwordDaysValid = new Integer(1);
                            }
                            else if (expirationWarningDays.length > 0)
                            {
                                long prevAuthTime = Long.MIN_VALUE;
                                if (userCredential.getPreviousAuthenticationDate() != null )
                                {
                                    prevAuthTime = userCredential.getPreviousAuthenticationDate().getTime();
                                }
                                int prevAuthDaysBeforeExpiration = (int)((expirationTime-prevAuthTime)/(24*60*60*1000));
                                if ( prevAuthDaysBeforeExpiration > lastAuthDaysBeforeExpiration )
                                {
                                    for ( int i = 0; i < expirationWarningDays.length; i++ )
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
    if (!getAnonymousUser().equals(user.getName()) && credentialManager != null)
    {
      PasswordCredential pwc = getPasswordCredential(user);
      if (pwc != null)
      {
        UserCredential credential = new UserCredentialImpl(pwc);
        HashSet<Object> privateCred = new HashSet<Object>();
        privateCred.add(credential);
        return getSubject(new AuthenticatedUserImpl(user, null, privateCred));
      }
    }
View Full Code Here
TOP

Related Classes of org.apache.jetspeed.security.UserCredential

  • org.apache.jetspeed.security.impl.LoginValidationValveImpl
  • org.apache.jetspeed.security.impl.PasswordCredentialValveImpl
  • org.apache.jetspeed.security.impl.UserManagerImpl
  • org.apache.jetspeed.security.mfa.portlets.MFALogin
  • org.apache.jetspeed.security.mfa.util.SecurityHelper
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.