// Skip out when no netid or password is given.
if (netid == null || password == null)
return BAD_ARGS;
// Locate the eperson
EPerson eperson = null;
try
{
eperson = EPerson.findByNetid(context, netid.toLowerCase());
}
catch (SQLException e)
{
}
SpeakerToLDAP ldap = new SpeakerToLDAP(log);
// Get the DN of the user
String adminUser = ConfigurationManager.getProperty("ldap.search.user");
String adminPassword = ConfigurationManager.getProperty("ldap.search.password");
String dn = ldap.getDNOfUser(adminUser, adminPassword, context, netid);
// Check a DN was found
if ((dn == null) || (dn.trim().equals("")))
{
log.info(LogManager
.getHeader(context, "failed_login", "no DN found for user " + netid));
return BAD_CREDENTIALS;
}
// if they entered a netid that matches an eperson
if (eperson != null)
{
// e-mail address corresponds to active account
if (eperson.getRequireCertificate())
return CERT_REQUIRED;
else if (!eperson.canLogIn())
return BAD_ARGS;
{
if (ldap.ldapAuthenticate(dn, password, context))
{
context.setCurrentUser(eperson);
log.info(LogManager
.getHeader(context, "authenticate", "type=ldap"));
return SUCCESS;
}
else
return BAD_CREDENTIALS;
}
}
// the user does not already exist so try and authenticate them
// with ldap and create an eperson for them
else
{
if (ldap.ldapAuthenticate(dn, password, context))
{
// Register the new user automatically
log.info(LogManager.getHeader(context,
"autoregister", "netid=" + netid));
if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals("")))
{
try
{
eperson = EPerson.findByEmail(context, ldap.ldapEmail);
if (eperson!=null)
{
log.info(LogManager.getHeader(context,
"type=ldap-login", "type=ldap_but_already_email"));
context.setIgnoreAuthorization(true);
eperson.setNetid(netid.toLowerCase());
eperson.update();
context.commit();
context.setIgnoreAuthorization(false);
context.setCurrentUser(eperson);
return SUCCESS;
}
else
{
if (canSelfRegister(context, request, netid))
{
// TEMPORARILY turn off authorisation
try
{
context.setIgnoreAuthorization(true);
eperson = EPerson.create(context);
if ((ldap.ldapEmail != null) && (!ldap.ldapEmail.equals("")))
{
eperson.setEmail(ldap.ldapEmail);
}
else
{
eperson.setEmail(netid + ConfigurationManager.getProperty("ldap.netid_email_domain"));
}
if ((ldap.ldapGivenName!=null) && (!ldap.ldapGivenName.equals("")))
{
eperson.setFirstName(ldap.ldapGivenName);
}
if ((ldap.ldapSurname!=null) && (!ldap.ldapSurname.equals("")))
{
eperson.setLastName(ldap.ldapSurname);
}
if ((ldap.ldapPhone!=null)&&(!ldap.ldapPhone.equals("")))
{
eperson.setMetadata("phone", ldap.ldapPhone);
}
eperson.setNetid(netid.toLowerCase());
eperson.setCanLogIn(true);
AuthenticationManager.initEPerson(context, request, eperson);
eperson.update();
context.commit();
context.setCurrentUser(eperson);
}
catch (AuthorizeException e)
{