Example 1 with UserIdException
use of com.liferay.portal.UserIdException in project liferay-ide by liferay.
the class UserLocalServiceImpl method authenticate.
/**
* Attempts to authenticate the user by their login and password, while
* using the AuthPipeline.
*
* <p>
* Authentication type specifies what <code>login</code> contains.The valid
* values are:
* </p>
*
* <ul>
* <li>
* <code>CompanyConstants.AUTH_TYPE_EA</code> - <code>login</code> is the
* user's email address
* </li>
* <li>
* <code>CompanyConstants.AUTH_TYPE_SN</code> - <code>login</code> is the
* user's screen name
* </li>
* <li>
* <code>CompanyConstants.AUTH_TYPE_ID</code> - <code>login</code> is the
* user's primary key
* </li>
* </ul>
*
* @param companyId the primary key of the user's company
* @param login either the user's email address, screen name, or primary
* key depending on the value of <code>authType</code>
* @param password the user's password
* @param authType the type of authentication to perform
* @param headerMap the header map from the authentication request
* @param parameterMap the parameter map from the authentication request
* @param resultsMap the map of authentication results (may be nil). After
* a succesful authentication the user's primary key will be placed
* under the key <code>userId</code>.
* @return the authentication status. This can be {@link
* com.liferay.portal.security.auth.Authenticator#FAILURE}
* indicating that the user's credentials are invalid, {@link
* com.liferay.portal.security.auth.Authenticator#SUCCESS}
* indicating a successful login, or {@link
* com.liferay.portal.security.auth.Authenticator#DNE} indicating
* that a user with that login does not exist.
* @throws PortalException if <code>login</code> or <code>password</code>
* was <code>null</code>
* @throws SystemException if a system exception occurred
* @see com.liferay.portal.security.auth.AuthPipeline
*/
protected int authenticate(long companyId, String login, String password, String authType, Map<String, String[]> headerMap, Map<String, String[]> parameterMap, Map<String, Object> resultsMap) throws PortalException, SystemException {
if (PropsValues.AUTH_LOGIN_DISABLED) {
return Authenticator.FAILURE;
}
login = StringUtil.toLowerCase(login.trim());
long userId = GetterUtil.getLong(login);
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
if (Validator.isNull(login)) {
throw new UserEmailAddressException();
}
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
if (Validator.isNull(login)) {
throw new UserScreenNameException();
}
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
if (Validator.isNull(login)) {
throw new UserIdException();
}
}
if (Validator.isNull(password)) {
throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
}
int authResult = Authenticator.FAILURE;
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_PRE, companyId, userId, password, headerMap, parameterMap);
}
// Get user
User user = null;
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
user = fetchUserByEmailAddress(companyId, login);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
user = fetchUserByScreenName(companyId, login);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
user = userPersistence.fetchByPrimaryKey(GetterUtil.getLong(login));
}
if (user == null) {
return Authenticator.DNE;
}
if (user.isDefaultUser()) {
if (_log.isInfoEnabled()) {
_log.info("Authentication is disabled for the default user");
}
return Authenticator.DNE;
} else if (!user.isActive()) {
if (_log.isInfoEnabled()) {
_log.info("Authentication is disabled for inactive user " + user.getUserId());
}
return Authenticator.FAILURE;
}
if (!user.isPasswordEncrypted()) {
user.setPassword(PasswordEncryptorUtil.encrypt(user.getPassword()));
user.setPasswordEncrypted(true);
userPersistence.update(user);
}
// Check password policy to see if the is account locked out or if the
// password is expired
checkLockout(user);
checkPasswordExpired(user);
// Authenticate against the User_ table
boolean skipLiferayCheck = false;
if (authResult == Authenticator.SKIP_LIFERAY_CHECK) {
authResult = Authenticator.SUCCESS;
skipLiferayCheck = true;
} else if ((authResult == Authenticator.SUCCESS) && PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK) {
boolean authenticated = PwdAuthenticator.authenticate(login, password, user.getPassword());
if (authenticated) {
authResult = Authenticator.SUCCESS;
} else {
authResult = Authenticator.FAILURE;
}
}
if (authResult == Authenticator.SUCCESS) {
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_POST, companyId, userId, password, headerMap, parameterMap);
}
}
if (authResult == Authenticator.SUCCESS) {
if (resultsMap != null) {
resultsMap.put("userId", user.getUserId());
}
if (skipLiferayCheck || !PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK || Validator.isNull(user.getDigest())) {
String digest = user.getDigest(password);
user.setDigest(digest);
userPersistence.update(user);
}
}
if (authResult == Authenticator.FAILURE) {
try {
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
AuthPipeline.onFailureByEmailAddress(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
AuthPipeline.onFailureByScreenName(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
AuthPipeline.onFailureByUserId(PropsKeys.AUTH_FAILURE, companyId, userId, headerMap, parameterMap);
}
user = userPersistence.fetchByPrimaryKey(user.getUserId());
if (user == null) {
return Authenticator.DNE;
}
if (!LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
PasswordPolicy passwordPolicy = user.getPasswordPolicy();
user = userPersistence.fetchByPrimaryKey(user.getUserId());
int failedLoginAttempts = user.getFailedLoginAttempts();
int maxFailures = passwordPolicy.getMaxFailure();
if ((failedLoginAttempts >= maxFailures) && (maxFailures != 0)) {
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
AuthPipeline.onMaxFailuresByEmailAddress(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
AuthPipeline.onMaxFailuresByScreenName(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
AuthPipeline.onMaxFailuresByUserId(PropsKeys.AUTH_MAX_FAILURES, companyId, userId, headerMap, parameterMap);
}
}
}
} catch (Exception e) {
_log.error(e, e);
}
}
return authResult;
}
Also used :
User(com.liferay.portal.model.User)
UserEmailAddressException(com.liferay.portal.UserEmailAddressException)
ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException)
DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException)
UserPasswordException(com.liferay.portal.UserPasswordException)
PasswordPolicy(com.liferay.portal.model.PasswordPolicy)
UserIdException(com.liferay.portal.UserIdException)
ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException)
DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException)
UserScreenNameException(com.liferay.portal.UserScreenNameException)
ContactFirstNameException(com.liferay.portal.ContactFirstNameException)
ModelListenerException(com.liferay.portal.ModelListenerException)
NoSuchImageException(com.liferay.portal.NoSuchImageException)
GroupFriendlyURLException(com.liferay.portal.GroupFriendlyURLException)
DuplicateOpenIdException(com.liferay.portal.DuplicateOpenIdException)
ImageSizeException(com.liferay.portlet.documentlibrary.ImageSizeException)
PasswordExpiredException(com.liferay.portal.PasswordExpiredException)
UserPasswordException(com.liferay.portal.UserPasswordException)
NoSuchUserException(com.liferay.portal.NoSuchUserException)
UserSmsException(com.liferay.portal.UserSmsException)
NoSuchRoleException(com.liferay.portal.NoSuchRoleException)
PortalException(com.liferay.portal.kernel.exception.PortalException)
UserIdException(com.liferay.portal.UserIdException)
UserPortraitTypeException(com.liferay.portal.UserPortraitTypeException)
RequiredUserException(com.liferay.portal.RequiredUserException)
ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException)
IOException(java.io.IOException)
ContactBirthdayException(com.liferay.portal.ContactBirthdayException)
UserReminderQueryException(com.liferay.portal.UserReminderQueryException)
DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException)
UserEmailAddressException(com.liferay.portal.UserEmailAddressException)
ContactFullNameException(com.liferay.portal.ContactFullNameException)
EncryptorException(com.liferay.util.EncryptorException)
CompanyMaxUsersException(com.liferay.portal.CompanyMaxUsersException)
NoSuchTicketException(com.liferay.portal.NoSuchTicketException)
UserScreenNameException(com.liferay.portal.UserScreenNameException)
ContactLastNameException(com.liferay.portal.ContactLastNameException)
ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException)
DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException)
NoSuchUserGroupException(com.liferay.portal.NoSuchUserGroupException)
PrincipalException(com.liferay.portal.security.auth.PrincipalException)
SystemException(com.liferay.portal.kernel.exception.SystemException)
NoSuchOrganizationException(com.liferay.portal.NoSuchOrganizationException)
UserLockoutException(com.liferay.portal.UserLockoutException)
UserPortraitSizeException(com.liferay.portal.UserPortraitSizeException)
Aggregations
CompanyMaxUsersException (com.liferay.portal.CompanyMaxUsersException)1
ContactBirthdayException (com.liferay.portal.ContactBirthdayException)1
ContactFirstNameException (com.liferay.portal.ContactFirstNameException)1
ContactFullNameException (com.liferay.portal.ContactFullNameException)1
ContactLastNameException (com.liferay.portal.ContactLastNameException)1
DuplicateOpenIdException (com.liferay.portal.DuplicateOpenIdException)1
DuplicateUserEmailAddressException (com.liferay.portal.DuplicateUserEmailAddressException)1
DuplicateUserScreenNameException (com.liferay.portal.DuplicateUserScreenNameException)1
GroupFriendlyURLException (com.liferay.portal.GroupFriendlyURLException)1
ModelListenerException (com.liferay.portal.ModelListenerException)1
NoSuchImageException (com.liferay.portal.NoSuchImageException)1
NoSuchOrganizationException (com.liferay.portal.NoSuchOrganizationException)1
NoSuchRoleException (com.liferay.portal.NoSuchRoleException)1
NoSuchTicketException (com.liferay.portal.NoSuchTicketException)1
NoSuchUserException (com.liferay.portal.NoSuchUserException)1
NoSuchUserGroupException (com.liferay.portal.NoSuchUserGroupException)1
PasswordExpiredException (com.liferay.portal.PasswordExpiredException)1
RequiredUserException (com.liferay.portal.RequiredUserException)1
ReservedUserEmailAddressException (com.liferay.portal.ReservedUserEmailAddressException)1
ReservedUserScreenNameException (com.liferay.portal.ReservedUserScreenNameException)1
