Search in sources :

Example 1 with UserIdException

use of com.liferay.portal.UserIdException in project liferay-ide by liferay.

the class UserLocalServiceImpl method authenticate.

/**
 * Attempts to authenticate the user by their login and password, while
 * using the AuthPipeline.
 *
 * <p>
 * Authentication type specifies what <code>login</code> contains.The valid
 * values are:
 * </p>
 *
 * <ul>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_EA</code> - <code>login</code> is the
 * user's email address
 * </li>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_SN</code> - <code>login</code> is the
 * user's screen name
 * </li>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_ID</code> - <code>login</code> is the
 * user's primary key
 * </li>
 * </ul>
 *
 * @param  companyId the primary key of the user's company
 * @param  login either the user's email address, screen name, or primary
 *         key depending on the value of <code>authType</code>
 * @param  password the user's password
 * @param  authType the type of authentication to perform
 * @param  headerMap the header map from the authentication request
 * @param  parameterMap the parameter map from the authentication request
 * @param  resultsMap the map of authentication results (may be nil). After
 *         a succesful authentication the user's primary key will be placed
 *         under the key <code>userId</code>.
 * @return the authentication status. This can be {@link
 *         com.liferay.portal.security.auth.Authenticator#FAILURE}
 *         indicating that the user's credentials are invalid, {@link
 *         com.liferay.portal.security.auth.Authenticator#SUCCESS}
 *         indicating a successful login, or {@link
 *         com.liferay.portal.security.auth.Authenticator#DNE} indicating
 *         that a user with that login does not exist.
 * @throws PortalException if <code>login</code> or <code>password</code>
 *         was <code>null</code>
 * @throws SystemException if a system exception occurred
 * @see    com.liferay.portal.security.auth.AuthPipeline
 */
protected int authenticate(long companyId, String login, String password, String authType, Map<String, String[]> headerMap, Map<String, String[]> parameterMap, Map<String, Object> resultsMap) throws PortalException, SystemException {
    if (PropsValues.AUTH_LOGIN_DISABLED) {
        return Authenticator.FAILURE;
    }
    login = StringUtil.toLowerCase(login.trim());
    long userId = GetterUtil.getLong(login);
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        if (Validator.isNull(login)) {
            throw new UserEmailAddressException();
        }
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        if (Validator.isNull(login)) {
            throw new UserScreenNameException();
        }
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        if (Validator.isNull(login)) {
            throw new UserIdException();
        }
    }
    if (Validator.isNull(password)) {
        throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
    }
    int authResult = Authenticator.FAILURE;
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_PRE, companyId, userId, password, headerMap, parameterMap);
    }
    // Get user
    User user = null;
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        user = fetchUserByEmailAddress(companyId, login);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        user = fetchUserByScreenName(companyId, login);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        user = userPersistence.fetchByPrimaryKey(GetterUtil.getLong(login));
    }
    if (user == null) {
        return Authenticator.DNE;
    }
    if (user.isDefaultUser()) {
        if (_log.isInfoEnabled()) {
            _log.info("Authentication is disabled for the default user");
        }
        return Authenticator.DNE;
    } else if (!user.isActive()) {
        if (_log.isInfoEnabled()) {
            _log.info("Authentication is disabled for inactive user " + user.getUserId());
        }
        return Authenticator.FAILURE;
    }
    if (!user.isPasswordEncrypted()) {
        user.setPassword(PasswordEncryptorUtil.encrypt(user.getPassword()));
        user.setPasswordEncrypted(true);
        userPersistence.update(user);
    }
    // Check password policy to see if the is account locked out or if the
    // password is expired
    checkLockout(user);
    checkPasswordExpired(user);
    // Authenticate against the User_ table
    boolean skipLiferayCheck = false;
    if (authResult == Authenticator.SKIP_LIFERAY_CHECK) {
        authResult = Authenticator.SUCCESS;
        skipLiferayCheck = true;
    } else if ((authResult == Authenticator.SUCCESS) && PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK) {
        boolean authenticated = PwdAuthenticator.authenticate(login, password, user.getPassword());
        if (authenticated) {
            authResult = Authenticator.SUCCESS;
        } else {
            authResult = Authenticator.FAILURE;
        }
    }
    if (authResult == Authenticator.SUCCESS) {
        if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
            authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
        } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
            authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
        } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
            authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_POST, companyId, userId, password, headerMap, parameterMap);
        }
    }
    if (authResult == Authenticator.SUCCESS) {
        if (resultsMap != null) {
            resultsMap.put("userId", user.getUserId());
        }
        if (skipLiferayCheck || !PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK || Validator.isNull(user.getDigest())) {
            String digest = user.getDigest(password);
            user.setDigest(digest);
            userPersistence.update(user);
        }
    }
    if (authResult == Authenticator.FAILURE) {
        try {
            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
                AuthPipeline.onFailureByEmailAddress(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
            } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
                AuthPipeline.onFailureByScreenName(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
            } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
                AuthPipeline.onFailureByUserId(PropsKeys.AUTH_FAILURE, companyId, userId, headerMap, parameterMap);
            }
            user = userPersistence.fetchByPrimaryKey(user.getUserId());
            if (user == null) {
                return Authenticator.DNE;
            }
            if (!LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
                PasswordPolicy passwordPolicy = user.getPasswordPolicy();
                user = userPersistence.fetchByPrimaryKey(user.getUserId());
                int failedLoginAttempts = user.getFailedLoginAttempts();
                int maxFailures = passwordPolicy.getMaxFailure();
                if ((failedLoginAttempts >= maxFailures) && (maxFailures != 0)) {
                    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
                        AuthPipeline.onMaxFailuresByEmailAddress(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
                    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
                        AuthPipeline.onMaxFailuresByScreenName(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
                    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
                        AuthPipeline.onMaxFailuresByUserId(PropsKeys.AUTH_MAX_FAILURES, companyId, userId, headerMap, parameterMap);
                    }
                }
            }
        } catch (Exception e) {
            _log.error(e, e);
        }
    }
    return authResult;
}
Also used : User(com.liferay.portal.model.User) UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) UserPasswordException(com.liferay.portal.UserPasswordException) PasswordPolicy(com.liferay.portal.model.PasswordPolicy) UserIdException(com.liferay.portal.UserIdException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) UserScreenNameException(com.liferay.portal.UserScreenNameException) ContactFirstNameException(com.liferay.portal.ContactFirstNameException) ModelListenerException(com.liferay.portal.ModelListenerException) NoSuchImageException(com.liferay.portal.NoSuchImageException) GroupFriendlyURLException(com.liferay.portal.GroupFriendlyURLException) DuplicateOpenIdException(com.liferay.portal.DuplicateOpenIdException) ImageSizeException(com.liferay.portlet.documentlibrary.ImageSizeException) PasswordExpiredException(com.liferay.portal.PasswordExpiredException) UserPasswordException(com.liferay.portal.UserPasswordException) NoSuchUserException(com.liferay.portal.NoSuchUserException) UserSmsException(com.liferay.portal.UserSmsException) NoSuchRoleException(com.liferay.portal.NoSuchRoleException) PortalException(com.liferay.portal.kernel.exception.PortalException) UserIdException(com.liferay.portal.UserIdException) UserPortraitTypeException(com.liferay.portal.UserPortraitTypeException) RequiredUserException(com.liferay.portal.RequiredUserException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) IOException(java.io.IOException) ContactBirthdayException(com.liferay.portal.ContactBirthdayException) UserReminderQueryException(com.liferay.portal.UserReminderQueryException) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ContactFullNameException(com.liferay.portal.ContactFullNameException) EncryptorException(com.liferay.util.EncryptorException) CompanyMaxUsersException(com.liferay.portal.CompanyMaxUsersException) NoSuchTicketException(com.liferay.portal.NoSuchTicketException) UserScreenNameException(com.liferay.portal.UserScreenNameException) ContactLastNameException(com.liferay.portal.ContactLastNameException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) NoSuchUserGroupException(com.liferay.portal.NoSuchUserGroupException) PrincipalException(com.liferay.portal.security.auth.PrincipalException) SystemException(com.liferay.portal.kernel.exception.SystemException) NoSuchOrganizationException(com.liferay.portal.NoSuchOrganizationException) UserLockoutException(com.liferay.portal.UserLockoutException) UserPortraitSizeException(com.liferay.portal.UserPortraitSizeException)

Aggregations

CompanyMaxUsersException (com.liferay.portal.CompanyMaxUsersException)1 ContactBirthdayException (com.liferay.portal.ContactBirthdayException)1 ContactFirstNameException (com.liferay.portal.ContactFirstNameException)1 ContactFullNameException (com.liferay.portal.ContactFullNameException)1 ContactLastNameException (com.liferay.portal.ContactLastNameException)1 DuplicateOpenIdException (com.liferay.portal.DuplicateOpenIdException)1 DuplicateUserEmailAddressException (com.liferay.portal.DuplicateUserEmailAddressException)1 DuplicateUserScreenNameException (com.liferay.portal.DuplicateUserScreenNameException)1 GroupFriendlyURLException (com.liferay.portal.GroupFriendlyURLException)1 ModelListenerException (com.liferay.portal.ModelListenerException)1 NoSuchImageException (com.liferay.portal.NoSuchImageException)1 NoSuchOrganizationException (com.liferay.portal.NoSuchOrganizationException)1 NoSuchRoleException (com.liferay.portal.NoSuchRoleException)1 NoSuchTicketException (com.liferay.portal.NoSuchTicketException)1 NoSuchUserException (com.liferay.portal.NoSuchUserException)1 NoSuchUserGroupException (com.liferay.portal.NoSuchUserGroupException)1 PasswordExpiredException (com.liferay.portal.PasswordExpiredException)1 RequiredUserException (com.liferay.portal.RequiredUserException)1 ReservedUserEmailAddressException (com.liferay.portal.ReservedUserEmailAddressException)1 ReservedUserScreenNameException (com.liferay.portal.ReservedUserScreenNameException)1