Search in sources :

Example 1 with UserScreenNameException

use of com.liferay.portal.UserScreenNameException in project liferay-ide by liferay.

the class UserLocalServiceImpl method authenticate.

/**
 * Attempts to authenticate the user by their login and password, while
 * using the AuthPipeline.
 *
 * <p>
 * Authentication type specifies what <code>login</code> contains.The valid
 * values are:
 * </p>
 *
 * <ul>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_EA</code> - <code>login</code> is the
 * user's email address
 * </li>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_SN</code> - <code>login</code> is the
 * user's screen name
 * </li>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_ID</code> - <code>login</code> is the
 * user's primary key
 * </li>
 * </ul>
 *
 * @param  companyId the primary key of the user's company
 * @param  login either the user's email address, screen name, or primary
 *         key depending on the value of <code>authType</code>
 * @param  password the user's password
 * @param  authType the type of authentication to perform
 * @param  headerMap the header map from the authentication request
 * @param  parameterMap the parameter map from the authentication request
 * @param  resultsMap the map of authentication results (may be nil). After
 *         a succesful authentication the user's primary key will be placed
 *         under the key <code>userId</code>.
 * @return the authentication status. This can be {@link
 *         com.liferay.portal.security.auth.Authenticator#FAILURE}
 *         indicating that the user's credentials are invalid, {@link
 *         com.liferay.portal.security.auth.Authenticator#SUCCESS}
 *         indicating a successful login, or {@link
 *         com.liferay.portal.security.auth.Authenticator#DNE} indicating
 *         that a user with that login does not exist.
 * @throws PortalException if <code>login</code> or <code>password</code>
 *         was <code>null</code>
 * @throws SystemException if a system exception occurred
 * @see    com.liferay.portal.security.auth.AuthPipeline
 */
protected int authenticate(long companyId, String login, String password, String authType, Map<String, String[]> headerMap, Map<String, String[]> parameterMap, Map<String, Object> resultsMap) throws PortalException, SystemException {
    if (PropsValues.AUTH_LOGIN_DISABLED) {
        return Authenticator.FAILURE;
    }
    login = StringUtil.toLowerCase(login.trim());
    long userId = GetterUtil.getLong(login);
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        if (Validator.isNull(login)) {
            throw new UserEmailAddressException();
        }
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        if (Validator.isNull(login)) {
            throw new UserScreenNameException();
        }
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        if (Validator.isNull(login)) {
            throw new UserIdException();
        }
    }
    if (Validator.isNull(password)) {
        throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
    }
    int authResult = Authenticator.FAILURE;
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_PRE, companyId, userId, password, headerMap, parameterMap);
    }
    // Get user
    User user = null;
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        user = fetchUserByEmailAddress(companyId, login);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        user = fetchUserByScreenName(companyId, login);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        user = userPersistence.fetchByPrimaryKey(GetterUtil.getLong(login));
    }
    if (user == null) {
        return Authenticator.DNE;
    }
    if (user.isDefaultUser()) {
        if (_log.isInfoEnabled()) {
            _log.info("Authentication is disabled for the default user");
        }
        return Authenticator.DNE;
    } else if (!user.isActive()) {
        if (_log.isInfoEnabled()) {
            _log.info("Authentication is disabled for inactive user " + user.getUserId());
        }
        return Authenticator.FAILURE;
    }
    if (!user.isPasswordEncrypted()) {
        user.setPassword(PasswordEncryptorUtil.encrypt(user.getPassword()));
        user.setPasswordEncrypted(true);
        userPersistence.update(user);
    }
    // Check password policy to see if the is account locked out or if the
    // password is expired
    checkLockout(user);
    checkPasswordExpired(user);
    // Authenticate against the User_ table
    boolean skipLiferayCheck = false;
    if (authResult == Authenticator.SKIP_LIFERAY_CHECK) {
        authResult = Authenticator.SUCCESS;
        skipLiferayCheck = true;
    } else if ((authResult == Authenticator.SUCCESS) && PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK) {
        boolean authenticated = PwdAuthenticator.authenticate(login, password, user.getPassword());
        if (authenticated) {
            authResult = Authenticator.SUCCESS;
        } else {
            authResult = Authenticator.FAILURE;
        }
    }
    if (authResult == Authenticator.SUCCESS) {
        if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
            authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
        } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
            authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
        } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
            authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_POST, companyId, userId, password, headerMap, parameterMap);
        }
    }
    if (authResult == Authenticator.SUCCESS) {
        if (resultsMap != null) {
            resultsMap.put("userId", user.getUserId());
        }
        if (skipLiferayCheck || !PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK || Validator.isNull(user.getDigest())) {
            String digest = user.getDigest(password);
            user.setDigest(digest);
            userPersistence.update(user);
        }
    }
    if (authResult == Authenticator.FAILURE) {
        try {
            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
                AuthPipeline.onFailureByEmailAddress(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
            } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
                AuthPipeline.onFailureByScreenName(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
            } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
                AuthPipeline.onFailureByUserId(PropsKeys.AUTH_FAILURE, companyId, userId, headerMap, parameterMap);
            }
            user = userPersistence.fetchByPrimaryKey(user.getUserId());
            if (user == null) {
                return Authenticator.DNE;
            }
            if (!LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
                PasswordPolicy passwordPolicy = user.getPasswordPolicy();
                user = userPersistence.fetchByPrimaryKey(user.getUserId());
                int failedLoginAttempts = user.getFailedLoginAttempts();
                int maxFailures = passwordPolicy.getMaxFailure();
                if ((failedLoginAttempts >= maxFailures) && (maxFailures != 0)) {
                    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
                        AuthPipeline.onMaxFailuresByEmailAddress(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
                    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
                        AuthPipeline.onMaxFailuresByScreenName(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
                    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
                        AuthPipeline.onMaxFailuresByUserId(PropsKeys.AUTH_MAX_FAILURES, companyId, userId, headerMap, parameterMap);
                    }
                }
            }
        } catch (Exception e) {
            _log.error(e, e);
        }
    }
    return authResult;
}
Also used : User(com.liferay.portal.model.User) UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) UserPasswordException(com.liferay.portal.UserPasswordException) PasswordPolicy(com.liferay.portal.model.PasswordPolicy) UserIdException(com.liferay.portal.UserIdException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) UserScreenNameException(com.liferay.portal.UserScreenNameException) ContactFirstNameException(com.liferay.portal.ContactFirstNameException) ModelListenerException(com.liferay.portal.ModelListenerException) NoSuchImageException(com.liferay.portal.NoSuchImageException) GroupFriendlyURLException(com.liferay.portal.GroupFriendlyURLException) DuplicateOpenIdException(com.liferay.portal.DuplicateOpenIdException) ImageSizeException(com.liferay.portlet.documentlibrary.ImageSizeException) PasswordExpiredException(com.liferay.portal.PasswordExpiredException) UserPasswordException(com.liferay.portal.UserPasswordException) NoSuchUserException(com.liferay.portal.NoSuchUserException) UserSmsException(com.liferay.portal.UserSmsException) NoSuchRoleException(com.liferay.portal.NoSuchRoleException) PortalException(com.liferay.portal.kernel.exception.PortalException) UserIdException(com.liferay.portal.UserIdException) UserPortraitTypeException(com.liferay.portal.UserPortraitTypeException) RequiredUserException(com.liferay.portal.RequiredUserException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) IOException(java.io.IOException) ContactBirthdayException(com.liferay.portal.ContactBirthdayException) UserReminderQueryException(com.liferay.portal.UserReminderQueryException) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ContactFullNameException(com.liferay.portal.ContactFullNameException) EncryptorException(com.liferay.util.EncryptorException) CompanyMaxUsersException(com.liferay.portal.CompanyMaxUsersException) NoSuchTicketException(com.liferay.portal.NoSuchTicketException) UserScreenNameException(com.liferay.portal.UserScreenNameException) ContactLastNameException(com.liferay.portal.ContactLastNameException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) NoSuchUserGroupException(com.liferay.portal.NoSuchUserGroupException) PrincipalException(com.liferay.portal.security.auth.PrincipalException) SystemException(com.liferay.portal.kernel.exception.SystemException) NoSuchOrganizationException(com.liferay.portal.NoSuchOrganizationException) UserLockoutException(com.liferay.portal.UserLockoutException) UserPortraitSizeException(com.liferay.portal.UserPortraitSizeException)

Example 2 with UserScreenNameException

use of com.liferay.portal.UserScreenNameException in project liferay-ide by liferay.

the class UserLocalServiceImpl method validateScreenName.

protected void validateScreenName(long companyId, long userId, String screenName) throws PortalException, SystemException {
    if (Validator.isNull(screenName)) {
        throw new UserScreenNameException();
    }
    ScreenNameValidator screenNameValidator = ScreenNameValidatorFactory.getInstance();
    if (!screenNameValidator.validate(companyId, screenName)) {
        throw new UserScreenNameException();
    }
    if (Validator.isNumber(screenName)) {
        if (!PropsValues.USERS_SCREEN_NAME_ALLOW_NUMERIC) {
            throw new UserScreenNameException();
        }
        if (!screenName.equals(String.valueOf(userId))) {
            Group group = groupPersistence.fetchByPrimaryKey(GetterUtil.getLong(screenName));
            if (group != null) {
                throw new UserScreenNameException();
            }
        }
    }
    for (char c : screenName.toCharArray()) {
        if (!Validator.isChar(c) && !Validator.isDigit(c) && (c != CharPool.DASH) && (c != CharPool.PERIOD) && (c != CharPool.UNDERLINE)) {
            throw new UserScreenNameException();
        }
    }
    String[] anonymousNames = BaseServiceImpl.ANONYMOUS_NAMES;
    for (String anonymousName : anonymousNames) {
        if (StringUtil.equalsIgnoreCase(screenName, anonymousName)) {
            throw new UserScreenNameException();
        }
    }
    User user = userPersistence.fetchByC_SN(companyId, screenName);
    if ((user != null) && (user.getUserId() != userId)) {
        throw new DuplicateUserScreenNameException("{userId=" + userId + "}");
    }
    String friendlyURL = StringPool.SLASH + screenName;
    Group group = groupPersistence.fetchByC_F(companyId, friendlyURL);
    if ((group != null) && (group.getClassPK() != userId)) {
        throw new GroupFriendlyURLException(GroupFriendlyURLException.DUPLICATE);
    }
    int exceptionType = LayoutImpl.validateFriendlyURL(friendlyURL);
    if (exceptionType != -1) {
        throw new UserScreenNameException(new GroupFriendlyURLException(exceptionType));
    }
    String[] reservedScreenNames = PrefsPropsUtil.getStringArray(companyId, PropsKeys.ADMIN_RESERVED_SCREEN_NAMES, StringPool.NEW_LINE, PropsValues.ADMIN_RESERVED_SCREEN_NAMES);
    for (String reservedScreenName : reservedScreenNames) {
        if (StringUtil.equalsIgnoreCase(screenName, reservedScreenName)) {
            throw new ReservedUserScreenNameException();
        }
    }
}
Also used : Group(com.liferay.portal.model.Group) UserGroup(com.liferay.portal.model.UserGroup) GroupFriendlyURLException(com.liferay.portal.GroupFriendlyURLException) ScreenNameValidator(com.liferay.portal.security.auth.ScreenNameValidator) User(com.liferay.portal.model.User) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) UserScreenNameException(com.liferay.portal.UserScreenNameException)

Aggregations

DuplicateUserScreenNameException (com.liferay.portal.DuplicateUserScreenNameException)2 GroupFriendlyURLException (com.liferay.portal.GroupFriendlyURLException)2 ReservedUserScreenNameException (com.liferay.portal.ReservedUserScreenNameException)2 UserScreenNameException (com.liferay.portal.UserScreenNameException)2 User (com.liferay.portal.model.User)2 CompanyMaxUsersException (com.liferay.portal.CompanyMaxUsersException)1 ContactBirthdayException (com.liferay.portal.ContactBirthdayException)1 ContactFirstNameException (com.liferay.portal.ContactFirstNameException)1 ContactFullNameException (com.liferay.portal.ContactFullNameException)1 ContactLastNameException (com.liferay.portal.ContactLastNameException)1 DuplicateOpenIdException (com.liferay.portal.DuplicateOpenIdException)1 DuplicateUserEmailAddressException (com.liferay.portal.DuplicateUserEmailAddressException)1 ModelListenerException (com.liferay.portal.ModelListenerException)1 NoSuchImageException (com.liferay.portal.NoSuchImageException)1 NoSuchOrganizationException (com.liferay.portal.NoSuchOrganizationException)1 NoSuchRoleException (com.liferay.portal.NoSuchRoleException)1 NoSuchTicketException (com.liferay.portal.NoSuchTicketException)1 NoSuchUserException (com.liferay.portal.NoSuchUserException)1 NoSuchUserGroupException (com.liferay.portal.NoSuchUserGroupException)1 PasswordExpiredException (com.liferay.portal.PasswordExpiredException)1