Search in sources :

Example 1 with AMAuthCallBackException

use of com.sun.identity.authentication.spi.AMAuthCallBackException in project OpenAM by OpenRock.

the class ISAccountLockout method invalidPasswd.

/**
     * Determines the number of times user failed authentication
     * updates the accountInfo object with the user information and count of
     * failed authentication attempts.
     *
     * @param  userDN DN of the user
     * @param  userName name of the user
     * @param  amIdentity AMidentity object
     * @param  acInfo AccountLockoutInfo
     * @return updated user lockout information
     */
public int invalidPasswd(String userDN, String userName, AMIdentity amIdentity, AccountLockoutInfo acInfo) {
    if (acInfo == null) {
        acInfo = new AccountLockoutInfo();
        acInfo.setActualLockoutDuration(failureLockoutDuration);
        loginFailHash.put(userDN, acInfo);
    }
    if (debug.messageEnabled()) {
        debug.message("ISAccountLockout.invalidPasswd with userDN, AMIdentity");
        debug.message("userDN : " + userDN);
    }
    long now = System.currentTimeMillis();
    int fail_count = acInfo.getFailCount();
    long lastFailTime = acInfo.getLastFailTime();
    long lockedAt = acInfo.getLockoutAt();
    if ((lastFailTime + failureLockoutTime) > now) {
        fail_count = fail_count + 1;
    } else {
        fail_count = 1;
    }
    if (((lastFailTime + failureLockoutTime) > now) && (fail_count == failureLockoutCount)) {
        lockedAt = now;
    }
    if (debug.messageEnabled()) {
        debug.message("ISAccountLockout.invalidPasswd:fail_count:" + fail_count);
    }
    if (storeInvalidAttemptsInDS) {
        Map attrMap = new HashMap();
        Set invalidAttempts = new HashSet();
        String invalidXML = createInvalidAttemptsXML(fail_count, now, lockedAt, acInfo.getActualLockoutDuration());
        invalidAttempts.add(invalidXML);
        if (debug.messageEnabled()) {
            debug.message("ISAccountLockout.invalidPasswd: " + "Invalid Attempt XML being inserted= " + invalidXML);
        }
        attrMap.put(invalidAttemptsDataAttrName, invalidAttempts);
        try {
            setLockoutObjectClass(amIdentity);
            amIdentity.setAttributes(attrMap);
            amIdentity.store();
            debug.message("ISAccountLockout.invalidPasswd: Stored Invalid Attempt XML");
        } catch (Exception e) {
            debug.error("ISAccountLockout.invalidPasswd", e);
            return -1;
        }
    }
    acInfo.setLastFailTime(now);
    acInfo.setFailCount(fail_count);
    acInfo.setLockoutAt(lockedAt);
    if (lockedAt > 0) {
        acInfo.setLockout(true);
    }
    acInfo.setUserToken(userName);
    if (fail_count == failureLockoutCount) {
        if (!memoryLocking) {
            inactivateUserAccount(amIdentity);
        }
        try {
            sendLockOutNotice(userName);
            /*
                 * The callback implementation instance is retrieved for
                 * the user's organization. This will be used to notify the
                 * custom plug-ins that a certain event occured on an account.
                 */
            callbackImpl = AMAuthCallBackImpl.getInstance(amIdentity.getRealm());
            // Requesting callback to plugin for account lockout event.
            callbackImpl.processedAccounttLockout(new Long(now), userName);
        } catch (AMAuthCallBackException e) {
            if (debug.getState() >= IDebug.ERROR) {
                debug.error("ISAccountLockout invalidPasswd : " + "error getting callback implementation " + "instance or error from callback module", e);
            }
        } catch (Exception ex) {
            debug.message("Error activating account/sending" + "notification ", ex);
        }
    }
    setWarningCount(fail_count, failureLockoutCount);
    return userWarningCount;
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) AMAuthCallBackException(com.sun.identity.authentication.spi.AMAuthCallBackException) HashMap(java.util.HashMap) Map(java.util.Map) MessagingException(javax.mail.MessagingException) AMAuthCallBackException(com.sun.identity.authentication.spi.AMAuthCallBackException) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) HashSet(java.util.HashSet)

Aggregations

SSOException (com.iplanet.sso.SSOException)1 AMAuthCallBackException (com.sun.identity.authentication.spi.AMAuthCallBackException)1 IdRepoException (com.sun.identity.idm.IdRepoException)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 Map (java.util.Map)1 Set (java.util.Set)1 MessagingException (javax.mail.MessagingException)1