Example 1 with AuthenticationDisallowedException
use of org.alfresco.repo.security.authentication.AuthenticationDisallowedException in project acs-community-packaging by Alfresco.
the class LoginBean method login.
// ------------------------------------------------------------------------------
// Action event methods
/**
* Login action handler
*
* @return outcome view name
*/
public String login() {
String outcome = null;
FacesContext fc = FacesContext.getCurrentInstance();
if (this.username != null && this.username.length() != 0 && this.password != null && this.password.length() != 0) {
try {
// Perform a full session invalidation to ensure no cached data is left around
// - important if the login page has been accessed directly rather than via the Login/out action links
logout();
// Authenticate via the authentication service, then save the details of user in an object
// in the session - this is used by the servlet filter etc. on each page to check for login
this.getAuthenticationService().authenticate(this.username, this.password.toCharArray());
// Set the user name as stored by the back end
this.username = this.getAuthenticationService().getCurrentUserName();
// setup User object and Home space ID
User user = new User(this.username, this.getAuthenticationService().getCurrentTicket(), getPersonService().getPerson(this.username));
NodeRef homeSpaceRef = (NodeRef) this.getNodeService().getProperty(getPersonService().getPerson(this.username), ContentModel.PROP_HOMEFOLDER);
// check that the home space node exists - else user cannot login
if (homeSpaceRef == null || this.getNodeService().exists(homeSpaceRef) == false) {
throw new InvalidNodeRefException(homeSpaceRef);
}
user.setHomeSpaceId(homeSpaceRef.getId());
// put the User object in the Session - the authentication servlet will then allow
// the app to continue without redirecting to the login page
Application.setCurrentUser(fc, user);
// Save the current username to cookie
AuthenticationHelper.setUsernameCookie((HttpServletRequest) fc.getExternalContext().getRequest(), (HttpServletResponse) fc.getExternalContext().getResponse(), this.username);
// Programatically retrieve the LoginOutcomeBean from JSF
LoginOutcomeBean loginOutcomeBean = (LoginOutcomeBean) fc.getApplication().createValueBinding("#{LoginOutcomeBean}").getValue(fc);
// if a redirect URL has been provided then use that
// this allows servlets etc. to provide a URL to return too after a successful login
String redirectURL = loginOutcomeBean.getRedirectURL();
// ALF-10312: Validate we are redirecting within this web app
if (redirectURL != null && !redirectURL.isEmpty() && !redirectURL.startsWith(fc.getExternalContext().getRequestContextPath())) {
if (logger.isWarnEnabled())
logger.warn("Security violation. Unable to redirect to external location: " + redirectURL);
redirectURL = null;
}
if (redirectURL != null && redirectURL.length() > 0) {
if (logger.isDebugEnabled())
logger.debug("Redirect URL found: " + redirectURL);
try {
fc.getExternalContext().redirect(redirectURL);
fc.responseComplete();
return null;
} catch (IOException ioErr) {
logger.warn("Unable to redirect to url: " + redirectURL, ioErr);
}
} else {
// special case to handle jump to My Alfresco page initially
// note: to enable MT runtime client config customization, need to re-init NavigationBean
// in context of tenant login page
this.navigator.initFromClientConfig();
if (NavigationBean.LOCATION_MYALFRESCO.equals(this.preferences.getStartLocation())) {
return "myalfresco";
} else {
// generally this will navigate to the generic browse screen
return "success";
}
}
} catch (AuthenticationDisallowedException aerr) {
Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_LOGIN_DISALLOWED));
} catch (AuthenticationMaxUsersException aerr) {
Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_LOGIN_MAXUSERS));
} catch (AuthenticationException aerr) {
Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_UNKNOWN_USER));
} catch (InvalidNodeRefException refErr) {
String msg;
if (refErr.getNodeRef() != null) {
msg = refErr.getNodeRef().toString();
} else {
msg = Application.getMessage(fc, MSG_NONE);
}
Utils.addErrorMessage(MessageFormat.format(Application.getMessage(fc, Repository.ERROR_NOHOME), msg));
}
} else {
Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_MISSING));
}
return outcome;
}
Also used :
FacesContext(javax.faces.context.FacesContext)
NodeRef(org.alfresco.service.cmr.repository.NodeRef)
User(org.alfresco.web.bean.repository.User)
AuthenticationException(org.alfresco.repo.security.authentication.AuthenticationException)
AuthenticationDisallowedException(org.alfresco.repo.security.authentication.AuthenticationDisallowedException)
AuthenticationMaxUsersException(org.alfresco.repo.security.authentication.AuthenticationMaxUsersException)
InvalidNodeRefException(org.alfresco.service.cmr.repository.InvalidNodeRefException)
IOException(java.io.IOException)
Aggregations
IOException (java.io.IOException)1
FacesContext (javax.faces.context.FacesContext)1
AuthenticationDisallowedException (org.alfresco.repo.security.authentication.AuthenticationDisallowedException)1
AuthenticationException (org.alfresco.repo.security.authentication.AuthenticationException)1
AuthenticationMaxUsersException (org.alfresco.repo.security.authentication.AuthenticationMaxUsersException)1
InvalidNodeRefException (org.alfresco.service.cmr.repository.InvalidNodeRefException)1
NodeRef (org.alfresco.service.cmr.repository.NodeRef)1
User (org.alfresco.web.bean.repository.User)1
