Search in sources :

Example 1 with AuthenticationDisallowedException

use of org.alfresco.repo.security.authentication.AuthenticationDisallowedException in project acs-community-packaging by Alfresco.

the class LoginBean method login.

// ------------------------------------------------------------------------------
// Action event methods
/**
 * Login action handler
 *
 * @return outcome view name
 */
public String login() {
    String outcome = null;
    FacesContext fc = FacesContext.getCurrentInstance();
    if (this.username != null && this.username.length() != 0 && this.password != null && this.password.length() != 0) {
        try {
            // Perform a full session invalidation to ensure no cached data is left around
            // - important if the login page has been accessed directly rather than via the Login/out action links
            logout();
            // Authenticate via the authentication service, then save the details of user in an object
            // in the session - this is used by the servlet filter etc. on each page to check for login
            this.getAuthenticationService().authenticate(this.username, this.password.toCharArray());
            // Set the user name as stored by the back end
            this.username = this.getAuthenticationService().getCurrentUserName();
            // setup User object and Home space ID
            User user = new User(this.username, this.getAuthenticationService().getCurrentTicket(), getPersonService().getPerson(this.username));
            NodeRef homeSpaceRef = (NodeRef) this.getNodeService().getProperty(getPersonService().getPerson(this.username), ContentModel.PROP_HOMEFOLDER);
            // check that the home space node exists - else user cannot login
            if (homeSpaceRef == null || this.getNodeService().exists(homeSpaceRef) == false) {
                throw new InvalidNodeRefException(homeSpaceRef);
            }
            user.setHomeSpaceId(homeSpaceRef.getId());
            // put the User object in the Session - the authentication servlet will then allow
            // the app to continue without redirecting to the login page
            Application.setCurrentUser(fc, user);
            // Save the current username to cookie
            AuthenticationHelper.setUsernameCookie((HttpServletRequest) fc.getExternalContext().getRequest(), (HttpServletResponse) fc.getExternalContext().getResponse(), this.username);
            // Programatically retrieve the LoginOutcomeBean from JSF
            LoginOutcomeBean loginOutcomeBean = (LoginOutcomeBean) fc.getApplication().createValueBinding("#{LoginOutcomeBean}").getValue(fc);
            // if a redirect URL has been provided then use that
            // this allows servlets etc. to provide a URL to return too after a successful login
            String redirectURL = loginOutcomeBean.getRedirectURL();
            // ALF-10312: Validate we are redirecting within this web app
            if (redirectURL != null && !redirectURL.isEmpty() && !redirectURL.startsWith(fc.getExternalContext().getRequestContextPath())) {
                if (logger.isWarnEnabled())
                    logger.warn("Security violation. Unable to redirect to external location: " + redirectURL);
                redirectURL = null;
            }
            if (redirectURL != null && redirectURL.length() > 0) {
                if (logger.isDebugEnabled())
                    logger.debug("Redirect URL found: " + redirectURL);
                try {
                    fc.getExternalContext().redirect(redirectURL);
                    fc.responseComplete();
                    return null;
                } catch (IOException ioErr) {
                    logger.warn("Unable to redirect to url: " + redirectURL, ioErr);
                }
            } else {
                // special case to handle jump to My Alfresco page initially
                // note: to enable MT runtime client config customization, need to re-init NavigationBean
                // in context of tenant login page
                this.navigator.initFromClientConfig();
                if (NavigationBean.LOCATION_MYALFRESCO.equals(this.preferences.getStartLocation())) {
                    return "myalfresco";
                } else {
                    // generally this will navigate to the generic browse screen
                    return "success";
                }
            }
        } catch (AuthenticationDisallowedException aerr) {
            Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_LOGIN_DISALLOWED));
        } catch (AuthenticationMaxUsersException aerr) {
            Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_LOGIN_MAXUSERS));
        } catch (AuthenticationException aerr) {
            Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_UNKNOWN_USER));
        } catch (InvalidNodeRefException refErr) {
            String msg;
            if (refErr.getNodeRef() != null) {
                msg = refErr.getNodeRef().toString();
            } else {
                msg = Application.getMessage(fc, MSG_NONE);
            }
            Utils.addErrorMessage(MessageFormat.format(Application.getMessage(fc, Repository.ERROR_NOHOME), msg));
        }
    } else {
        Utils.addErrorMessage(Application.getMessage(fc, MSG_ERROR_MISSING));
    }
    return outcome;
}
Also used : FacesContext(javax.faces.context.FacesContext) NodeRef(org.alfresco.service.cmr.repository.NodeRef) User(org.alfresco.web.bean.repository.User) AuthenticationException(org.alfresco.repo.security.authentication.AuthenticationException) AuthenticationDisallowedException(org.alfresco.repo.security.authentication.AuthenticationDisallowedException) AuthenticationMaxUsersException(org.alfresco.repo.security.authentication.AuthenticationMaxUsersException) InvalidNodeRefException(org.alfresco.service.cmr.repository.InvalidNodeRefException) IOException(java.io.IOException)

Aggregations

IOException (java.io.IOException)1 FacesContext (javax.faces.context.FacesContext)1 AuthenticationDisallowedException (org.alfresco.repo.security.authentication.AuthenticationDisallowedException)1 AuthenticationException (org.alfresco.repo.security.authentication.AuthenticationException)1 AuthenticationMaxUsersException (org.alfresco.repo.security.authentication.AuthenticationMaxUsersException)1 InvalidNodeRefException (org.alfresco.service.cmr.repository.InvalidNodeRefException)1 NodeRef (org.alfresco.service.cmr.repository.NodeRef)1 User (org.alfresco.web.bean.repository.User)1