Search in sources :

Example 1 with MessageDescriptor

use of org.apereo.cas.authentication.MessageDescriptor in project cas by apereo.

the class DefaultAccountStateHandler method handle.

@Override
public List<MessageDescriptor> handle(final AuthenticationResponse response, final LdapPasswordPolicyConfiguration configuration) throws LoginException {
    if (!this.attributesToErrorMap.isEmpty() && response.getResult()) {
        LOGGER.debug("Handling policy based on pre-defined attributes");
        handlePolicyAttributes(response);
    }
    final AccountState state = response.getAccountState();
    if (state == null) {
        LOGGER.debug("Account state not defined. Returning empty list of messages.");
        return Collections.emptyList();
    }
    final List<MessageDescriptor> messages = new ArrayList<>();
    handleError(state.getError(), response, configuration, messages);
    handleWarning(state.getWarning(), response, configuration, messages);
    return messages;
}
Also used : MessageDescriptor(org.apereo.cas.authentication.MessageDescriptor) DefaultMessageDescriptor(org.apereo.cas.DefaultMessageDescriptor) PasswordExpiringWarningMessageDescriptor(org.apereo.cas.authentication.support.password.PasswordExpiringWarningMessageDescriptor) ArrayList(java.util.ArrayList) ActiveDirectoryAccountState(org.ldaptive.auth.ext.ActiveDirectoryAccountState) FreeIPAAccountState(org.ldaptive.auth.ext.FreeIPAAccountState) AccountState(org.ldaptive.auth.AccountState) PasswordExpirationAccountState(org.ldaptive.auth.ext.PasswordExpirationAccountState) EDirectoryAccountState(org.ldaptive.auth.ext.EDirectoryAccountState)

Example 2 with MessageDescriptor

use of org.apereo.cas.authentication.MessageDescriptor in project cas by apereo.

the class OptionalWarningLdapLdapAccountStateHandlerTests method verifyNoWarningOnMatch.

@Test
public void verifyNoWarningOnMatch() {
    final OptionalWarningLdapLdapAccountStateHandler h = new OptionalWarningLdapLdapAccountStateHandler();
    h.setWarnAttributeName("attribute");
    h.setWarningAttributeValue("value");
    h.setDisplayWarningOnMatch(false);
    final AuthenticationResponse response = mock(AuthenticationResponse.class);
    final LdapEntry entry = mock(LdapEntry.class);
    when(response.getLdapEntry()).thenReturn(entry);
    when(entry.getAttribute(anyString())).thenReturn(new LdapAttribute("attribute", "value"));
    final List<MessageDescriptor> messages = new ArrayList<>();
    final LdapPasswordPolicyConfiguration config = new LdapPasswordPolicyConfiguration();
    config.setPasswordWarningNumberOfDays(5);
    h.handleWarning(new AccountState.DefaultWarning(ZonedDateTime.now(), 1), response, config, messages);
    assertEquals(0, messages.size());
}
Also used : MessageDescriptor(org.apereo.cas.authentication.MessageDescriptor) LdapAttribute(org.ldaptive.LdapAttribute) ArrayList(java.util.ArrayList) LdapEntry(org.ldaptive.LdapEntry) AccountState(org.ldaptive.auth.AccountState) AuthenticationResponse(org.ldaptive.auth.AuthenticationResponse) Test(org.junit.Test)

Example 3 with MessageDescriptor

use of org.apereo.cas.authentication.MessageDescriptor in project cas by apereo.

the class OptionalWarningLdapLdapAccountStateHandlerTests method verifyAlwaysWarningOnMatch.

@Test
public void verifyAlwaysWarningOnMatch() {
    final OptionalWarningLdapLdapAccountStateHandler h = new OptionalWarningLdapLdapAccountStateHandler();
    h.setWarnAttributeName("attribute");
    h.setWarningAttributeValue("value");
    h.setDisplayWarningOnMatch(true);
    final AuthenticationResponse response = mock(AuthenticationResponse.class);
    final LdapEntry entry = mock(LdapEntry.class);
    when(response.getLdapEntry()).thenReturn(entry);
    when(entry.getAttribute(anyString())).thenReturn(new LdapAttribute("attribute", "value"));
    final List<MessageDescriptor> messages = new ArrayList<>();
    final LdapPasswordPolicyConfiguration config = new LdapPasswordPolicyConfiguration();
    config.setAlwaysDisplayPasswordExpirationWarning(true);
    h.handleWarning(new AccountState.DefaultWarning(ZonedDateTime.now(), 1), response, config, messages);
    assertEquals(2, messages.size());
}
Also used : MessageDescriptor(org.apereo.cas.authentication.MessageDescriptor) LdapAttribute(org.ldaptive.LdapAttribute) ArrayList(java.util.ArrayList) LdapEntry(org.ldaptive.LdapEntry) AccountState(org.ldaptive.auth.AccountState) AuthenticationResponse(org.ldaptive.auth.AuthenticationResponse) Test(org.junit.Test)

Example 4 with MessageDescriptor

use of org.apereo.cas.authentication.MessageDescriptor in project cas by apereo.

the class AbstractCasWebflowEventResolver method addWarningMessagesToMessageContextIfNeeded.

/**
 * Add warning messages to message context if needed.
 *
 * @param tgtId          the tgt id
 * @param messageContext the message context
 * @return true if warnings were found and added, false otherwise.
 * @since 4.1.0
 */
private static boolean addWarningMessagesToMessageContextIfNeeded(final TicketGrantingTicket tgtId, final MessageContext messageContext) {
    boolean foundAndAddedWarnings = false;
    for (final Map.Entry<String, AuthenticationHandlerExecutionResult> entry : tgtId.getAuthentication().getSuccesses().entrySet()) {
        for (final MessageDescriptor message : entry.getValue().getWarnings()) {
            addMessageDescriptorToMessageContext(messageContext, message);
            foundAndAddedWarnings = true;
        }
    }
    return foundAndAddedWarnings;
}
Also used : MessageDescriptor(org.apereo.cas.authentication.MessageDescriptor) AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) HashMap(java.util.HashMap) LocalAttributeMap(org.springframework.webflow.core.collection.LocalAttributeMap) Map(java.util.Map) AttributeMap(org.springframework.webflow.core.collection.AttributeMap)

Example 5 with MessageDescriptor

use of org.apereo.cas.authentication.MessageDescriptor in project cas by apereo.

the class GroovyLdapPasswordPolicyHandlingStrategyTests method verifyStrategySupportsDefault.

@Test
public void verifyStrategySupportsDefault() {
    final ClassPathResource resource = new ClassPathResource("lppe-strategy.groovy");
    final GroovyLdapPasswordPolicyHandlingStrategy s = new GroovyLdapPasswordPolicyHandlingStrategy(resource);
    final AuthenticationResponse res = mock(AuthenticationResponse.class);
    when(res.getAuthenticationResultCode()).thenReturn(AuthenticationResultCode.INVALID_CREDENTIAL);
    assertFalse(s.supports(null));
    when(res.getResult()).thenReturn(false);
    assertTrue(s.supports(res));
    final List<MessageDescriptor> results = s.handle(res, mock(LdapPasswordPolicyConfiguration.class));
    assertFalse(results.isEmpty());
}
Also used : MessageDescriptor(org.apereo.cas.authentication.MessageDescriptor) AuthenticationResponse(org.ldaptive.auth.AuthenticationResponse) ClassPathResource(org.springframework.core.io.ClassPathResource) Test(org.junit.Test)

Aggregations

MessageDescriptor (org.apereo.cas.authentication.MessageDescriptor)8 ArrayList (java.util.ArrayList)6 AccountState (org.ldaptive.auth.AccountState)5 Test (org.junit.Test)4 AuthenticationResponse (org.ldaptive.auth.AuthenticationResponse)4 DefaultMessageDescriptor (org.apereo.cas.DefaultMessageDescriptor)3 LdapAttribute (org.ldaptive.LdapAttribute)3 LdapEntry (org.ldaptive.LdapEntry)3 PasswordExpiringWarningMessageDescriptor (org.apereo.cas.authentication.support.password.PasswordExpiringWarningMessageDescriptor)2 ActiveDirectoryAccountState (org.ldaptive.auth.ext.ActiveDirectoryAccountState)2 EDirectoryAccountState (org.ldaptive.auth.ext.EDirectoryAccountState)2 FreeIPAAccountState (org.ldaptive.auth.ext.FreeIPAAccountState)2 PasswordExpirationAccountState (org.ldaptive.auth.ext.PasswordExpirationAccountState)2 TypeReference (com.fasterxml.jackson.core.type.TypeReference)1 Serializable (java.io.Serializable)1 GeneralSecurityException (java.security.GeneralSecurityException)1 LocalDate (java.time.LocalDate)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 AccountExpiredException (javax.security.auth.login.AccountExpiredException)1