use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.
the class OLATAuthManager method changePassword.
/**
* Change the password of an identity. if the given identity is a LDAP-User,
* the pw-change is propagated to LDAP (according to config) NOTE: caller of
* this method should check if identity is allowed to change it's own pw [
* UserModule.isPwdchangeallowed(Identity ident) ], applies only if doer
* equals identity
*
* @param doer
* Identity who is changing the password
* @param identity
* Identity who's password is beeing changed.
* @param newPwd
* New password.
* @return True upon success.
*/
public boolean changePassword(Identity doer, Identity identity, String newPwd) {
if (doer == null)
throw new AssertException("password changing identity cannot be undefined!");
if (identity.getKey() == null)
throw new AssertException("cannot change password on a nonpersisted identity");
// o_clusterREVIEW
identity = securityManager.loadIdentityByKey(identity.getKey());
boolean allOk = false;
Authentication ldapAuth = securityManager.findAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP);
if (ldapAuth != null) {
if (ldapLoginModule.isPropagatePasswordChangedOnLdapServer()) {
LDAPError ldapError = new LDAPError();
ldapLoginManager.changePassword(identity, newPwd, ldapError);
log.audit(doer.getName() + " change the password on the LDAP server for identity: " + identity.getName());
allOk = ldapError.isEmpty();
if (allOk && ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
allOk &= changeOlatPassword(doer, identity, identity.getName(), newPwd);
}
}
} else {
allOk = changeOlatPassword(doer, identity, identity.getName(), newPwd);
}
if (allOk) {
sendConfirmationEmail(doer, identity);
// remove
try {
loginModule.clearFailedLoginAttempts(identity.getName());
loginModule.clearFailedLoginAttempts(identity.getUser().getEmail());
} catch (Exception e) {
log.error("", e);
}
}
return allOk;
}
use of org.olat.ldap.LDAPError in project openolat by klemens.
the class ChangePasswordController method event.
@Override
public void event(UserRequest ureq, Controller source, Event event) {
if (source == chPwdForm) {
if (event == Event.DONE_EVENT) {
String oldPwd = chPwdForm.getOldPasswordValue();
Identity provenIdent = null;
Authentication ldapAuthentication = securityManager.findAuthentication(ureq.getIdentity(), LDAPAuthenticationController.PROVIDER_LDAP);
if (ldapAuthentication != null) {
LDAPError ldapError = new LDAPError();
// fallback to OLAT if enabled happen automatically in LDAPAuthenticationController
String userName = ldapAuthentication.getAuthusername();
provenIdent = ldapLoginManager.authenticate(userName, oldPwd, ldapError);
} else if (securityManager.findAuthentication(ureq.getIdentity(), BaseSecurityModule.getDefaultAuthProviderIdentifier()) != null) {
provenIdent = olatAuthenticationSpi.authenticate(ureq.getIdentity(), ureq.getIdentity().getName(), oldPwd);
}
if (provenIdent == null) {
showError("error.password.noauth");
} else {
String newPwd = chPwdForm.getNewPasswordValue();
if (olatAuthenticationSpi.changePassword(ureq.getIdentity(), provenIdent, newPwd)) {
fireEvent(ureq, Event.DONE_EVENT);
getLogger().audit("Changed password for identity." + provenIdent.getName());
showInfo("password.successful");
} else {
showError("password.failed");
}
}
} else if (event == Event.CANCELLED_EVENT) {
removeAsListenerAndDispose(chPwdForm);
chPwdForm = new ChangePasswordForm(ureq, getWindowControl());
listenTo(chPwdForm);
myContent.put("chpwdform", chPwdForm.getInitialComponent());
}
}
}
use of org.olat.ldap.LDAPError in project openolat by klemens.
the class LDAPLoginManagerImpl method doHandleBatchSync.
private void doHandleBatchSync() {
// fxdiff: also run on nodes != 1 as nodeid = tomcat-id in fx-environment
// if(WebappHelper.getNodeId() != 1) return;
Runnable batchSyncTask = new Runnable() {
@Override
public void run() {
LDAPError errors = new LDAPError();
doBatchSync(errors);
}
};
taskExecutorManager.execute(batchSyncTask);
}
use of org.olat.ldap.LDAPError in project openolat by klemens.
the class OLATAuthManager method changePassword.
/**
* Change the password of an identity. if the given identity is a LDAP-User,
* the pw-change is propagated to LDAP (according to config) NOTE: caller of
* this method should check if identity is allowed to change it's own pw [
* UserModule.isPwdchangeallowed(Identity ident) ], applies only if doer
* equals identity
*
* @param doer
* Identity who is changing the password
* @param identity
* Identity who's password is beeing changed.
* @param newPwd
* New password.
* @return True upon success.
*/
public boolean changePassword(Identity doer, Identity identity, String newPwd) {
if (doer == null)
throw new AssertException("password changing identity cannot be undefined!");
if (identity.getKey() == null)
throw new AssertException("cannot change password on a nonpersisted identity");
// o_clusterREVIEW
identity = securityManager.loadIdentityByKey(identity.getKey());
boolean allOk = false;
Authentication ldapAuth = securityManager.findAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP);
if (ldapAuth != null) {
if (ldapLoginModule.isPropagatePasswordChangedOnLdapServer()) {
LDAPError ldapError = new LDAPError();
ldapLoginManager.changePassword(identity, newPwd, ldapError);
log.audit(doer.getName() + " change the password on the LDAP server for identity: " + identity.getName());
allOk = ldapError.isEmpty();
if (allOk && ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
allOk &= changeOlatPassword(doer, identity, identity.getName(), newPwd);
}
}
} else {
allOk = changeOlatPassword(doer, identity, identity.getName(), newPwd);
}
if (allOk) {
sendConfirmationEmail(doer, identity);
// remove
try {
loginModule.clearFailedLoginAttempts(identity.getName());
loginModule.clearFailedLoginAttempts(identity.getUser().getEmail());
} catch (Exception e) {
log.error("", e);
}
}
return allOk;
}
use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.
the class ChangePasswordController method event.
@Override
public void event(UserRequest ureq, Controller source, Event event) {
if (source == chPwdForm) {
if (event == Event.DONE_EVENT) {
String oldPwd = chPwdForm.getOldPasswordValue();
Identity provenIdent = null;
Authentication ldapAuthentication = securityManager.findAuthentication(ureq.getIdentity(), LDAPAuthenticationController.PROVIDER_LDAP);
if (ldapAuthentication != null) {
LDAPError ldapError = new LDAPError();
// fallback to OLAT if enabled happen automatically in LDAPAuthenticationController
String userName = ldapAuthentication.getAuthusername();
provenIdent = ldapLoginManager.authenticate(userName, oldPwd, ldapError);
} else if (securityManager.findAuthentication(ureq.getIdentity(), BaseSecurityModule.getDefaultAuthProviderIdentifier()) != null) {
provenIdent = olatAuthenticationSpi.authenticate(ureq.getIdentity(), ureq.getIdentity().getName(), oldPwd);
}
if (provenIdent == null) {
showError("error.password.noauth");
} else {
String newPwd = chPwdForm.getNewPasswordValue();
if (olatAuthenticationSpi.changePassword(ureq.getIdentity(), provenIdent, newPwd)) {
fireEvent(ureq, Event.DONE_EVENT);
getLogger().audit("Changed password for identity." + provenIdent.getName());
showInfo("password.successful");
} else {
showError("password.failed");
}
}
} else if (event == Event.CANCELLED_EVENT) {
removeAsListenerAndDispose(chPwdForm);
chPwdForm = new ChangePasswordForm(ureq, getWindowControl());
listenTo(chPwdForm);
myContent.put("chpwdform", chPwdForm.getInitialComponent());
}
}
}
Aggregations