Search in sources :

Example 1 with LDAPError

use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.

the class OLATAuthManager method changePassword.

/**
 * Change the password of an identity. if the given identity is a LDAP-User,
 * the pw-change is propagated to LDAP (according to config) NOTE: caller of
 * this method should check if identity is allowed to change it's own pw [
 * UserModule.isPwdchangeallowed(Identity ident) ], applies only if doer
 * equals identity
 *
 * @param doer
 *            Identity who is changing the password
 * @param identity
 *            Identity who's password is beeing changed.
 * @param newPwd
 *            New password.
 * @return True upon success.
 */
public boolean changePassword(Identity doer, Identity identity, String newPwd) {
    if (doer == null)
        throw new AssertException("password changing identity cannot be undefined!");
    if (identity.getKey() == null)
        throw new AssertException("cannot change password on a nonpersisted identity");
    // o_clusterREVIEW
    identity = securityManager.loadIdentityByKey(identity.getKey());
    boolean allOk = false;
    Authentication ldapAuth = securityManager.findAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP);
    if (ldapAuth != null) {
        if (ldapLoginModule.isPropagatePasswordChangedOnLdapServer()) {
            LDAPError ldapError = new LDAPError();
            ldapLoginManager.changePassword(identity, newPwd, ldapError);
            log.audit(doer.getName() + " change the password on the LDAP server for identity: " + identity.getName());
            allOk = ldapError.isEmpty();
            if (allOk && ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
                allOk &= changeOlatPassword(doer, identity, identity.getName(), newPwd);
            }
        }
    } else {
        allOk = changeOlatPassword(doer, identity, identity.getName(), newPwd);
    }
    if (allOk) {
        sendConfirmationEmail(doer, identity);
        // remove
        try {
            loginModule.clearFailedLoginAttempts(identity.getName());
            loginModule.clearFailedLoginAttempts(identity.getUser().getEmail());
        } catch (Exception e) {
            log.error("", e);
        }
    }
    return allOk;
}
Also used : AssertException(org.olat.core.logging.AssertException) Authentication(org.olat.basesecurity.Authentication) LDAPError(org.olat.ldap.LDAPError) AssertException(org.olat.core.logging.AssertException)

Example 2 with LDAPError

use of org.olat.ldap.LDAPError in project openolat by klemens.

the class ChangePasswordController method event.

@Override
public void event(UserRequest ureq, Controller source, Event event) {
    if (source == chPwdForm) {
        if (event == Event.DONE_EVENT) {
            String oldPwd = chPwdForm.getOldPasswordValue();
            Identity provenIdent = null;
            Authentication ldapAuthentication = securityManager.findAuthentication(ureq.getIdentity(), LDAPAuthenticationController.PROVIDER_LDAP);
            if (ldapAuthentication != null) {
                LDAPError ldapError = new LDAPError();
                // fallback to OLAT if enabled happen automatically in LDAPAuthenticationController
                String userName = ldapAuthentication.getAuthusername();
                provenIdent = ldapLoginManager.authenticate(userName, oldPwd, ldapError);
            } else if (securityManager.findAuthentication(ureq.getIdentity(), BaseSecurityModule.getDefaultAuthProviderIdentifier()) != null) {
                provenIdent = olatAuthenticationSpi.authenticate(ureq.getIdentity(), ureq.getIdentity().getName(), oldPwd);
            }
            if (provenIdent == null) {
                showError("error.password.noauth");
            } else {
                String newPwd = chPwdForm.getNewPasswordValue();
                if (olatAuthenticationSpi.changePassword(ureq.getIdentity(), provenIdent, newPwd)) {
                    fireEvent(ureq, Event.DONE_EVENT);
                    getLogger().audit("Changed password for identity." + provenIdent.getName());
                    showInfo("password.successful");
                } else {
                    showError("password.failed");
                }
            }
        } else if (event == Event.CANCELLED_EVENT) {
            removeAsListenerAndDispose(chPwdForm);
            chPwdForm = new ChangePasswordForm(ureq, getWindowControl());
            listenTo(chPwdForm);
            myContent.put("chpwdform", chPwdForm.getInitialComponent());
        }
    }
}
Also used : Authentication(org.olat.basesecurity.Authentication) LDAPError(org.olat.ldap.LDAPError) Identity(org.olat.core.id.Identity)

Example 3 with LDAPError

use of org.olat.ldap.LDAPError in project openolat by klemens.

the class LDAPLoginManagerImpl method doHandleBatchSync.

private void doHandleBatchSync() {
    // fxdiff: also run on nodes != 1 as nodeid = tomcat-id in fx-environment
    // if(WebappHelper.getNodeId() != 1) return;
    Runnable batchSyncTask = new Runnable() {

        @Override
        public void run() {
            LDAPError errors = new LDAPError();
            doBatchSync(errors);
        }
    };
    taskExecutorManager.execute(batchSyncTask);
}
Also used : LDAPError(org.olat.ldap.LDAPError)

Example 4 with LDAPError

use of org.olat.ldap.LDAPError in project openolat by klemens.

the class OLATAuthManager method changePassword.

/**
 * Change the password of an identity. if the given identity is a LDAP-User,
 * the pw-change is propagated to LDAP (according to config) NOTE: caller of
 * this method should check if identity is allowed to change it's own pw [
 * UserModule.isPwdchangeallowed(Identity ident) ], applies only if doer
 * equals identity
 *
 * @param doer
 *            Identity who is changing the password
 * @param identity
 *            Identity who's password is beeing changed.
 * @param newPwd
 *            New password.
 * @return True upon success.
 */
public boolean changePassword(Identity doer, Identity identity, String newPwd) {
    if (doer == null)
        throw new AssertException("password changing identity cannot be undefined!");
    if (identity.getKey() == null)
        throw new AssertException("cannot change password on a nonpersisted identity");
    // o_clusterREVIEW
    identity = securityManager.loadIdentityByKey(identity.getKey());
    boolean allOk = false;
    Authentication ldapAuth = securityManager.findAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP);
    if (ldapAuth != null) {
        if (ldapLoginModule.isPropagatePasswordChangedOnLdapServer()) {
            LDAPError ldapError = new LDAPError();
            ldapLoginManager.changePassword(identity, newPwd, ldapError);
            log.audit(doer.getName() + " change the password on the LDAP server for identity: " + identity.getName());
            allOk = ldapError.isEmpty();
            if (allOk && ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
                allOk &= changeOlatPassword(doer, identity, identity.getName(), newPwd);
            }
        }
    } else {
        allOk = changeOlatPassword(doer, identity, identity.getName(), newPwd);
    }
    if (allOk) {
        sendConfirmationEmail(doer, identity);
        // remove
        try {
            loginModule.clearFailedLoginAttempts(identity.getName());
            loginModule.clearFailedLoginAttempts(identity.getUser().getEmail());
        } catch (Exception e) {
            log.error("", e);
        }
    }
    return allOk;
}
Also used : AssertException(org.olat.core.logging.AssertException) Authentication(org.olat.basesecurity.Authentication) LDAPError(org.olat.ldap.LDAPError) AssertException(org.olat.core.logging.AssertException)

Example 5 with LDAPError

use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.

the class ChangePasswordController method event.

@Override
public void event(UserRequest ureq, Controller source, Event event) {
    if (source == chPwdForm) {
        if (event == Event.DONE_EVENT) {
            String oldPwd = chPwdForm.getOldPasswordValue();
            Identity provenIdent = null;
            Authentication ldapAuthentication = securityManager.findAuthentication(ureq.getIdentity(), LDAPAuthenticationController.PROVIDER_LDAP);
            if (ldapAuthentication != null) {
                LDAPError ldapError = new LDAPError();
                // fallback to OLAT if enabled happen automatically in LDAPAuthenticationController
                String userName = ldapAuthentication.getAuthusername();
                provenIdent = ldapLoginManager.authenticate(userName, oldPwd, ldapError);
            } else if (securityManager.findAuthentication(ureq.getIdentity(), BaseSecurityModule.getDefaultAuthProviderIdentifier()) != null) {
                provenIdent = olatAuthenticationSpi.authenticate(ureq.getIdentity(), ureq.getIdentity().getName(), oldPwd);
            }
            if (provenIdent == null) {
                showError("error.password.noauth");
            } else {
                String newPwd = chPwdForm.getNewPasswordValue();
                if (olatAuthenticationSpi.changePassword(ureq.getIdentity(), provenIdent, newPwd)) {
                    fireEvent(ureq, Event.DONE_EVENT);
                    getLogger().audit("Changed password for identity." + provenIdent.getName());
                    showInfo("password.successful");
                } else {
                    showError("password.failed");
                }
            }
        } else if (event == Event.CANCELLED_EVENT) {
            removeAsListenerAndDispose(chPwdForm);
            chPwdForm = new ChangePasswordForm(ureq, getWindowControl());
            listenTo(chPwdForm);
            myContent.put("chpwdform", chPwdForm.getInitialComponent());
        }
    }
}
Also used : Authentication(org.olat.basesecurity.Authentication) LDAPError(org.olat.ldap.LDAPError) Identity(org.olat.core.id.Identity)

Aggregations

LDAPError (org.olat.ldap.LDAPError)8 Authentication (org.olat.basesecurity.Authentication)4 CloseableModalController (org.olat.core.gui.control.generic.closablewrapper.CloseableModalController)2 Identity (org.olat.core.id.Identity)2 AssertException (org.olat.core.logging.AssertException)2 OLATRuntimeException (org.olat.core.logging.OLATRuntimeException)2 UserSession (org.olat.core.util.UserSession)2 DisclaimerController (org.olat.registration.DisclaimerController)2