Search in sources :

Example 6 with LDAPError

use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.

the class LDAPLoginManagerImpl method doHandleBatchSync.

private void doHandleBatchSync() {
    // fxdiff: also run on nodes != 1 as nodeid = tomcat-id in fx-environment
    // if(WebappHelper.getNodeId() != 1) return;
    Runnable batchSyncTask = new Runnable() {

        @Override
        public void run() {
            LDAPError errors = new LDAPError();
            doBatchSync(errors);
        }
    };
    taskExecutorManager.execute(batchSyncTask);
}
Also used : LDAPError(org.olat.ldap.LDAPError)

Example 7 with LDAPError

use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.

the class LDAPAuthenticationController method event.

@Override
protected void event(UserRequest ureq, Controller source, Event event) {
    LDAPError ldapError = new LDAPError();
    if (source == loginForm && event == Event.DONE_EVENT) {
        String login = loginForm.getLogin();
        String pass = loginForm.getPass();
        if (loginModule.isLoginBlocked(login)) {
            // do not proceed when already blocked
            showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
            getLogger().audit("Login attempt on already blocked login for " + login + ". IP::" + ureq.getHttpReq().getRemoteAddr(), null);
            return;
        }
        authenticatedIdentity = ldapLoginManager.authenticate(login, pass, ldapError);
        if (!ldapError.isEmpty()) {
            final String errStr = ldapError.get();
            if ("login.notauthenticated".equals(errStr)) {
                // user exists in LDAP, authentication was ok, but user
                // has not got the OLAT service or has not been created by now
                getWindowControl().setError(translate("login.notauthenticated"));
                return;
            } else {
                // tell about the error again
                ldapError.insert(errStr);
            }
        }
        if (authenticatedIdentity != null) {
            provider = LDAPAuthenticationController.PROVIDER_LDAP;
            try {
                // prevents database timeout
                dbInstance.commitAndCloseSession();
            } catch (Exception e) {
                log.error("", e);
            }
        } else {
            // try fallback to OLAT provider if configured
            if (ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
                authenticatedIdentity = olatAuthenticationSpi.authenticate(null, login, pass);
            }
            if (authenticatedIdentity != null) {
                provider = BaseSecurityModule.getDefaultAuthProviderIdentifier();
            }
        }
        // Still not found? register for hacking attempts
        if (authenticatedIdentity == null) {
            if (loginModule.registerFailedLoginAttempt(login)) {
                logAudit("Too many failed login attempts for " + login + ". Login blocked. IP::" + ureq.getHttpReq().getRemoteAddr(), null);
                showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
            } else {
                showError("login.error", ldapError.get());
            }
            return;
        } else {
            try {
                String language = authenticatedIdentity.getUser().getPreferences().getLanguage();
                UserSession usess = ureq.getUserSession();
                if (StringHelper.containsNonWhitespace(language)) {
                    usess.setLocale(I18nManager.getInstance().getLocaleOrDefault(language));
                }
            } catch (Exception e) {
                logError("Cannot set the user language", e);
            }
        }
        loginModule.clearFailedLoginAttempts(login);
        // Check if disclaimer has been accepted
        if (registrationManager.needsToConfirmDisclaimer(authenticatedIdentity)) {
            // accept disclaimer first
            removeAsListenerAndDispose(disclaimerCtr);
            disclaimerCtr = new DisclaimerController(ureq, getWindowControl());
            listenTo(disclaimerCtr);
            removeAsListenerAndDispose(cmc);
            cmc = new CloseableModalController(getWindowControl(), translate("close"), disclaimerCtr.getInitialComponent());
            listenTo(cmc);
            cmc.activate();
        } else {
            // disclaimer acceptance not required
            doLoginAndRegister(authenticatedIdentity, ureq, provider);
        }
    }
    if (source == subController) {
        if (event == Event.CANCELLED_EVENT || event == Event.DONE_EVENT) {
            cmc.deactivate();
        }
    } else if (source == disclaimerCtr) {
        cmc.deactivate();
        if (event == Event.DONE_EVENT) {
            // User accepted disclaimer, do login now
            registrationManager.setHasConfirmedDislaimer(authenticatedIdentity);
            doLoginAndRegister(authenticatedIdentity, ureq, provider);
        } else if (event == Event.CANCELLED_EVENT) {
            // User did not accept, workflow ends here
            showWarning("disclaimer.form.cancelled");
        }
    } else if (source == cmc) {
        // User did close disclaimer window, workflow ends here
        showWarning("disclaimer.form.cancelled");
    }
}
Also used : DisclaimerController(org.olat.registration.DisclaimerController) CloseableModalController(org.olat.core.gui.control.generic.closablewrapper.CloseableModalController) UserSession(org.olat.core.util.UserSession) LDAPError(org.olat.ldap.LDAPError) OLATRuntimeException(org.olat.core.logging.OLATRuntimeException)

Example 8 with LDAPError

use of org.olat.ldap.LDAPError in project openolat by klemens.

the class LDAPAuthenticationController method event.

@Override
protected void event(UserRequest ureq, Controller source, Event event) {
    LDAPError ldapError = new LDAPError();
    if (source == loginForm && event == Event.DONE_EVENT) {
        String login = loginForm.getLogin();
        String pass = loginForm.getPass();
        if (loginModule.isLoginBlocked(login)) {
            // do not proceed when already blocked
            showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
            getLogger().audit("Login attempt on already blocked login for " + login + ". IP::" + ureq.getHttpReq().getRemoteAddr(), null);
            return;
        }
        authenticatedIdentity = ldapLoginManager.authenticate(login, pass, ldapError);
        if (!ldapError.isEmpty()) {
            final String errStr = ldapError.get();
            if ("login.notauthenticated".equals(errStr)) {
                // user exists in LDAP, authentication was ok, but user
                // has not got the OLAT service or has not been created by now
                getWindowControl().setError(translate("login.notauthenticated"));
                return;
            } else {
                // tell about the error again
                ldapError.insert(errStr);
            }
        }
        if (authenticatedIdentity != null) {
            provider = LDAPAuthenticationController.PROVIDER_LDAP;
            try {
                // prevents database timeout
                dbInstance.commitAndCloseSession();
            } catch (Exception e) {
                log.error("", e);
            }
        } else {
            // try fallback to OLAT provider if configured
            if (ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
                authenticatedIdentity = olatAuthenticationSpi.authenticate(null, login, pass);
            }
            if (authenticatedIdentity != null) {
                provider = BaseSecurityModule.getDefaultAuthProviderIdentifier();
            }
        }
        // Still not found? register for hacking attempts
        if (authenticatedIdentity == null) {
            if (loginModule.registerFailedLoginAttempt(login)) {
                logAudit("Too many failed login attempts for " + login + ". Login blocked. IP::" + ureq.getHttpReq().getRemoteAddr(), null);
                showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
            } else {
                showError("login.error", ldapError.get());
            }
            return;
        } else {
            try {
                String language = authenticatedIdentity.getUser().getPreferences().getLanguage();
                UserSession usess = ureq.getUserSession();
                if (StringHelper.containsNonWhitespace(language)) {
                    usess.setLocale(I18nManager.getInstance().getLocaleOrDefault(language));
                }
            } catch (Exception e) {
                logError("Cannot set the user language", e);
            }
        }
        loginModule.clearFailedLoginAttempts(login);
        // Check if disclaimer has been accepted
        if (registrationManager.needsToConfirmDisclaimer(authenticatedIdentity)) {
            // accept disclaimer first
            removeAsListenerAndDispose(disclaimerCtr);
            disclaimerCtr = new DisclaimerController(ureq, getWindowControl());
            listenTo(disclaimerCtr);
            removeAsListenerAndDispose(cmc);
            cmc = new CloseableModalController(getWindowControl(), translate("close"), disclaimerCtr.getInitialComponent());
            listenTo(cmc);
            cmc.activate();
        } else {
            // disclaimer acceptance not required
            doLoginAndRegister(authenticatedIdentity, ureq, provider);
        }
    }
    if (source == subController) {
        if (event == Event.CANCELLED_EVENT || event == Event.DONE_EVENT) {
            cmc.deactivate();
        }
    } else if (source == disclaimerCtr) {
        cmc.deactivate();
        if (event == Event.DONE_EVENT) {
            // User accepted disclaimer, do login now
            registrationManager.setHasConfirmedDislaimer(authenticatedIdentity);
            doLoginAndRegister(authenticatedIdentity, ureq, provider);
        } else if (event == Event.CANCELLED_EVENT) {
            // User did not accept, workflow ends here
            showWarning("disclaimer.form.cancelled");
        }
    } else if (source == cmc) {
        // User did close disclaimer window, workflow ends here
        showWarning("disclaimer.form.cancelled");
    }
}
Also used : DisclaimerController(org.olat.registration.DisclaimerController) CloseableModalController(org.olat.core.gui.control.generic.closablewrapper.CloseableModalController) UserSession(org.olat.core.util.UserSession) LDAPError(org.olat.ldap.LDAPError) OLATRuntimeException(org.olat.core.logging.OLATRuntimeException)

Aggregations

LDAPError (org.olat.ldap.LDAPError)8 Authentication (org.olat.basesecurity.Authentication)4 CloseableModalController (org.olat.core.gui.control.generic.closablewrapper.CloseableModalController)2 Identity (org.olat.core.id.Identity)2 AssertException (org.olat.core.logging.AssertException)2 OLATRuntimeException (org.olat.core.logging.OLATRuntimeException)2 UserSession (org.olat.core.util.UserSession)2 DisclaimerController (org.olat.registration.DisclaimerController)2