use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.
the class LDAPLoginManagerImpl method doHandleBatchSync.
private void doHandleBatchSync() {
// fxdiff: also run on nodes != 1 as nodeid = tomcat-id in fx-environment
// if(WebappHelper.getNodeId() != 1) return;
Runnable batchSyncTask = new Runnable() {
@Override
public void run() {
LDAPError errors = new LDAPError();
doBatchSync(errors);
}
};
taskExecutorManager.execute(batchSyncTask);
}
use of org.olat.ldap.LDAPError in project OpenOLAT by OpenOLAT.
the class LDAPAuthenticationController method event.
@Override
protected void event(UserRequest ureq, Controller source, Event event) {
LDAPError ldapError = new LDAPError();
if (source == loginForm && event == Event.DONE_EVENT) {
String login = loginForm.getLogin();
String pass = loginForm.getPass();
if (loginModule.isLoginBlocked(login)) {
// do not proceed when already blocked
showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
getLogger().audit("Login attempt on already blocked login for " + login + ". IP::" + ureq.getHttpReq().getRemoteAddr(), null);
return;
}
authenticatedIdentity = ldapLoginManager.authenticate(login, pass, ldapError);
if (!ldapError.isEmpty()) {
final String errStr = ldapError.get();
if ("login.notauthenticated".equals(errStr)) {
// user exists in LDAP, authentication was ok, but user
// has not got the OLAT service or has not been created by now
getWindowControl().setError(translate("login.notauthenticated"));
return;
} else {
// tell about the error again
ldapError.insert(errStr);
}
}
if (authenticatedIdentity != null) {
provider = LDAPAuthenticationController.PROVIDER_LDAP;
try {
// prevents database timeout
dbInstance.commitAndCloseSession();
} catch (Exception e) {
log.error("", e);
}
} else {
// try fallback to OLAT provider if configured
if (ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
authenticatedIdentity = olatAuthenticationSpi.authenticate(null, login, pass);
}
if (authenticatedIdentity != null) {
provider = BaseSecurityModule.getDefaultAuthProviderIdentifier();
}
}
// Still not found? register for hacking attempts
if (authenticatedIdentity == null) {
if (loginModule.registerFailedLoginAttempt(login)) {
logAudit("Too many failed login attempts for " + login + ". Login blocked. IP::" + ureq.getHttpReq().getRemoteAddr(), null);
showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
} else {
showError("login.error", ldapError.get());
}
return;
} else {
try {
String language = authenticatedIdentity.getUser().getPreferences().getLanguage();
UserSession usess = ureq.getUserSession();
if (StringHelper.containsNonWhitespace(language)) {
usess.setLocale(I18nManager.getInstance().getLocaleOrDefault(language));
}
} catch (Exception e) {
logError("Cannot set the user language", e);
}
}
loginModule.clearFailedLoginAttempts(login);
// Check if disclaimer has been accepted
if (registrationManager.needsToConfirmDisclaimer(authenticatedIdentity)) {
// accept disclaimer first
removeAsListenerAndDispose(disclaimerCtr);
disclaimerCtr = new DisclaimerController(ureq, getWindowControl());
listenTo(disclaimerCtr);
removeAsListenerAndDispose(cmc);
cmc = new CloseableModalController(getWindowControl(), translate("close"), disclaimerCtr.getInitialComponent());
listenTo(cmc);
cmc.activate();
} else {
// disclaimer acceptance not required
doLoginAndRegister(authenticatedIdentity, ureq, provider);
}
}
if (source == subController) {
if (event == Event.CANCELLED_EVENT || event == Event.DONE_EVENT) {
cmc.deactivate();
}
} else if (source == disclaimerCtr) {
cmc.deactivate();
if (event == Event.DONE_EVENT) {
// User accepted disclaimer, do login now
registrationManager.setHasConfirmedDislaimer(authenticatedIdentity);
doLoginAndRegister(authenticatedIdentity, ureq, provider);
} else if (event == Event.CANCELLED_EVENT) {
// User did not accept, workflow ends here
showWarning("disclaimer.form.cancelled");
}
} else if (source == cmc) {
// User did close disclaimer window, workflow ends here
showWarning("disclaimer.form.cancelled");
}
}
use of org.olat.ldap.LDAPError in project openolat by klemens.
the class LDAPAuthenticationController method event.
@Override
protected void event(UserRequest ureq, Controller source, Event event) {
LDAPError ldapError = new LDAPError();
if (source == loginForm && event == Event.DONE_EVENT) {
String login = loginForm.getLogin();
String pass = loginForm.getPass();
if (loginModule.isLoginBlocked(login)) {
// do not proceed when already blocked
showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
getLogger().audit("Login attempt on already blocked login for " + login + ". IP::" + ureq.getHttpReq().getRemoteAddr(), null);
return;
}
authenticatedIdentity = ldapLoginManager.authenticate(login, pass, ldapError);
if (!ldapError.isEmpty()) {
final String errStr = ldapError.get();
if ("login.notauthenticated".equals(errStr)) {
// user exists in LDAP, authentication was ok, but user
// has not got the OLAT service or has not been created by now
getWindowControl().setError(translate("login.notauthenticated"));
return;
} else {
// tell about the error again
ldapError.insert(errStr);
}
}
if (authenticatedIdentity != null) {
provider = LDAPAuthenticationController.PROVIDER_LDAP;
try {
// prevents database timeout
dbInstance.commitAndCloseSession();
} catch (Exception e) {
log.error("", e);
}
} else {
// try fallback to OLAT provider if configured
if (ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
authenticatedIdentity = olatAuthenticationSpi.authenticate(null, login, pass);
}
if (authenticatedIdentity != null) {
provider = BaseSecurityModule.getDefaultAuthProviderIdentifier();
}
}
// Still not found? register for hacking attempts
if (authenticatedIdentity == null) {
if (loginModule.registerFailedLoginAttempt(login)) {
logAudit("Too many failed login attempts for " + login + ". Login blocked. IP::" + ureq.getHttpReq().getRemoteAddr(), null);
showError("login.blocked", loginModule.getAttackPreventionTimeoutMin().toString());
} else {
showError("login.error", ldapError.get());
}
return;
} else {
try {
String language = authenticatedIdentity.getUser().getPreferences().getLanguage();
UserSession usess = ureq.getUserSession();
if (StringHelper.containsNonWhitespace(language)) {
usess.setLocale(I18nManager.getInstance().getLocaleOrDefault(language));
}
} catch (Exception e) {
logError("Cannot set the user language", e);
}
}
loginModule.clearFailedLoginAttempts(login);
// Check if disclaimer has been accepted
if (registrationManager.needsToConfirmDisclaimer(authenticatedIdentity)) {
// accept disclaimer first
removeAsListenerAndDispose(disclaimerCtr);
disclaimerCtr = new DisclaimerController(ureq, getWindowControl());
listenTo(disclaimerCtr);
removeAsListenerAndDispose(cmc);
cmc = new CloseableModalController(getWindowControl(), translate("close"), disclaimerCtr.getInitialComponent());
listenTo(cmc);
cmc.activate();
} else {
// disclaimer acceptance not required
doLoginAndRegister(authenticatedIdentity, ureq, provider);
}
}
if (source == subController) {
if (event == Event.CANCELLED_EVENT || event == Event.DONE_EVENT) {
cmc.deactivate();
}
} else if (source == disclaimerCtr) {
cmc.deactivate();
if (event == Event.DONE_EVENT) {
// User accepted disclaimer, do login now
registrationManager.setHasConfirmedDislaimer(authenticatedIdentity);
doLoginAndRegister(authenticatedIdentity, ureq, provider);
} else if (event == Event.CANCELLED_EVENT) {
// User did not accept, workflow ends here
showWarning("disclaimer.form.cancelled");
}
} else if (source == cmc) {
// User did close disclaimer window, workflow ends here
showWarning("disclaimer.form.cancelled");
}
}
Aggregations