use of org.olat.ldap.LDAPLoginManager in project OpenOLAT by OpenOLAT.
the class UserModule method isPwdChangeAllowed.
/**
* checks whether the given identity is allowed to change it's own password.
* default settings (olat.properties) :
* <ul>
* <li>LDAP-user are not allowed to change their pw</li>
* <li>other users are allowed to change their pw</li>
* </ul>
*
* @param id
* @return
*/
public boolean isPwdChangeAllowed(Identity id) {
if (id == null) {
return isAnyPasswordChangeAllowed();
}
// if this is set to false, nobody can change their password
if (!pwdchangeallowed) {
return false;
}
// call to CoreSpringFactory to break dependencies cycles
// (the method will only be called with a running application)
// check if the user has an OLAT provider token, otherwise a password change makes no sense
Authentication auth = CoreSpringFactory.getImpl(BaseSecurity.class).findAuthentication(id, BaseSecurityModule.getDefaultAuthProviderIdentifier());
if (auth == null && !pwdChangeWithoutAuthenticationAllowed) {
return false;
}
LDAPLoginManager ldapLoginManager = CoreSpringFactory.getImpl(LDAPLoginManager.class);
if (ldapLoginManager.isIdentityInLDAPSecGroup(id)) {
// it's an ldap-user
return CoreSpringFactory.getImpl(LDAPLoginModule.class).isPropagatePasswordChangedOnLdapServer();
}
return pwdchangeallowed;
}
use of org.olat.ldap.LDAPLoginManager in project openolat by klemens.
the class UserModule method isPwdChangeAllowed.
/**
* checks whether the given identity is allowed to change it's own password.
* default settings (olat.properties) :
* <ul>
* <li>LDAP-user are not allowed to change their pw</li>
* <li>other users are allowed to change their pw</li>
* </ul>
*
* @param id
* @return
*/
public boolean isPwdChangeAllowed(Identity id) {
if (id == null) {
return isAnyPasswordChangeAllowed();
}
// if this is set to false, nobody can change their password
if (!pwdchangeallowed) {
return false;
}
// call to CoreSpringFactory to break dependencies cycles
// (the method will only be called with a running application)
// check if the user has an OLAT provider token, otherwise a password change makes no sense
Authentication auth = CoreSpringFactory.getImpl(BaseSecurity.class).findAuthentication(id, BaseSecurityModule.getDefaultAuthProviderIdentifier());
if (auth == null && !pwdChangeWithoutAuthenticationAllowed) {
return false;
}
LDAPLoginManager ldapLoginManager = CoreSpringFactory.getImpl(LDAPLoginManager.class);
if (ldapLoginManager.isIdentityInLDAPSecGroup(id)) {
// it's an ldap-user
return CoreSpringFactory.getImpl(LDAPLoginModule.class).isPropagatePasswordChangedOnLdapServer();
}
return pwdchangeallowed;
}
Aggregations