diff options
Diffstat (limited to 'redback-authentication')
4 files changed, 71 insertions, 2 deletions
diff --git a/redback-authentication/redback-authentication-api/pom.xml b/redback-authentication/redback-authentication-api/pom.xml index a175ed5e0..463a846b3 100644 --- a/redback-authentication/redback-authentication-api/pom.xml +++ b/redback-authentication/redback-authentication-api/pom.xml @@ -65,7 +65,8 @@ org.apache.archiva.redback.policy;version=${project.version}, org.apache.archiva.redback.users;version=${project.version}, org.apache.commons.lang;version="[2.6,3)", - org.springframework*;version="[3,4)" + org.springframework*;version="[3,4)", + org.slf4j;resolution:=optional </Import-Package> </instructions> </configuration> diff --git a/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationFailureCause.java b/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationFailureCause.java index 9b87debf4..d6dd9dc29 100644 --- a/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationFailureCause.java +++ b/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationFailureCause.java @@ -18,6 +18,8 @@ package org.apache.archiva.redback.authentication; * under the License. */ +import org.apache.archiva.redback.users.User; + import java.io.Serializable; /** @@ -33,6 +35,8 @@ public class AuthenticationFailureCause private String message; + private User user; + public AuthenticationFailureCause( int cause, String message ) { this.cause = cause; @@ -59,6 +63,22 @@ public class AuthenticationFailureCause this.message = message; } + public User getUser() + { + return user; + } + + public AuthenticationFailureCause user ( User user) + { + this.user = user; + return this; + } + + public void setUser( User user ) + { + this.user = user; + } + @Override public String toString() { diff --git a/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationResult.java b/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationResult.java index c76ea98f4..dd98d56f7 100644 --- a/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationResult.java +++ b/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationResult.java @@ -22,6 +22,7 @@ package org.apache.archiva.redback.authentication; import org.apache.archiva.redback.users.User; import java.io.Serializable; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -93,6 +94,10 @@ public class AuthenticationResult public List<AuthenticationFailureCause> getAuthenticationFailureCauses() { + if ( authenticationFailureCauses == null ) + { + this.authenticationFailureCauses = new ArrayList<AuthenticationFailureCause>(); + } return authenticationFailureCauses; } diff --git a/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/DefaultAuthenticationManager.java b/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/DefaultAuthenticationManager.java index 68165a779..d39587c40 100644 --- a/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/DefaultAuthenticationManager.java +++ b/redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/DefaultAuthenticationManager.java @@ -21,11 +21,17 @@ package org.apache.archiva.redback.authentication; import org.apache.archiva.redback.policy.AccountLockedException; import org.apache.archiva.redback.policy.MustChangePasswordException; +import org.apache.archiva.redback.users.User; +import org.apache.archiva.redback.users.UserManager; +import org.apache.archiva.redback.users.UserManagerException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.context.ApplicationContext; import org.springframework.stereotype.Service; import javax.annotation.PostConstruct; import javax.inject.Inject; +import javax.inject.Named; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -47,12 +53,18 @@ public class DefaultAuthenticationManager implements AuthenticationManager { + private Logger log = LoggerFactory.getLogger( getClass() ); + private List<Authenticator> authenticators; @Inject private ApplicationContext applicationContext; - @SuppressWarnings("unchecked") + @Inject + @Named( value = "userManager#configurable" ) + private UserManager userManager; + + @SuppressWarnings( "unchecked" ) @PostConstruct public void initialize() { @@ -88,6 +100,37 @@ public class DefaultAuthenticationManager if ( authResult.isAuthenticated() ) { + //olamy: as we can chain various user managers with Archiva + // user manager authenticator can lock accounts in the following case : + // 2 user managers: ldap and jdo. + // ldap correctly find the user but cannot compare hashed password + // jdo reject password so increase loginAttemptCount + // now ldap bind authenticator work but loginAttemptCount has been increased. + // so we restore here loginAttemptCount to 0 if in authenticationFailureCauses + + for ( AuthenticationFailureCause authenticationFailureCause : authenticationFailureCauses ) + { + User user = authenticationFailureCause.getUser(); + if ( user != null ) + { + if ( user.getCountFailedLoginAttempts() > 0 ) + { + user.setCountFailedLoginAttempts( 0 ); + if ( !userManager.isReadOnly() ) + { + try + { + userManager.updateUser( user ); + } + catch ( UserManagerException e ) + { + log.debug( e.getMessage(), e ); + log.warn( "skip error updating user: {}", e.getMessage() ); + } + } + } + } + } return authResult; } |