Project

General

Profile

« Previous | Next » 

Revision 4628

Added by daigle about 16 years ago

Catch login errors and report the details via an exception.

View differences:

src/edu/ucsb/nceas/metacat/util/AuthUtil.java
29 29
import java.util.Calendar;
30 30
import java.util.Vector;
31 31

  
32
import javax.naming.AuthenticationException;
33
import javax.naming.NamingException;
34 32
import javax.servlet.http.HttpServletRequest;
35 33
import javax.servlet.http.HttpSession;
36 34

  
37
import edu.ucsb.nceas.metacat.AuthLdap;
38 35
import edu.ucsb.nceas.metacat.AuthSession;
39 36
import edu.ucsb.nceas.metacat.service.PropertyService;
40 37
import edu.ucsb.nceas.metacat.service.SessionService;
......
167 164
		moderators = StringUtil.toVector(moderatorString, ':');
168 165
	}
169 166

  
170
//	/**
171
//	 * Validate connectivity to the ldap server. This does not test user
172
//	 * authentication. Validation methods return a string error message if there
173
//	 * is an issue. This allows the calling code to run several validations and
174
//	 * compile the errors into a list that can be displayed on a web page if
175
//	 * desired.
176
//	 * 
177
//	 * @param ldapurl
178
//	 *            the url of the ldap server
179
//	 * @param ldapbase
180
//	 *            the ldap base value to test
181
//	 * @return a string holding error message if validation fails.
182
//	 */
183
//	public static String validateLDAPConnectivity(String ldapurl,
184
//			String ldapbase) {
185
//		try {
186
//			AuthLdap authLdap = new AuthLdap();
187
//			authLdap.testCredentials(
188
//					"uid=bogusname,o=NCEAS,dc=ecoinformatics,dc=org",
189
//					"boguspassword", ldapurl, ldapbase);
190
//		} catch (AuthenticationException ae) {
191
//			// Do nothing here. We are using dummy uid and password, so we
192
//			// expect authentication exceptions
193
//		} catch (javax.naming.InvalidNameException ine) {
194
//			return "An invalid domain name was provided: " + ine.getMessage();
195
//		} catch (NamingException ne) {
196
//			return "An invalid ldap name was provided: " + ne.getMessage();
197
//		} catch (InstantiationException ie) {
198
//			return "Could not instantiate AuthLdap: " + ie.getMessage();
199
//		}
200
//
201
//		return null;
202
//	}
203

  
204 167
	/**
205 168
	 * log the user in against ldap.  If the login is successful, add
206 169
	 * the session information to the session list in SessionUtil.
......
212 175

  
213 176
		// make sure we have username and password.
214 177
		if (userName == null || password == null) {
215
			throw new UtilException("null username, password, or dn list when logging user in");
178
			throw new UtilException("null username or password when logging user in");
216 179
		}
217 180

  
218
		// put the login credentials into an LDAP string
219
//		String ldapString = createLDAPString(userName, organization, dnList);
220

  
221 181
		// Create auth session
222 182
		try {
223 183
			authSession = new AuthSession();
......
226 186
					+ e.getMessage());
227 187
		}
228 188
		// authenticate user against ldap
229
		boolean isValid = authSession.authenticate(request, userName,
230
				password);
189
		if(!authSession.authenticate(request, userName,password)) {
190
			throw new UtilException(authSession.getMessage());
191
		}
231 192
		
232
		// if login was successful, add the session information to the 
193
		// if login was successful, add the session information to the
233 194
		// global session list.
234
		if (isValid) {
235
			HttpSession session = authSession.getSessions();
236
			String sessionId = session.getId();
237
			SessionService.registerSession(sessionId, 
238
					(String) session.getAttribute("username"), 
239
					(String[]) session.getAttribute("groupnames"),
240
					(String) session.getAttribute("password"));
241
		}
195
		HttpSession session = authSession.getSessions();
196
		String sessionId = session.getId();
197
		SessionService.registerSession(sessionId, 
198
				(String) session.getAttribute("username"), 
199
				(String[]) session.getAttribute("groupnames"),
200
				(String) session.getAttribute("password"));
242 201
		
243
		return isValid;
202
		return true;
244 203
	}
245 204

  
246 205
	/**
src/edu/ucsb/nceas/metacat/AuthLdap.java
34 34
import javax.naming.NamingEnumeration;
35 35
import javax.naming.NamingException;
36 36
import javax.naming.SizeLimitExceededException;
37
import javax.naming.directory.InvalidSearchFilterException;
38 37
import javax.naming.directory.Attribute;
39 38
import javax.naming.directory.Attributes;
40 39
import javax.naming.directory.DirContext;
......
76 75
  private String ldapConnectTimeLimit;
77 76
  private int ldapSearchTimeLimit;
78 77
  private int ldapSearchCountLimit;
79
  private Context referralContext;
80 78
  private String currentReferralInfo;
81 79
  Hashtable env = new Hashtable(11);
82 80
  private Context rContext;
......
130 128
	 * @returns boolean true if authentication successful, false otherwise
131 129
	 */
132 130
  
133
  public boolean authenticate(String user, String password) throws 
134
    ConnectException {
131
  public boolean authenticate(String user, String password) throws ConnectException {
135 132
    String ldapUrl = this.ldapUrl;
136 133
    String ldapsUrl = this.ldapsUrl;
137 134
    String ldapBase = this.ldapBase;
......
139 136
    String identifier = user;
140 137
    
141 138
    //get uid here.
139
    if (user.indexOf(",") == -1) {
140
    	throw new ConnectException("Invalid LDAP user credential: " + user + ".  Missing ','");
141
    }
142 142
    String uid=user.substring(0, user.indexOf(","));
143 143
    user = user.substring(user.indexOf(","), user.length());
144 144

  
src/edu/ucsb/nceas/metacat/admin/LoginAdmin.java
101 101
			Vector<String> processingErrors = new Vector<String>();
102 102
			Vector<String> validationErrors = new Vector<String>();
103 103
			
104
//			String loginString = null;
105 104
			Boolean isLoggedIn = false;
106 105
			String userName = "";
107 106

  
108
			try {
109 107
				userName = request.getParameter("username");
110
//				String organization = request.getParameter("organization");
111 108
				String password = request.getParameter("password");
112 109
				
113 110
				// Validate that the options provided are legitimate. Note that
......
117 114
				validationErrors.addAll(validateOptions(request));
118 115
				
119 116
				if (validationErrors.size() == 0) {
120
//					Vector<String> dnList = OrganizationUtil.getOrgDNs(organization);
121
					isLoggedIn = AuthUtil.logUserIn(request, userName, password);
122
//					loginString = LDAPUtil.createLDAPString(userName, organization, dnList);
117
					try {
118
						isLoggedIn = AuthUtil.logUserIn(request, userName, password);
119
					} catch (UtilException ue) {
120
						String errorMessage = "Could not log in as: " + userName
121
						+ " : " + ue.getMessage() + ". Please try again";
122
						processingErrors.add(errorMessage);
123
						logMetacat.error(errorMessage);
124
					} 
123 125
				}
124
				
125
				if (!isLoggedIn) {
126
					String errorMessage = "Could not log in as: " + userName
127
							+ " .Please try again";
128
					processingErrors.add(errorMessage);
129
				}
130
			} catch (UtilException ue) {
131
				String errorMessage = "Problem in utility while "
132
					+ "processing entication page: " + ue.getMessage();
133
				processingErrors.add(errorMessage);
134
				logMetacat.error(errorMessage);
135
			} 
136 126
			
137 127
			try {
138 128
				if (validationErrors.size() > 0 || processingErrors.size() > 0) {

Also available in: Unified diff