protected void unlockUser(UserEntity user) { if (user.getAttempts() > 0 || user.getLockExpirationTime() != null) { getIdentityInfoManager().updateUserLock(user, 0, null); } }
protected void unlockUser(UserEntity user) { if (user.getAttempts() > 0 || user.getLockExpirationTime() != null) { getIdentityInfoManager().updateUserLock(user, 0, null); } }
protected boolean isUserLocked(UserEntity user) { ProcessEngineConfigurationImpl processEngineConfiguration = Context.getProcessEngineConfiguration(); int maxAttempts = processEngineConfiguration.getLoginMaxAttempts(); int attempts = user.getAttempts(); if (attempts >= maxAttempts) { throw new AuthenticationException(user.getId()); } Date lockExpirationTime = user.getLockExpirationTime(); Date currentTime = ClockUtil.getCurrentTime(); return lockExpirationTime != null && lockExpirationTime.after(currentTime); }
protected boolean isUserLocked(UserEntity user) { ProcessEngineConfigurationImpl processEngineConfiguration = Context.getProcessEngineConfiguration(); int maxAttempts = processEngineConfiguration.getLoginMaxAttempts(); int attempts = user.getAttempts(); if (attempts >= maxAttempts) { throw new AuthenticationException(user.getId()); } Date lockExpirationTime = user.getLockExpirationTime(); Date currentTime = ClockUtil.getCurrentTime(); return lockExpirationTime != null && lockExpirationTime.after(currentTime); }
public boolean checkPassword(String userId, String password) { UserEntity user = findUserById(userId); if (user == null || password == null) { return false; } if (isUserLocked(user)) { throw new AuthenticationException(userId, user.getLockExpirationTime()); } if (matchPassword(password, user)) { unlockUser(user); return true; } else { lockUser(user); return false; } }
public boolean checkPassword(String userId, String password) { UserEntity user = findUserById(userId); if (user == null || password == null) { return false; } if (isUserLocked(user)) { throw new AuthenticationException(userId, user.getLockExpirationTime()); } if (matchPassword(password, user)) { unlockUser(user); return true; } else { lockUser(user); return false; } }
UserEntity lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNotNull(lockedUser.getLockExpirationTime()); assertEquals(maxNumOfAttempts, lockedUser.getAttempts()); lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNotNull(lockedUser.getLockExpirationTime()); assertEquals(maxNumOfLoginAttempts, lockedUser.getAttempts());
public void testUserUnlock() throws ParseException { // crate user while still in god-mode: String userId = "jonny"; User jonny = identityService.newUser(userId); jonny.setPassword("xxx"); identityService.saveUser(jonny); lockUser(userId, "invalid pwd"); // assume int maxNumOfAttempts = 10; UserEntity lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNotNull(lockedUser.getLockExpirationTime()); assertEquals(maxNumOfAttempts, lockedUser.getAttempts()); // create global auth Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL); basePerms.setResource(USER); basePerms.setResourceId(ANY); basePerms.addPermission(ALL); authorizationService.saveAuthorization(basePerms); // set auth processEngineConfiguration.setAuthorizationEnabled(true); identityService.setAuthentication("admin", Collections.singletonList(Groups.CAMUNDA_ADMIN), null); // when identityService.unlockUser(lockedUser.getId()); // then lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNull(lockedUser.getLockExpirationTime()); assertEquals(0, lockedUser.getAttempts()); }
protected void unlockUser(UserEntity user) { if (user.getAttempts() > 0 || user.getLockExpirationTime() != null) { getIdentityInfoManager().updateUserLock(user, 0, null); } }
protected boolean isUserLocked(UserEntity user) { ProcessEngineConfigurationImpl processEngineConfiguration = Context.getProcessEngineConfiguration(); int maxAttempts = processEngineConfiguration.getLoginMaxAttempts(); int attempts = user.getAttempts(); if (attempts >= maxAttempts) { throw new AuthenticationException(user.getId()); } Date lockExpirationTime = user.getLockExpirationTime(); Date currentTime = ClockUtil.getCurrentTime(); return lockExpirationTime != null && lockExpirationTime.after(currentTime); }
public boolean checkPassword(String userId, String password) { UserEntity user = findUserById(userId); if (user == null || password == null) { return false; } if (isUserLocked(user)) { throw new AuthenticationException(userId, user.getLockExpirationTime()); } if (matchPassword(password, user)) { unlockUser(user); return true; } else { lockUser(user); return false; } }
UserEntity lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNotNull(lockedUser.getLockExpirationTime()); assertEquals(maxNumOfAttempts, lockedUser.getAttempts()); lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNotNull(lockedUser.getLockExpirationTime()); assertEquals(maxNumOfLoginAttempts, lockedUser.getAttempts());
public void testUserUnlock() throws ParseException { // crate user while still in god-mode: String userId = "jonny"; User jonny = identityService.newUser(userId); jonny.setPassword("xxx"); identityService.saveUser(jonny); lockUser(userId, "invalid pwd"); // assume int maxNumOfAttempts = 10; UserEntity lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNotNull(lockedUser.getLockExpirationTime()); assertEquals(maxNumOfAttempts, lockedUser.getAttempts()); // create global auth Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL); basePerms.setResource(USER); basePerms.setResourceId(ANY); basePerms.addPermission(ALL); authorizationService.saveAuthorization(basePerms); // set auth processEngineConfiguration.setAuthorizationEnabled(true); identityService.setAuthentication("admin", Collections.singletonList(Groups.CAMUNDA_ADMIN), null); // when identityService.unlockUser(lockedUser.getId()); // then lockedUser = (UserEntity) identityService.createUserQuery().userId(jonny.getId()).singleResult(); assertNotNull(lockedUser); assertNull(lockedUser.getLockExpirationTime()); assertEquals(0, lockedUser.getAttempts()); }