@Override public void invalidate() { setStatus(Status.INVALID); password.clear(); } }
@Override public void invalidate() { setStatus(Status.INVALID); password.clear(); } }
@Override public void invalidate() { setStatus(Status.INVALID); password.clear(); } }
@Override public void validate(Credentials credentials, IdentityStore<?> identityStore) { checkIdentityStoreInstance(identityStore); if (!UsernamePasswordCredentials.class.isInstance(credentials)) { throw new IllegalArgumentException("Credentials class [" + credentials.getClass().getName() + "] not supported by this handler."); } UsernamePasswordCredentials usernamePassword = (UsernamePasswordCredentials) credentials; usernamePassword.setStatus(Status.INVALID); Agent agent = identityStore.getAgent(usernamePassword.getUsername()); // If the user for the provided username cannot be found we fail validation if (agent != null) { LDAPIdentityStore ldapIdentityStore = (LDAPIdentityStore) identityStore; LDAPUser ldapUser = (LDAPUser) ldapIdentityStore.getUser(agent.getId()); char[] password = usernamePassword.getPassword().getValue(); boolean isValid = ldapIdentityStore.getLdapManager().authenticate(ldapUser.getDN(), new String(password)); if (isValid) { usernamePassword.setStatus(Status.VALID); } } }
@Override public void validate(Credentials credentials, IdentityStore<?> identityStore) { CredentialStore store = validateCredentialStore(identityStore); if (!UsernamePasswordCredentials.class.isInstance(credentials)) { throw new IllegalArgumentException("Credentials class [" + credentials.getClass().getName() + "] not supported by this handler."); } UsernamePasswordCredentials usernamePassword = (UsernamePasswordCredentials) credentials; usernamePassword.setStatus(Status.INVALID); Agent agent = identityStore.getAgent(usernamePassword.getUsername()); // If the user for the provided username cannot be found we fail validation if (agent != null) { SHASaltedPasswordStorage hash = store.retrieveCurrentCredential(agent, SHASaltedPasswordStorage.class); // If the stored hash is null we automatically fail validation if (hash != null) { SHASaltedPasswordEncoder encoder = new SHASaltedPasswordEncoder(512); String encoded = encoder.encodePassword(hash.getSalt(), new String(usernamePassword.getPassword().getValue())); if (hash.getEncodedHash().equals(encoded)) { usernamePassword.setStatus(Status.VALID); usernamePassword.setValidatedAgent(agent); } } else if (isLastCredentialExpired(agent, store, SHASaltedPasswordStorage.class)) { usernamePassword.setStatus(Status.EXPIRED); } } }