/** * This method checks if the user account exist or is locked. If the account is * locked, the authentication process will be terminated after this method * returning false. */ @Override public boolean doPreAuthenticate(String userName, Object credential, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } if (log.isDebugEnabled()) { log.debug("Pre authenticator is called in IdentityMgtEventListener"); } IdentityUtil.clearIdentityErrorMsg(); IdentityUtil.threadLocalProperties.get().remove(RE_CAPTCHA_USER_DOMAIN); // This is used set domain of the user when authentication is failed for an existing user. This is required // for re-captcha feature. IdentityUtil.threadLocalProperties.get().put(RE_CAPTCHA_USER_DOMAIN, IdentityGovernanceUtil.getUserStoreDomainName(userStoreManager)); String eventName = IdentityEventConstants.Event.PRE_AUTHENTICATION; HashMap<String, Object> properties = new HashMap<>(); properties.put(IdentityEventConstants.EventProperty.CREDENTIAL, credential); handleEvent(userName, userStoreManager, eventName, properties); return true; }
/** * To get account lock error code from identity error message context. * * @return the error code */ private String getErrorCode() { String errorCode = null; IdentityErrorMsgContext errorContext = IdentityUtil.getIdentityErrorMsg(); IdentityUtil.clearIdentityErrorMsg(); if (errorContext != null && errorContext.getErrorCode() != null) { if (log.isDebugEnabled()) { log.debug("Retrieving error code " + errorContext.getErrorCode() + " from identity error message " + "context "); } errorCode = errorContext.getErrorCode(); } return errorCode; }
/** * To get account lock error code from identity error message context. * * @return the error code */ private String getErrorCode() { String errorCode = null; IdentityErrorMsgContext errorContext = IdentityUtil.getIdentityErrorMsg(); IdentityUtil.clearIdentityErrorMsg(); if (errorContext != null && errorContext.getErrorCode() != null) { if (log.isDebugEnabled()) { log.debug("Retrieving error code " + errorContext.getErrorCode() + " from identity error message " + "context "); } errorCode = errorContext.getErrorCode(); } return errorCode; }
return true; IdentityUtil.clearIdentityErrorMsg(); boolean accountLocked = Boolean.parseBoolean(claims.get(UserIdentityDataStore.ACCOUNT_LOCK)); if (accountLocked) {
IdentityUtil.clearIdentityErrorMsg();
IdentityUtil.clearIdentityErrorMsg();
IdentityUtil.clearIdentityErrorMsg();
IdentityUtil.clearIdentityErrorMsg();
IdentityUtil.clearIdentityErrorMsg();
@Override public void handleEvent(Event event) throws IdentityEventException { IdentityUtil.clearIdentityErrorMsg(); Map<String, Object> eventProperties = event.getEventProperties(); String userName = (String) eventProperties.get(IdentityEventConstants.EventProperty.USER_NAME); UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get(IdentityEventConstants.EventProperty .USER_STORE_MANAGER); String userStoreDomainName = AccountUtil.getUserStoreDomainName(userStoreManager); String tenantDomain = (String) eventProperties.get(IdentityEventConstants.EventProperty.TENANT_DOMAIN); String usernameWithDomain = UserCoreUtil.addDomainToName(userName, userStoreDomainName); boolean userExists; try { userExists = userStoreManager.isExistingUser(usernameWithDomain); } catch (UserStoreException e) { throw new IdentityEventException("Error in accessing user store"); } if (!userExists) { return; } if (IdentityEventConstants.Event.PRE_AUTHENTICATION.equals(event.getEventName())) { handlePreAuthentication(event, userName, userStoreManager, userStoreDomainName, tenantDomain); } else if (IdentityEventConstants.Event.PRE_SET_USER_CLAIMS.equals(event.getEventName())) { handlePreSetUserClaimValues(event, userName, userStoreManager, userStoreDomainName, tenantDomain); } else if (IdentityEventConstants.Event.POST_SET_USER_CLAIMS.equals(event.getEventName())) { handlePostSetUserClaimValues(event, userName, userStoreManager, userStoreDomainName, tenantDomain); } }
IdentityUtil.clearIdentityErrorMsg(); IdentityErrorMsgContext customErrorMessageContext = new IdentityErrorMsgContext(UserCoreConstants .ErrorCode.USER_IS_LOCKED); IdentityUtil.setIdentityErrorMsg(customErrorMessageContext); } else if (isAccountDisabled) { IdentityUtil.clearIdentityErrorMsg(); IdentityErrorMsgContext customErrorMessageContext = new IdentityErrorMsgContext( IdentityCoreConstants.USER_ACCOUNT_DISABLED_ERROR_CODE);
throw new FrameworkException("Error while provisioning user : " + subject, e); } finally { IdentityUtil.clearIdentityErrorMsg();
throw new FrameworkException("Error while provisioning user : " + subject, e); } finally { IdentityUtil.clearIdentityErrorMsg();
boolean accountDisabled = Boolean.parseBoolean(claimValue); if (accountDisabled) { IdentityUtil.clearIdentityErrorMsg(); IdentityUtil.setIdentityErrorMsg(new IdentityErrorMsgContext(IdentityCoreConstants .USER_ACCOUNT_DISABLED_ERROR_CODE)); boolean accountLocked = Boolean.parseBoolean(claimValue); if (accountLocked) { IdentityUtil.clearIdentityErrorMsg(); IdentityUtil.setIdentityErrorMsg(new IdentityErrorMsgContext(UserCoreConstants.ErrorCode .USER_IS_LOCKED));
throw new FrameworkException("Error while provisioning user : " + subject, e); } finally { IdentityUtil.clearIdentityErrorMsg();
IdentityUtil.clearIdentityErrorMsg(); if (!accountLockedEnabled) { return;
@Override public void handleEvent(Event event) throws IdentityEventException { IdentityUtil.clearIdentityErrorMsg();
IdentityUtil.clearIdentityErrorMsg();