/** The login process starts from here. */ public HttpResponse doCommenceLogin( StaplerRequest req, StaplerResponse rsp, @QueryParameter String from, @QueryParameter String ticket) throws ServletException, IOException { // TODO write login method String puid = authenticateInWwpass(ticket, certFile, keyFile); WwpassIdentity u; try { u = loadUserByUsername(puid); } catch (UsernameNotFoundException e) { if (allowsSignup()) { req.setAttribute("errorMessage", Messages.WwpassSecurityRealm_NoSuchUserAllowsSignup()); } else { req.setAttribute("errorMessage", Messages.WwpassSecurityRealm_NoSuchUserDisableSignup()); } req.getView(this, "login.jelly").forward(req, rsp); throw e; } if (!u.isAccountNonLocked() || !u.isEnabled()) { // throw new LockedException("Account is not activated for " + puid); throw new Failure(Messages.WwpassSecurityRealm_AccountNotActivated()); } Authentication a = new WwpassAuthenticationToken(u.getNickname()); a = this.getSecurityComponents().manager.authenticate(a); SecurityContextHolder.getContext().setAuthentication(a); return new HttpRedirect(Jenkins.getInstance().getRootUrl()); }
/** * @return <code>null</code> if failed. The browser is already redirected to retry by the time * this method returns. a valid {@link User} object if the user creation was successful. */ private User createAccount(StaplerRequest req, StaplerResponse rsp, String formView) throws ServletException, IOException { SignupInfo si = new SignupInfo(req); String puid = authenticateInWwpass(si.ticket, certFile, keyFile); try { if (loadUserByUsername(puid) != null) { si.errorMessages.add(Messages.WwpassSecurityRealm_PuidIsAlreadyTaken()); } } catch (UsernameNotFoundException e) { } if (si.nickname == null || si.nickname.length() == 0) si.errorMessages.add(Messages.WwpassSecurityRealm_NicknameIsRequired()); else { User user = User.get(si.nickname, false); if (null != user) if (user.getProperty(WwpassIdentity.class) != null) si.errorMessages.add(Messages.WwpassSecurityRealm_NicknameIsAlreadyTaken()); } if (si.fullname == null || si.fullname.length() == 0) si.errorMessages.add(Messages.WwpassSecurityRealm_FullnameIsRequired()); else { User user = User.get(si.fullname, false); if (null != user) if (user.getProperty(WwpassIdentity.class) != null) si.errorMessages.add(Messages.WwpassSecurityRealm_FullnameIsAlreadyTaken()); } if (si.email == null || !si.email.contains("@")) si.errorMessages.add(Messages.WwpassSecurityRealm_InvalidEmailAddress()); if (!si.errorMessages.isEmpty()) { // failed. ask the user to try again. req.setAttribute("data", si); req.getView(this, formView).forward(req, rsp); return null; } // register the user WwpassIdentity id = new WwpassIdentity(puid); id.populate(si); User user = createAccount(id); id.updateProfile(user); user.save(); return user; }
/** Lets the current user silently login as the given user and report back accordingly. */ @SuppressWarnings("ACL.impersonate") private void loginAndTakeBack(StaplerRequest req, StaplerResponse rsp, User u) throws ServletException, IOException { // ... and let him login Authentication a = new WwpassAuthenticationToken(u.getId()); a = this.getSecurityComponents().manager.authenticate(a); SecurityContextHolder.getContext().setAuthentication(a); // then back to top req.getView(this, "success.jelly").forward(req, rsp); }
public SignupInfo(StaplerRequest req) { req.bindParameters(this); }