Exemple #1
0
 /**
  * Check if user is authorized.
  *
  * @param user the user to check
  * @return true, if successful
  */
 protected boolean authorizeUser(User user) {
   boolean authorize = true;
   if (user == null) {
     messages.error(new YoutestitMSG("error.login.user.not.exists"));
     authorize = false;
   } else if (!user.isEnable()) {
     messages.error(new YoutestitMSG("error.login.user.not.enable"));
     authorize = false;
   } else if (user.getProfile() != null && !user.getProfile().isEnable()) {
     messages.error(new YoutestitMSG("error.login.profile.not.enable"));
     authorize = false;
   }
   return authorize;
 }
Exemple #2
0
  /**
   * Authenticate jpa.
   *
   * @throws ClientException the client exception
   */
  protected void authenticateJPA() throws ClientException {
    User user = userDAO.getUserByLogin(credentials.getUsername());
    boolean hasNoError = true;

    hasNoError = authorizeUser(user);

    String password = null;
    if (hasNoError) {
      if (credentials != null && credentials.getCredential() instanceof PasswordCredential) {
        password = ((PasswordCredential) credentials.getCredential()).getValue();
      }
      if (password == null) {
        messages.error(new YoutestitMSG("error.login.password.require"));
        hasNoError = false;
      }
    }

    if (hasNoError) {
      final String cryptedPassword = Sha1Encryption.getInstance().encryptToSha1(password);

      if (user.getPassword().equals(cryptedPassword)) {
        loginEventSrc.fire(user);
        setUser(new SimpleUser(user.getLogin()));
        identity.getUser();
      } else {
        messages.error(new YoutestitMSG("error.login.password.wrong"));
        hasNoError = false;
      }
    }

    if (hasNoError) {
      setStatus(AuthenticationStatus.SUCCESS);
    } else {
      setStatus(AuthenticationStatus.FAILURE);
    }
  }