public SecurityChallenge getDefaultSecurityChallenge(String username) {
for (LdapServer ldapServer : ldapServers) {
try {
SecurityChallenge challenge = ldapServer.getDefaultSecurityChallenge(username);
if (logger.isDebugEnabled()) {
if (challenge != null) {
logger.debug(
"Successfully got default security challenge for "
+ username
+ " at "
+ ldapServer.getDescription());
} else {
logger.debug(
"Got null default security challenge for "
+ username
+ " at "
+ ldapServer.getDescription());
}
}
return challenge;
} catch (NameNotFoundException ex) {
logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
// ignore... we'll try another server
} catch (ObjectRetrievalException ex) {
logger.debug("Multiple results found for " + username);
// ignore it... try the next server
}
}
logger.debug("Couldn't find default security questions for " + username);
throw new NameNotFoundException(
"Couldn't find username " + username + " in any of provided servers.");
}
@Override
public void setUserPassword(String username, String password) {
logger.debug("We have " + ldapServers.size() + " LDAP servers to look at.");
for (LdapServer ldapServer : ldapServers) {
logger.debug("Checking server " + ldapServer.getDescription() + " for user " + username);
try {
ldapServer.setPassword(username, password);
logger.debug(
"Successfully set password for " + username + " at " + ldapServer.getDescription());
return;
} catch (NameNotFoundException ex) {
logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
// ignore... we'll try another server
} catch (ObjectRetrievalException ex) {
logger.debug("Multiple results found for " + username);
// ignore it... try the next server
}
}
logger.debug("Couldn't find server for " + username);
throw new NameNotFoundException(
"Couldn't find username " + username + " in any of provided servers.");
}
@Override
public void setUserSecurityChallenge(String username, SecurityChallenge securityChallenge) {
for (LdapServer server : ldapServers) {
try {
server.setUserSecurityChallenge(username, securityChallenge);
logger.debug(
"Successfully set user security challenge for "
+ username
+ " at "
+ server.getDescription());
return;
} catch (NameNotFoundException ex) {
logger.debug("Didn't find " + username + " in " + server.getDescription());
// ignore it... try the next server
} catch (ObjectRetrievalException ex) {
logger.debug("Multiple results found for " + username);
// ignore it... try the next server
}
}
throw new NameNotFoundException(
"Couldn't find username " + username + " in any of provided servers.");
}
@Override
public void changeUserPassword(String username, String oldPassword, String newPassword)
throws UserLockedOutException {
// throws UserLockedOutException if this isn't allowed
lockoutService.allowAttempt(username);
for (LdapServer ldapServer : ldapServers) {
try {
if (ldapServer.verifyPassword(username, oldPassword)) {
ldapServer.setPassword(username, newPassword);
logger.debug(
"Successfully changed password for "
+ username
+ " at "
+ ldapServer.getDescription());
lockoutService.clearIncorrectAttempts(username);
return;
}
} catch (AuthenticationException ex) {
logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
// ignore... we'll try another server
} catch (NameNotFoundException ex) {
logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
// ignore... we'll try another server
} catch (ObjectRetrievalException ex) {
logger.debug("Multiple results found for " + username);
// ignore it... try the next server
}
}
lockoutService.registerIncorrectAttempt(username);
logger.debug("Couldn't find server for " + username + " or bad password.");
throw new NameNotFoundException(
"Couldn't find username " + username + " in any of provided servers or bad password.");
}