예제 #1
0
  /**
   * This method checks the current state and decides the validation to be performed corresponding
   * to the state.
   */
  public int process(Callback[] callbacks, int state) throws AuthLoginException {
    try {
      if (state == 1)
        sharedState.put("javax.security.auth.login.name", ((NameCallback) callbacks[0]).getName());

      userName = (String) sharedState.get("javax.security.auth.login.name");
      HttpServletRequest request = getHttpServletRequest();

      if (StringUtils.isNotBlank(userName)) {
        user = CommonUtilities.getUser(userName, request);
      } else {
        replaceHeader(MODULE_ENTRY_POINT, getLocalizedString("missingUserAttr.message"));
        return MODULE_ENTRY_POINT;
      }

      String submitedState = getSubmitedState(callbacks);
      if (state == MODULE_SUCCESS_MSG
          || (submitedState != null && !String.valueOf(state).equals(submitedState))) {
        return state;
      }

      int returnState = 0;

      switch (state) {
        case MODULE_ENTRY_POINT:
          returnState = setResetQuestions();
          break;
        case MODULE_VALIDATE_ANSWERS:
          returnState = validateAnswers(callbacks);
          break;
        default:
          throw new AuthLoginException("Invalid state: " + state);
      }
      if (state != returnState && returnState == MODULE_VALIDATE_ANSWERS)
        replaceHeader(returnState, " ");

      return returnState;
    } catch (Exception e) {
      debug.error("Error occured while processing password reset module:", e);
      throw new AuthLoginException(e);
    }
  }
예제 #2
0
  /**
   * This method is used to validate the security answers and on on successful validation, it resets
   * the password and sends a mail to the user with the generated password.
   *
   * @param callbacks
   * @return
   * @throws Exception
   */
  private int validateAnswers(Callback[] callbacks) throws Exception {
    for (Callback callback_ : callbacks) {
      if (callback_ instanceof NameCallback) {
        NameCallback callback = (NameCallback) callback_;
        if (StringUtils.isEmpty(callback.getName())) {
          replaceHeader(MODULE_VALIDATE_ANSWERS, getLocalizedString("missingAnswer.message"));
          return MODULE_VALIDATE_ANSWERS;
        }
      }
    }
    Map<String, String> qaMap = (Map<String, String>) sharedState.get("QAMap");
    for (Callback callback_ : callbacks) {
      if (callback_ instanceof NameCallback) {
        NameCallback callback = (NameCallback) callback_;
        if (!qaMap.get(callback.getPrompt()).equals(callback.getName().trim())) {
          resetLockout.invalidAnswer(user);
          debug.error("Invalid password reset answers provided for " + user.getUniversalId());
          int warningCount = resetLockout.getWarnUserCount(user.getUniversalId());
          if (warningCount < 0) {
            replaceHeader(
                MODULE_SUCCESS_MSG,
                "<font color=\"red\">" + getLocalizedString("lockoutMsg.message") + "</font>");
            return MODULE_SUCCESS_MSG;
          } else if (warningCount > 0) {
            replaceHeader(
                MODULE_VALIDATE_ANSWERS,
                MessageFormat.format(
                    getLocalizedString("lockoutWarning.message"), new Object[] {warningCount}));
            return MODULE_VALIDATE_ANSWERS;
          } else {
            replaceHeader(MODULE_VALIDATE_ANSWERS, getLocalizedString("wrongAnswer.message"));
            return MODULE_VALIDATE_ANSWERS;
          }
        }
      }
    }
    resetLockout.removeUserLockoutEntry(user.getUniversalId());
    String resetPassword = new RandomPasswordGenerator().generatePassword(user);

    // ensure the random generated password meets the password criteria
    while (!isValidPWD(resetPassword))
      resetPassword = new RandomPasswordGenerator().generatePassword(user);

    Map<String, Set> attrMap = new HashMap<String, Set>();
    Set<String> attribVals = new HashSet<String>();
    attribVals.add(resetPassword);
    attrMap.put(
        CommonUtilities.getProperty(PassphraseConstants.USER_PASSWORD_ATTRIBUTE), attribVals);

    // Enable the force password reset flag
    Set<String> passwordResetFlag = new HashSet<String>();
    passwordResetFlag.add("true");
    attrMap.put(
        CommonUtilities.getProperty(PassphraseConstants.USER_PASSWORD_RESET_FLAG_ATTRIBUTE),
        passwordResetFlag);

    user.setAttributes(attrMap);
    user.store();

    debug.message("Password has been reset for the user: "******"emailNotify.message"));
    } catch (Exception e) {
      debug.error("Error sending password reset mail:", e);
      replaceHeader(MODULE_SUCCESS_MSG, getLocalizedString("sendEmailFailed.message"));
    }
    return MODULE_SUCCESS_MSG;
  }