You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2005/04/24 14:41:43 UTC
cvs commit: jakarta-jetspeed-2/applications/security/src/webapp/WEB-INF/security/login login.jsp
ate 2005/04/24 05:41:43
Modified: portal/src/webapp/WEB-INF/assembly pipelines.xml
applications/security/src/java/org/apache/jetspeed/portlets/security/resources
LoginResources_nl.properties
LoginResources_en.properties
LoginResources.properties
portal/src/test/org/apache/jetspeed/pipeline
TestPipeline.java
applications/security/src/webapp/WEB-INF/security/login
login.jsp
Added: portal/src/java/org/apache/jetspeed/security/impl
LoginValidationValveImpl.java
portal/src/java/org/apache/jetspeed/pipeline/valve
LoginValidationValve.java
Log:
Implementing http://issues.apache.org/jira/browse/JS2-239: Improved feedback on Login failure
Note:
i18n translations for the new error messages in LoginResources.properties are not yet supplied for it, ja and zh.
Revision Changes Path
1.10 +24 -8 jakarta-jetspeed-2/portal/src/webapp/WEB-INF/assembly/pipelines.xml
Index: pipelines.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/portal/src/webapp/WEB-INF/assembly/pipelines.xml,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- pipelines.xml 26 Jan 2005 00:44:41 -0000 1.9
+++ pipelines.xml 24 Apr 2005 12:41:43 -0000 1.10
@@ -65,6 +65,21 @@
</constructor-arg>
</bean>
+ <bean id="loginValidationValve"
+ class="org.apache.jetspeed.security.impl.LoginValidationValveImpl"
+ init-method="initialize"
+ >
+ <!-- maxNumberOfAuthenticationFailures
+ This value should be in sync with the value for
+ org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor
+ (if used) to make sense.
+ Any value < 2 will suppress the LoginConststants.ERROR_FINAL_LOGIN_ATTEMPT
+ error code when one one last attempt is possible before the credential
+ will be disabled on failure.
+ -->
+ <constructor-arg index="0"><value>3</value></constructor-arg>
+ </bean>
+
<bean id="profilerValve"
class="org.apache.jetspeed.profiler.impl.ProfilerValveImpl"
init-method="initialize"
@@ -124,16 +139,17 @@
</constructor-arg>
<constructor-arg>
<list>
- <ref bean="localizationValve"/>
- <ref bean="capabilityValve"/>
+ <ref bean="localizationValve"/>
+ <ref bean="capabilityValve"/>
<ref bean="portalURLValve"/>
- <ref bean="securityValve"/>
+ <ref bean="securityValve"/>
<ref bean="passwordCredentialValve"/>
- <ref bean="profilerValve"/>
- <ref bean="containerValve"/>
- <ref bean="actionValve"/>
- <ref bean="aggregatorValve"/>
- <ref bean="cleanUpValve"/>
+ <ref bean="loginValidationValve"/>
+ <ref bean="profilerValve"/>
+ <ref bean="containerValve"/>
+ <ref bean="actionValve"/>
+ <ref bean="aggregatorValve"/>
+ <ref bean="cleanUpValve"/>
</list>
</constructor-arg>
</bean>
1.1 jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java
Index: LoginValidationValveImpl.java
===================================================================
/*
* Copyright 2000-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.security.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.login.LoginConstants;
import org.apache.jetspeed.pipeline.PipelineException;
import org.apache.jetspeed.pipeline.valve.AbstractValve;
import org.apache.jetspeed.pipeline.valve.ValveContext;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.UserPrincipal;
/**
* LoginValidationValve
*
* @author <a href="mailto:ate@apache.org">Ate Douma</a>
* @version $Id: LoginValidationValveImpl.java,v 1.1 2005/04/24 12:41:43 ate Exp $
*/
public class LoginValidationValveImpl extends AbstractValve implements org.apache.jetspeed.pipeline.valve.LoginValidationValve
{
private static final Log log = LogFactory.getLog(LoginValidationValveImpl.class);
// This value should be in sync with that of InternalPasswordCredentialStateHandlingInterceptor (if used)
// to make any sense.
// Providing value < 2 will disable the LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT warning
private int maxNumberOfAuthenticationFailures;
public LoginValidationValveImpl(int maxNumberOfAuthenticationFailures)
{
this.maxNumberOfAuthenticationFailures = maxNumberOfAuthenticationFailures;
}
/**
* @see org.apache.jetspeed.pipeline.valve.Valve#invoke(org.apache.jetspeed.request.RequestContext, org.apache.jetspeed.pipeline.valve.ValveContext)
*/
public void invoke(RequestContext request, ValveContext context) throws PipelineException
{
try
{
if ( request.getRequest().getUserPrincipal() == null )
{
if ( request.getSessionAttribute(LoginConstants.RETRYCOUNT) != null )
{
// we have a login attempt failure
String userName = (String)request.getSessionAttribute(LoginConstants.USERNAME);
if ( userName != null )
{
UserManager um = (UserManager)Jetspeed.getComponentManager().getComponent(UserManager.class);
if ( um != null )
{
User user = null;
try
{
user = um.getUser(userName);
UserPrincipal userPrincipal = (UserPrincipal)SecurityHelper.getPrincipal(user.getSubject(), UserPrincipal.class);
if ( !userPrincipal.isEnabled() )
{
request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_USER_DISABLED);
}
else
{
PasswordCredential pwdCredential = SecurityHelper.getPasswordCredential(user.getSubject());
if ( pwdCredential == null || !pwdCredential.isEnabled() )
{
request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);
}
else if ( maxNumberOfAuthenticationFailures > 1 && pwdCredential.getAuthenticationFailures() == maxNumberOfAuthenticationFailures -1 )
{
request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT);
}
else
{
request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_INVALID_PASSWORD);
}
}
}
catch (SecurityException sex)
{
request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_UNKNOWN_USER);
}
}
}
else
{
request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_UNKNOWN_USER);
}
}
}
context.invokeNext(request);
}
catch (Exception e)
{
log.error("Exception in request pipeline: " + e.getMessage(), e);
throw new PipelineException(e.toString(), e);
}
}
public String toString()
{
return "PasswordCredentialValve";
}
}
1.2 +11 -1 jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/LoginResources_nl.properties
Index: LoginResources_nl.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/LoginResources_nl.properties,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- LoginResources_nl.properties 26 Jan 2005 13:11:46 -0000 1.1
+++ LoginResources_nl.properties 24 Apr 2005 12:41:43 -0000 1.2
@@ -29,3 +29,13 @@
login.label.Username=Gebruikersnaam
login.label.Password=Wachtwoord
login.label.ChangePassword=Wijzigen wachtwoord
+# LoginConstants.ERROR_UNKNOWN_USER
+login.label.ErrorCode.1=Incorrecte gebruikersnaam
+# LoginConstants.ERROR_INVALID_PASSWORD
+login.label.ErrorCode.2=Incorrect wachtwoord.
+# LoginConstants.ERROR_USER_DISABLED
+login.label.ErrorCode.3=Dit account is geblokkeerd.<br/>Neem contact op met beheer.
+# LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT
+login.label.ErrorCode.4=Incorrect wachtwoord.<br/>Waarschuwing: slechts 1 login poging is nog toegestaan voor dit account.
+# LoginConstants.ERROR_CREDENTIAL_DISABLED
+login.label.ErrorCode.5=Het wachtwoord voor dit account is geblokkeerd.<br/>Neem contact op met beheer.
1.4 +11 -2 jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/LoginResources_en.properties
Index: LoginResources_en.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/LoginResources_en.properties,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- LoginResources_en.properties 30 Oct 2004 00:12:18 -0000 1.3
+++ LoginResources_en.properties 24 Apr 2005 12:41:43 -0000 1.4
@@ -29,4 +29,13 @@
login.label.Username=Username
login.label.Password=Password
login.label.ChangePassword=Change Password
-
+# LoginConstants.ERROR_UNKNOWN_USER
+login.label.ErrorCode.1=Invalid username
+# LoginConstants.ERROR_INVALID_PASSWORD
+login.label.ErrorCode.2=Invalid password
+# LoginConstants.ERROR_USER_DISABLED
+login.label.ErrorCode.3=This user account is disabled.<br/>Please contact administration.
+# LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT
+login.label.ErrorCode.4=Invalid password.<br/>Warning: only one login attempt remains for this account
+# LoginConstants.ERROR_CREDENTIAL_DISABLED
+login.label.ErrorCode.5=This user account its password is disabled.<br/>Please contact administration.
1.3 +11 -1 jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/LoginResources.properties
Index: LoginResources.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/resources/LoginResources.properties,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LoginResources.properties 18 Oct 2004 01:42:07 -0000 1.2
+++ LoginResources.properties 24 Apr 2005 12:41:43 -0000 1.3
@@ -23,3 +23,13 @@
login.label.Username=Username
login.label.Password=Password
login.label.ChangePassword=Change Password
+# LoginConstants.ERROR_UNKNOWN_USER
+login.label.ErrorCode.1=Invalid username
+# LoginConstants.ERROR_INVALID_PASSWORD
+login.label.ErrorCode.2=Invalid password
+# LoginConstants.ERROR_USER_DISABLED
+login.label.ErrorCode.3=This user account is disabled.<br/>Please contact administration.
+# LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT
+login.label.ErrorCode.4=Invalid password.<br/>Warning: only one login attempt remains for this account
+# LoginConstants.ERROR_CREDENTIAL_DISABLED
+login.label.ErrorCode.5=This user account its password is disabled.<br/>Please contact administration.
1.17 +7 -6 jakarta-jetspeed-2/portal/src/test/org/apache/jetspeed/pipeline/TestPipeline.java
Index: TestPipeline.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/portal/src/test/org/apache/jetspeed/pipeline/TestPipeline.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- TestPipeline.java 25 Nov 2004 21:05:20 -0000 1.16
+++ TestPipeline.java 24 Apr 2005 12:41:43 -0000 1.17
@@ -82,11 +82,12 @@
assertTrue(valves[2].toString().equals("PortalURLValveImpl"));
assertTrue(valves[3].toString().equals("SecurityValve"));
assertTrue(valves[4].toString().equals("PasswordCredentialValve"));
- assertTrue(valves[5].toString().equals("ProfilerValve"));
- assertTrue(valves[6].toString().equals("ContainerValve"));
- assertTrue(valves[7].toString().equals("ActionValveImpl"));
- assertTrue(valves[8].toString().equals("AggregatorValve"));
- assertTrue(valves[9].toString().equals("CleanupValveImpl"));
+ assertTrue(valves[5].toString().equals("LoginValidationValue"));
+ assertTrue(valves[6].toString().equals("ProfilerValve"));
+ assertTrue(valves[7].toString().equals("ContainerValve"));
+ assertTrue(valves[8].toString().equals("ActionValveImpl"));
+ assertTrue(valves[9].toString().equals("AggregatorValve"));
+ assertTrue(valves[10].toString().equals("CleanupValveImpl"));
assertNotNull(engine.getPipeline("action-pipeline"));
assertNotNull(engine.getPipeline("portlet-pipeline"));
}
1.1 jakarta-jetspeed-2/portal/src/java/org/apache/jetspeed/pipeline/valve/LoginValidationValve.java
Index: LoginValidationValve.java
===================================================================
/*
* Copyright 2000-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.pipeline.valve;
/**
* Checks if a login attempt failed and determines the cause.
* <br/>
* Read from the ValveContext:
* <ul>
* </ul>
*
* <br/>
* Written into the ValveContext:
* <ul>
* </ul>
*
* <br>
* Note: The primary purpose of this interface is primary for documention.
*
* @author <a href="mailto:ate@apache.org">Ate Douma</a>
* @version $Id: LoginValidationValve.java,v 1.1 2005/04/24 12:41:43 ate Exp $
*/
public interface LoginValidationValve extends Valve
{
}
1.10 +18 -7 jakarta-jetspeed-2/applications/security/src/webapp/WEB-INF/security/login/login.jsp
Index: login.jsp
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/webapp/WEB-INF/security/login/login.jsp,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- login.jsp 27 Jan 2005 23:52:17 -0000 1.9
+++ login.jsp 24 Apr 2005 12:41:43 -0000 1.10
@@ -32,17 +32,28 @@
</c:when>
<c:otherwise>
<%-- backdoor access to the portal session to get the login error count --%>
- <c_rt:set var="retryCount" value="<%=((RequestContext)request.getAttribute(RequestContext.REQUEST_PORTALENV)).getSessionAttribute(LoginConstants.RETRYCOUNT)%>"/>
- <c:if test="${not empty retryCount}">
- <br>
- <i><fmt:message key="login.label.InvalidUsernameOrPassword"><fmt:param value="${retryCount}"/></fmt:message></i>
- <br>
- </c:if>
+ <c_rt:set var="errorCode" value="<%=((RequestContext)request.getAttribute(RequestContext.REQUEST_PORTALENV)).getSessionAttribute(LoginConstants.ERRORCODE)%>"/>
+ <c:choose>
+ <c:when test="${not empty errorCode}">
+ <br>
+ <i><fmt:message key="login.label.ErrorCode.${errorCode}"/></i>
+ <br>
+ </c:when>
+ <c:otherwise>
+ <c_rt:set var="retryCount" value="<%=((RequestContext)request.getAttribute(RequestContext.REQUEST_PORTALENV)).getSessionAttribute(LoginConstants.RETRYCOUNT)%>"/>
+ <c:if test="${not empty retryCount}">
+ <br>
+ <i><fmt:message key="login.label.InvalidUsernameOrPassword"><fmt:param value="${retryCount}"/></fmt:message></i>
+ <br>
+ </c:if>
+ </c:otherwise>
+ </c:choose>
<form method="POST" action='<c:url context="${requestContext.request.contextPath}" value="/login/proxy"/>'>
<table border="0">
<tr>
<td><fmt:message key="login.label.Username"/></td>
- <td><input type="text" size="30" name="<%=LoginConstants.USERNAME%>"></td>
+ <c_rt:set var="userName" value="<%=((RequestContext)request.getAttribute(RequestContext.REQUEST_PORTALENV)).getSessionAttribute(LoginConstants.USERNAME)%>"/>
+ <td><input type="text" size="30" name="<%=LoginConstants.USERNAME%>" value="<c:out value="${userName}"/>"></td>
</tr>
<tr>
<td><fmt:message key="login.label.Password"/></td>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org