import javax.naming.ldap.LdapName;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.security.auth.x500.X500Principal;
Iterator<Authorization> auth = subject.getPrivateCredentials(
Authorization.class).iterator();
if (!auth.hasNext())
- return false;
+ throw new FailedLoginException("No authorization available");
authorization = auth.next();
return true;
}
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.CredentialNotFoundException;
+import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.servlet.http.HttpServletRequest;
User user = userAdmin.getUser(null, username);
if (user == null)
- return false;
+ throw new FailedLoginException("Invalid credentials");
if (!user.hasCredential(null, password))
- return false;
+ throw new FailedLoginException("Invalid credentials");
+ // return false;
authorization = userAdmin.getAuthorization(user);
}
}
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
loginContext = new LoginContext(LOGIN_CONTEXT_USER, subject, this);
loginContext.login();
+ } catch (FailedLoginException e) {
+ log.warn(e.getMessage());
+ return false;
} catch (LoginException e) {
- // throw new CmsException("Cannot authenticate", e1);
log.error("Cannot login", e);
return false;
}
import java.util.Locale;
import javax.security.auth.Subject;
+import javax.security.auth.x500.X500Principal;
import org.argeo.cms.CmsMsg;
import org.argeo.cms.auth.CurrentUser;
@Override
protected int postLogin() {
final Display display = Display.getCurrent();
+ Subject subject = getSubject();
+ if (subject.getPrincipals(X500Principal.class).isEmpty()) {
+ RWT.getClient().getService(JavaScriptExecutor.class)
+ .execute("location.reload()");
+ }
//
// RUN THE WORKBENCH
//