Improve login feedback.

git-svn-id: https://svn.argeo.org/commons/trunk@8587 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/NodeUserLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/NodeUserLoginModule.java
index a2f5863cb434008cf06f8ba02b27e5d79525d2f8..5dce3c61da1f8a46f3f19b00ebd975e3236632bf 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/NodeUserLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/NodeUserLoginModule.java
@@ -12,6 +12,7 @@ import javax.naming.InvalidNameException;
 import javax.naming.ldap.LdapName;
 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import javax.security.auth.x500.X500Principal;
@@ -61,7 +62,7 @@ public class NodeUserLoginModule implements LoginModule {
                Iterator<Authorization> auth = subject.getPrivateCredentials(
                                Authorization.class).iterator();
                if (!auth.hasNext())
-                       return false;
+                       throw new FailedLoginException("No authorization available");
                authorization = auth.next();
                return true;
        }

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index db677f57e13dc7f9a5715459dc532248ac054f2f..ea2a6dedf6ea2877c3dcf487999420118aa9aa31 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -14,6 +14,7 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.CredentialNotFoundException;
+import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import javax.servlet.http.HttpServletRequest;
@@ -108,9 +109,10 @@ public class UserAdminLoginModule implements LoginModule, AuthConstants {
 
                                        User user = userAdmin.getUser(null, username);
                                        if (user == null)
-                                               return false;
+                                               throw new FailedLoginException("Invalid credentials");
                                        if (!user.hasCredential(null, password))
-                                               return false;
+                                               throw new FailedLoginException("Invalid credentials");
+                                       // return false;
                                        authorization = userAdmin.getAuthorization(user);
                                }
                        }

diff --git a/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java b/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java
index 298b3965b9fdc0bfc2b79ecaa6ec6f700de4e810..1051bd7239e0564f408711809c2b40f0ab4603c1 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java
+++ b/org.argeo.cms/src/org/argeo/cms/widgets/auth/CmsLogin.java
@@ -17,6 +17,7 @@ import javax.security.auth.callback.LanguageCallback;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
@@ -263,8 +264,10 @@ public class CmsLogin implements CmsStyles, CallbackHandler {
                        new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
                        loginContext = new LoginContext(LOGIN_CONTEXT_USER, subject, this);
                        loginContext.login();
+               } catch (FailedLoginException e) {
+                       log.warn(e.getMessage());
+                       return false;
                } catch (LoginException e) {
-                       // throw new CmsException("Cannot authenticate", e1);
                        log.error("Cannot login", e);
                        return false;
                }

diff --git a/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/RapWorkbenchLogin.java b/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/RapWorkbenchLogin.java
index 790e6175d289a7243c4958c65918eb83598ba479..7bf487a887d02369c14ba4bb935056cdbd1efb20 100644 (file)
--- a/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/RapWorkbenchLogin.java
+++ b/org.argeo.security.ui.rap/src/org/argeo/security/ui/rap/RapWorkbenchLogin.java
@@ -4,6 +4,7 @@ import java.security.PrivilegedAction;
 import java.util.Locale;
 
 import javax.security.auth.Subject;
+import javax.security.auth.x500.X500Principal;
 
 import org.argeo.cms.CmsMsg;
 import org.argeo.cms.auth.CurrentUser;
@@ -44,6 +45,11 @@ public class RapWorkbenchLogin extends LoginEntryPoint {
        @Override
        protected int postLogin() {
                final Display display = Display.getCurrent();
+               Subject subject = getSubject();
+               if (subject.getPrincipals(X500Principal.class).isEmpty()) {
+                       RWT.getClient().getService(JavaScriptExecutor.class)
+                                       .execute("location.reload()");
+               }
                //
                // RUN THE WORKBENCH
                //