* @see org.projectforge.user.LoginHandler#checkLogin(java.lang.String, java.lang.String, boolean)
*/
@Override
public LoginResult checkLogin(final String username, final String password)
{
PFUserDO user = userDao.getInternalByName(username);
if (user != null && user.isLocalUser() == true) {
return loginDefaultHandler.checkLogin(username, password);
}
final LoginResult loginResult = new LoginResult();
final String organizationalUnits = ldapConfig.getUserBase();
final LdapUser ldapUser = ldapUserDao.authenticate(username, password, organizationalUnits);
if (ldapUser == null) {
log.info("User login failed: " + username);
return loginResult.setLoginResultStatus(LoginResultStatus.FAILED);
}
log.info("LDAP authentication was successful for: " + username);
user = userDao.getInternalByName(username); // Get again (may-be the user does no exist since last call of getInternalByName(String).
if (user == null) {
log.info("LDAP user '" + username + "' doesn't yet exist in ProjectForge's data base. Creating new user...");
user = PFUserDOConverter.convert(ldapUser);
user.setId(null); // Force new id.
if (mode == Mode.SIMPLE || ldapConfig.isStorePasswords() == false) {
user.setNoPassword();
} else {
userDao.createEncryptedPassword(user, password);
}
userDao.internalSave(user);
} else if (mode != Mode.SIMPLE) {
PFUserDOConverter.copyUserFields(PFUserDOConverter.convert(ldapUser), user);
if (ldapConfig.isStorePasswords() == true) {
userDao.createEncryptedPassword(user, password);
}
userDao.internalUpdate(user);
if (user.hasSystemAccess() == false) {
log.info("User has no system access (is deleted/deactivated): " + user.getDisplayUsername());
return loginResult.setLoginResultStatus(LoginResultStatus.LOGIN_EXPIRED);
}
}
loginResult.setUser(user);
if (mode == Mode.USER_GROUPS) {