Package org.olat.login.auth

Source Code of org.olat.login.auth.OLATAuthManager

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
/**
* OLAT - Online Learning and Training<br>
* http://www.olat.org
* <p>
* Licensed under the Apache License, Version 2.0 (the "License"); <br>
* you may not use this file except in compliance with the License.<br>
* You may obtain a copy of the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing,<br>
* software distributed under the License is distributed on an "AS IS" BASIS, <br>
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
* See the License for the specific language governing permissions and <br>
* limitations under the License.
* <p>
* Copyright (c) since 2004 at Multimedia- & E-Learning Services (MELS),<br>
* University of Zurich, Switzerland.
* <p>
*/
package org.olat.login.auth;

import org.olat.basesecurity.Authentication;
import org.olat.basesecurity.ManagerFactory;
import org.olat.core.commons.persistence.DBFactory;
import org.olat.core.id.Identity;
import org.olat.core.logging.AssertException;
import org.olat.core.logging.OLog;
import org.olat.core.logging.Tracing;
import org.olat.core.util.Encoder;
import org.olat.ldap.LDAPError;
import org.olat.ldap.LDAPLoginManager;
import org.olat.ldap.LDAPLoginModule;
import org.olat.ldap.ui.LDAPAuthenticationController;
import org.olat.login.OLATAuthenticationController;

/**
* Description:<br>
* TODO:
*
* <P>
* Initial Date:  26.09.2007 <br>
* @author Felix Jost, http://www.goodsolutions.ch
*/
public class OLATAuthManager {
 
  private static OLog log = Tracing.createLoggerFor(OLATAuthenticationController.class);
 
  /**
   * Change the password of an identity
   * @param doer Identity who is changing the password
   * @param identity Identity who's password is beeing changed.
   * @param newPwd New password.
   * @return True upon success.
   */
  public static boolean changePassword(Identity doer, Identity identity, String newPwd) {
   
    if (doer==null) throw new AssertException("password changing identity cannot be undefined!");
   
    if (identity.getKey() == null) throw new AssertException("cannot change password on a nonpersisted identity");
    // password's length is limited to 128 chars.
    // The 128 bit MD5 hash is converted into a 32 character long String
    String hashedPwd = Encoder.encrypt(newPwd);
   
    //DBFactory.getInstance().reputInHibernateSessionCache(identity);
    //o_clusterREVIEW
    identity = (Identity) DBFactory.getInstance().loadObject(identity);
   
    boolean allOk = false;
   
    Authentication ldapAuth = ManagerFactory.getManager().findAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP);
    if(ldapAuth != null) {
      if(LDAPLoginModule.isPropagatePasswordChangedOnLdapServer()) {
        LDAPError ldapError = new LDAPError();
        LDAPLoginManager.getInstance().changePassword(identity, newPwd, ldapError);
        log.audit(doer.getName() + " change the password on the LDAP server for identity: " + identity.getName());
        allOk = ldapError.isEmpty();

        if(allOk && LDAPLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
          allOk &= changeOlatPassword(doer, identity, hashedPwd);
        }
      }
    }
    else {
      allOk =changeOlatPassword(doer, identity, hashedPwd);
    }
    return allOk;
  }
 
  private static boolean changeOlatPassword(Identity doer, Identity identity, String hashedPwd) {
    Authentication auth = ManagerFactory.getManager().findAuthentication(identity, OLATAuthenticationController.PROVIDER_OLAT);
    if (auth == null) { // create new authentication for provider OLAT
      auth = ManagerFactory.getManager().createAndPersistAuthentication(identity, OLATAuthenticationController.PROVIDER_OLAT, identity.getName(), hashedPwd);
      log.audit(doer.getName() + " created new authenticatin for identity: " + identity.getName());
    }

    auth.setCredential(hashedPwd);
    DBFactory.getInstance().updateObject(auth);
    log.audit(doer.getName() + " set new password for identity: " +identity.getName());
    return true;
  }

  /**
   * to change password without knowing exactly who is changing it -> change as admin
   * @param identity
   * @param newPwd
   * @return
   */
  public static boolean changePasswordAsAdmin(Identity identity, String newPwd) {
    Identity adminUserIdentity = ManagerFactory.getManager().findIdentityByName("administrator");
    return changePassword(adminUserIdentity, identity, newPwd);
  }
 
  /**
   * to change password by password forgotten link at login screen
   * @param identity
   * @param newPwd
   * @return
   */
  public static boolean changePasswordByPasswordForgottenLink(Identity identity, String newPwd) {
    return changePassword(identity, identity, newPwd);
  }
 
}
TOP

Related Classes of org.olat.login.auth.OLATAuthManager

  • org.olat.basesecurity.Authentication
  • org.olat.core.id.Identity
  • org.olat.ldap.LDAPError
  • org.olat.core.logging.AssertException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.