List of usage examples for org.springframework.security.ldap.ppolicy PasswordPolicyResponseControl getTimeBeforeExpiration
public int getTimeBeforeExpiration()
From source file:org.medici.bia.security.BiaLdapUserDetailsMapper.java
/** * /* w w w . ja v a 2 s. c om*/ * @param ctx * @param username * @param authorities * @return UserDetails */ @Transactional(readOnly = false, propagation = Propagation.REQUIRED) @Override public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) { BiaLdapUserDetailsImpl.Essence essence = new BiaLdapUserDetailsImpl.Essence(ctx); Object passwordValue = ctx.getObjectAttribute(passwordAttributeName); User user = null; if (passwordValue != null) { essence.setPassword(mapPassword(passwordValue)); } essence.setUsername(username); // Map the roles for (int i = 0; (roleAttributes != null) && (i < roleAttributes.length); i++) { String[] rolesForAttribute = ctx.getStringAttributes(roleAttributes[i]); if (rolesForAttribute == null) { logger.debug("Couldn't read role attribute '" + roleAttributes[i] + "' for user " + ctx.getNameInNamespace()); continue; } for (int j = 0; j < rolesForAttribute.length; j++) { GrantedAuthority authority = createAuthority(rolesForAttribute[j]); if (authority != null) { essence.addAuthority(authority); } } } // Add the supplied authorities for (GrantedAuthority authority : authorities) { essence.addAuthority(authority); } // Check for PPolicy data PasswordPolicyResponseControl ppolicy = (PasswordPolicyResponseControl) ctx .getObjectAttribute(PasswordPolicyControl.OID); if (ppolicy != null) { essence.setTimeBeforeExpiration(ppolicy.getTimeBeforeExpiration()); essence.setGraceLoginsRemaining(ppolicy.getGraceLoginsRemaining()); } BiaLdapUserDetailsImpl docSourcesLdapUserDetailsImpl = essence.createUserDetails(); try { user = getUserDAO().findUser(docSourcesLdapUserDetailsImpl.getUsername()); if (user != null) { user.setLastLoginDate(user.getCurrentLoginDate()); user.setCurrentLoginDate(new Date()); user.setBadLogin(0); getUserDAO().merge(user); } else { // If user is null, we need to create user record... user = new User(docSourcesLdapUserDetailsImpl.getUsername()); Calendar expirationDate = Calendar.getInstance(); expirationDate.add(Calendar.MONTH, NumberUtils.createInteger( ApplicationPropertyManager.getApplicationProperty("user.expiration.user.months"))); user.setExpirationDate(expirationDate.getTime()); Calendar expirationPasswordDate = Calendar.getInstance(); expirationPasswordDate.add(Calendar.MONTH, NumberUtils.createInteger( ApplicationPropertyManager.getApplicationProperty("user.expiration.password.months"))); user.setExpirationPasswordDate(expirationPasswordDate.getTime()); user.setBadLogin(0); user.setActive(true); user.setLocked(false); user.setRegistrationDate(new Date()); user.setActivationDate(new Date()); user.setLastLoginDate(user.getCurrentLoginDate()); user.setCurrentLoginDate(new Date()); user.setForumNumberOfPost(new Long(0)); getUserDAO().persist(user); } } catch (PersistenceException persistenceException) { logger.error("Exception during user update", persistenceException); } if (!user.getActive()) { throw new DisabledException("User is not activated"); } //MD: This code isn't implemented /*if (!user.getApproved()) throw new AccountNotApprovedException("User is not approved");*/ if (!user.getExpirationDate().after(new Date())) { throw new AccountExpiredException("User is expired"); } if (user.getLocked()) { throw new LockedException("User is locked"); } return docSourcesLdapUserDetailsImpl; }
From source file:org.springframework.security.ldap.userdetails.LdapUserDetailsMapper.java
@Override public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) { String dn = ctx.getNameInNamespace(); this.logger.debug("Mapping user details from context with DN: " + dn); LdapUserDetailsImpl.Essence essence = new LdapUserDetailsImpl.Essence(); essence.setDn(dn);/*w w w .j ava2 s .c o m*/ Object passwordValue = ctx.getObjectAttribute(this.passwordAttributeName); if (passwordValue != null) { essence.setPassword(mapPassword(passwordValue)); } essence.setUsername(username); // Map the roles for (int i = 0; (this.roleAttributes != null) && (i < this.roleAttributes.length); i++) { String[] rolesForAttribute = ctx.getStringAttributes(this.roleAttributes[i]); if (rolesForAttribute == null) { this.logger.debug("Couldn't read role attribute '" + this.roleAttributes[i] + "' for user " + dn); continue; } for (String role : rolesForAttribute) { GrantedAuthority authority = createAuthority(role); if (authority != null) { essence.addAuthority(authority); } } } // Add the supplied authorities for (GrantedAuthority authority : authorities) { essence.addAuthority(authority); } // Check for PPolicy data PasswordPolicyResponseControl ppolicy = (PasswordPolicyResponseControl) ctx .getObjectAttribute(PasswordPolicyControl.OID); if (ppolicy != null) { essence.setTimeBeforeExpiration(ppolicy.getTimeBeforeExpiration()); essence.setGraceLoginsRemaining(ppolicy.getGraceLoginsRemaining()); } return essence.createUserDetails(); }