gluu
公開メンバ関数 | 公開変数類 | 全メンバ一覧
BasicLockAccountExternalAuthenticator.PersonAuthentication クラス
BasicLockAccountExternalAuthenticator.PersonAuthentication の継承関係図
Inheritance graph
BasicLockAccountExternalAuthenticator.PersonAuthentication 連携図
Collaboration graph

公開メンバ関数

def __init__ (self, currentTimeMillis)
 
def init (self, configurationAttributes)
 
def destroy (self, configurationAttributes)
 
def getApiVersion (self)
 
def isValidAuthenticationMethod (self, usageType, configurationAttributes)
 
def getAlternativeAuthenticationMethod (self, usageType, configurationAttributes)
 
def authenticate (self, configurationAttributes, requestParameters, step)
 
def prepareForStep (self, configurationAttributes, requestParameters, step)
 
def getExtraParametersForStep (self, configurationAttributes, step)
 
def getCountAuthenticationSteps (self, configurationAttributes)
 
def getPageForStep (self, configurationAttributes, step)
 
def logout (self, configurationAttributes, requestParameters)
 
def getUserAttributeValue (self, user_name, attribute_name)
 
def setUserAttributeValue (self, user_name, attribute_name, attribute_value)
 
def lockUser (self, user_name, maxCount)
 

公開変数類

 currentTimeMillis
 
 invalidLoginCountAttribute
 
 maximumInvalidLoginAttemps
 
 lockExpirationTime
 

詳解

構築子と解体子

◆ __init__()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.__init__ (   self,
  currentTimeMillis 
)
21  def __init__(self, currentTimeMillis):
22  self.currentTimeMillis = currentTimeMillis
23 

関数詳解

◆ authenticate()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.authenticate (   self,
  configurationAttributes,
  requestParameters,
  step 
)
64  def authenticate(self, configurationAttributes, requestParameters, step):
65  authenticationService = CdiUtil.bean(AuthenticationService)
66 
67  if step == 1:
68  print "Basic (lock account). Authenticate for step 1"
69  facesMessages = CdiUtil.bean(FacesMessages)
70  facesMessages.setKeepMessages()
71  identity = CdiUtil.bean(Identity)
72  credentials = identity.getCredentials()
73  user_name = credentials.getUsername()
74  user_password = credentials.getPassword()
75  cacheService= CdiUtil.bean(CacheService)
76  userService = CdiUtil.bean(UserService)
77 
78 
79  logged_in = False
80  if (StringHelper.isNotEmptyString(user_name) and StringHelper.isNotEmptyString(user_password)):
81  try:
82  logged_in = authenticationService.authenticate(user_name, user_password)
83  except AuthenticationException:
84  print "Basic (lock account). Authenticate. Failed to authenticate user '%s'" % user_name
85 
86  if not logged_in:
87  countInvalidLoginArributeValue = self.getUserAttributeValue(user_name, self.invalidLoginCountAttribute)
88  userSatus = self.getUserAttributeValue(user_name, "gluuStatus")
89  print "Current user status %s" %userSatus
90  countInvalidLogin = StringHelper.toInteger(countInvalidLoginArributeValue, 0)
91 
92  if countInvalidLogin < self.maximumInvalidLoginAttemps:
93  countInvalidLogin = countInvalidLogin + 1
94  remainingAttempts=self.maximumInvalidLoginAttemps-countInvalidLogin
95  print "Remainings counts %s" %remainingAttempts
96  self.setUserAttributeValue(user_name, self.invalidLoginCountAttribute, StringHelper.toString(countInvalidLogin))
97  if remainingAttempts > 0 and userSatus =="active":
98  facesMessages.add(FacesMessage.SEVERITY_INFO, StringHelper.toString(remainingAttempts)+" more attempt(s) before account is LOCKED!")
99 
100 
101  if countInvalidLogin >= self.maximumInvalidLoginAttemps:
102  self.lockUser(user_name, self.maximumInvalidLoginAttemps)
103 
104  object_from_store = cacheService.get(None, "lock_user_" + user_name);
105  if object_from_store == None and countInvalidLogin >= self.maximumInvalidLoginAttemps:
106  print "Basic (lock account).Lock Expired for '%s'" % user_name
107  find_user_by_uid = userService.getUser(user_name)
108  self.setUserAttributeValue(user_name, "gluuStatus", "active")
109  self.setUserAttributeValue(user_name, self.invalidLoginCountAttribute, "0")
110  logged_in = authenticationService.authenticate(user_name, user_password)
111  return True
112  elif object_from_store != None:
113  print "Basic (lock account). Lock Expiration time is ACTIVE for user '%s'" % user_name
114 
115  return False
116 
117  self.setUserAttributeValue(user_name, self.invalidLoginCountAttribute, StringHelper.toString(0))
118 
119  return True
120  else:
121  return False
122 

◆ destroy()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.destroy (   self,
  configurationAttributes 
)
50  def destroy(self, configurationAttributes):
51  print "Basic (lock account). Destroy"
52  print "Basic (lock account). Destroyed successfully"
53  return True
54 

◆ getAlternativeAuthenticationMethod()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.getAlternativeAuthenticationMethod (   self,
  usageType,
  configurationAttributes 
)
61  def getAlternativeAuthenticationMethod(self, usageType, configurationAttributes):
62  return None
63 

◆ getApiVersion()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.getApiVersion (   self)
55  def getApiVersion(self):
56  return 1
57 

◆ getCountAuthenticationSteps()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.getCountAuthenticationSteps (   self,
  configurationAttributes 
)
133  def getCountAuthenticationSteps(self, configurationAttributes):
134  return 1
135 

◆ getExtraParametersForStep()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.getExtraParametersForStep (   self,
  configurationAttributes,
  step 
)
130  def getExtraParametersForStep(self, configurationAttributes, step):
131  return None
132 

◆ getPageForStep()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.getPageForStep (   self,
  configurationAttributes,
  step 
)
136  def getPageForStep(self, configurationAttributes, step):
137  return ""
138 

◆ getUserAttributeValue()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.getUserAttributeValue (   self,
  user_name,
  attribute_name 
)
142  def getUserAttributeValue(self, user_name, attribute_name):
143  if StringHelper.isEmpty(user_name):
144  return None
145 
146  userService = CdiUtil.bean(UserService)
147 
148  find_user_by_uid = userService.getUser(user_name, attribute_name)
149  if find_user_by_uid == None:
150  return None
151 
152  custom_attribute_value = userService.getCustomAttribute(find_user_by_uid, attribute_name)
153  if custom_attribute_value == None:
154  return None
155 
156  attribute_value = custom_attribute_value.getValue()
157 
158  print "Basic (lock account). Get user attribute. User's '%s' attribute '%s' value is '%s'" % (user_name, attribute_name, attribute_value)
159 
160  return attribute_value
161 

◆ init()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.init (   self,
  configurationAttributes 
)
24  def init(self, configurationAttributes):
25  print "Basic (lock account). Initialization"
26 
27  self.invalidLoginCountAttribute = "oxCountInvalidLogin"
28  if configurationAttributes.containsKey("invalid_login_count_attribute"):
29  self.invalidLoginCountAttribute = configurationAttributes.get("invalid_login_count_attribute").getValue2()
30  else:
31  print "Basic (lock account). Initialization. Using default attribute"
32 
33  self.maximumInvalidLoginAttemps = 3
34  if configurationAttributes.containsKey("maximum_invalid_login_attemps"):
35  self.maximumInvalidLoginAttemps = StringHelper.toInteger(configurationAttributes.get("maximum_invalid_login_attemps").getValue2())
36  else:
37  print "Basic (lock account). Initialization. Using default number attempts"
38 
39  self.lockExpirationTime= 180
40  if configurationAttributes.containsKey("lock_expiration_time"):
41  self.lockExpirationTime= StringHelper.toInteger(configurationAttributes.get("lock_expiration_time").getValue2())
42  else:
43  print "Basic (lock account). Initialization. Using default lock expiration time"
44 
45 
46  print "Basic (lock account). Initialized successfully. invalid_login_count_attribute: '%s', maximum_invalid_login_attemps: '%s'" % (self.invalidLoginCountAttribute, self.maximumInvalidLoginAttemps)
47 
48  return True
49 

◆ isValidAuthenticationMethod()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.isValidAuthenticationMethod (   self,
  usageType,
  configurationAttributes 
)
58  def isValidAuthenticationMethod(self, usageType, configurationAttributes):
59  return True
60 

◆ lockUser()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.lockUser (   self,
  user_name,
  maxCount 
)
179  def lockUser(self, user_name, maxCount):
180  if StringHelper.isEmpty(user_name):
181  return None
182 
183  userService = CdiUtil.bean(UserService)
184  cacheService= CdiUtil.bean(CacheService)
185  object_to_store = "{'locked': true}"
186  facesMessages = CdiUtil.bean(FacesMessages)
187  facesMessages.setKeepMessages()
188 
189  find_user_by_uid = userService.getUser(user_name)
190  if (find_user_by_uid == None):
191  return None
192 
193  status_attribute_value = userService.getCustomAttribute(find_user_by_uid, "gluuStatus")
194  if status_attribute_value != None:
195  user_status = status_attribute_value.getValue()
196  if StringHelper.equals(user_status, "inactive"):
197  print "Basic (lock account). Lock user. User '%s' locked already" % user_name
198  return
199 
200  userService.setCustomAttribute(find_user_by_uid, "gluuStatus", "inactive")
201  updated_user = userService.updateUser(find_user_by_uid)
202  cacheService.put(StringHelper.toString(self.lockExpirationTime), "lock_user_"+user_name, object_to_store);
203  facesMessages.add(FacesMessage.SEVERITY_ERROR, "Your account is locked. Please try again after " + StringHelper.toString(self.lockExpirationTime) + " secs")
204 
205  print "Basic (lock account). Lock user. User '%s' locked" % user_name
206 

◆ logout()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.logout (   self,
  configurationAttributes,
  requestParameters 
)
139  def logout(self, configurationAttributes, requestParameters):
140  return True
141 

◆ prepareForStep()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.prepareForStep (   self,
  configurationAttributes,
  requestParameters,
  step 
)
123  def prepareForStep(self, configurationAttributes, requestParameters, step):
124  if step == 1:
125  print "Basic (lock account). Prepare for Step 1"
126  return True
127  else:
128  return False
129 

◆ setUserAttributeValue()

def BasicLockAccountExternalAuthenticator.PersonAuthentication.setUserAttributeValue (   self,
  user_name,
  attribute_name,
  attribute_value 
)
162  def setUserAttributeValue(self, user_name, attribute_name, attribute_value):
163  if StringHelper.isEmpty(user_name):
164  return None
165 
166  userService = CdiUtil.bean(UserService)
167 
168  find_user_by_uid = userService.getUser(user_name)
169  if find_user_by_uid == None:
170  return None
171 
172  userService.setCustomAttribute(find_user_by_uid, attribute_name, attribute_value)
173  updated_user = userService.updateUser(find_user_by_uid)
174 
175  print "Basic (lock account). Set user attribute. User's '%s' attribute '%s' value is '%s'" % (user_name, attribute_name, attribute_value)
176 
177  return updated_user
178 

メンバ詳解

◆ currentTimeMillis

BasicLockAccountExternalAuthenticator.PersonAuthentication.currentTimeMillis

◆ invalidLoginCountAttribute

BasicLockAccountExternalAuthenticator.PersonAuthentication.invalidLoginCountAttribute

◆ lockExpirationTime

BasicLockAccountExternalAuthenticator.PersonAuthentication.lockExpirationTime

◆ maximumInvalidLoginAttemps

BasicLockAccountExternalAuthenticator.PersonAuthentication.maximumInvalidLoginAttemps
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時45分01秒作成 - gluu / 構成:   doxygen 1.8.13