| %line | %branch | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| org.apache.jetspeed.security.spi.impl.ValidatePasswordOnLoadInterceptor |
|
|
| 1 | /* |
|
| 2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
| 3 | * contributor license agreements. See the NOTICE file distributed with |
|
| 4 | * this work for additional information regarding copyright ownership. |
|
| 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
| 6 | * (the "License"); you may not use this file except in compliance with |
|
| 7 | * the License. You may obtain a copy of the License at |
|
| 8 | * |
|
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
| 10 | * |
|
| 11 | * Unless required by applicable law or agreed to in writing, software |
|
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
| 14 | * See the License for the specific language governing permissions and |
|
| 15 | * limitations under the License. |
|
| 16 | */ |
|
| 17 | package org.apache.jetspeed.security.spi.impl; |
|
| 18 | ||
| 19 | import org.apache.commons.logging.Log; |
|
| 20 | import org.apache.commons.logging.LogFactory; |
|
| 21 | import org.apache.jetspeed.security.SecurityException; |
|
| 22 | import org.apache.jetspeed.security.om.InternalCredential; |
|
| 23 | import org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor; |
|
| 24 | import org.apache.jetspeed.security.spi.PasswordCredentialProvider; |
|
| 25 | ||
| 26 | /** |
|
| 27 | * <p> |
|
| 28 | * Checks if a (pre)set password in the persitent store is valid according to the configured |
|
| 29 | * {@link PasswordCredentialProvider#getValidator() validator} when loaded from the persistent store.</p> |
|
| 30 | * <p> |
|
| 31 | * If the password checks out to be invalid, an error is logged and the credential is flagged to be |
|
| 32 | * {@link InternalCredential#isUpdateRequired() updateRequired}.</p> |
|
| 33 | * |
|
| 34 | * @author <a href="mailto:ate@douma.nu">Ate Douma</a> |
|
| 35 | * @version $Id$ |
|
| 36 | */ |
|
| 37 | 0 | public class ValidatePasswordOnLoadInterceptor extends AbstractInternalPasswordCredentialInterceptorImpl |
| 38 | { |
|
| 39 | 0 | private static final Log log = LogFactory.getLog(InternalPasswordCredentialInterceptor.class); |
| 40 | ||
| 41 | /** |
|
| 42 | * @return true is the password was invalid and update is required |
|
| 43 | * @see org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor#afterLoad(org.apache.jetspeed.security.spi.PasswordCredentialProvider, java.lang.String, org.apache.jetspeed.security.om.InternalCredential) |
|
| 44 | */ |
|
| 45 | public boolean afterLoad(PasswordCredentialProvider pcProvider, String userName, InternalCredential credential) |
|
| 46 | throws SecurityException |
|
| 47 | { |
|
| 48 | 0 | boolean updated = false; |
| 49 | 0 | if (!credential.isEncoded() && pcProvider.getValidator() != null ) |
| 50 | { |
|
| 51 | try |
|
| 52 | { |
|
| 53 | 0 | pcProvider.getValidator().validate(credential.getValue()); |
| 54 | } |
|
| 55 | 0 | catch (SecurityException e) |
| 56 | { |
|
| 57 | 0 | log.error("Loaded password for user "+userName+" is invalid. The user will be required to change it."); |
| 58 | // persitent store contains an invalid password |
|
| 59 | // allow login (assuming the user knows the invalid value) but enforce an update |
|
| 60 | 0 | credential.setUpdateRequired(true); |
| 61 | 0 | updated = true; |
| 62 | 0 | } |
| 63 | } |
|
| 64 | 0 | return updated; |
| 65 | } |
|
| 66 | } |
| This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |