diff --git a/README.md b/README.md
index 68f8b6bc..84187184 100644
--- a/README.md
+++ b/README.md
@@ -81,7 +81,7 @@
| --------| :----- | :---- | :----: |
| v 1.3.0 GA | 2020/04/04 | 链接下载 | **20bj** |
| v 1.2.1 GA | 2020/02/29 | 链接下载 | **yutq** |
-| v 1.2.0 GA | 2020/01/18 | 链接下载 | **6bda** |
+| v 1.2.0 GA | 2020/01/18 | 链接下载 | **6bda** |
| v 1.0 GA | 2019/12/06 | 链接下载 | **g17z** |
------------
diff --git a/docs/authn/social.md b/docs/authn/social.md
index 2c5c51d1..5947f4e0 100644
--- a/docs/authn/social.md
+++ b/docs/authn/social.md
@@ -19,7 +19,7 @@
认证配置
文件
-maxkey/config/applicationLogin.properties
+maxkey/config/applicationConfig.properties
#enable social sign on
diff --git a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
index bc378f84..5da48b5a 100644
--- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@@ -13,7 +13,6 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
@@ -70,12 +69,10 @@ public abstract class AbstractAuthenticationProvider {
_logger.error("Failed to authenticate user {} via {}: {}",
new Object[] {
authentication.getPrincipal(), getProviderName(), e.getMessage() });
- throw e;
} catch (Exception e) {
e.printStackTrace();
String message = "Unexpected exception in " + getProviderName() + " authentication:";
- _logger.error(message, e);
- throw new AuthenticationServiceException(message, e);
+ _logger.error("Login error " + message, e);
}
if (!authentication.isAuthenticated()) {
return authentication;
@@ -143,11 +140,16 @@ public abstract class AbstractAuthenticationProvider {
}
protected void authTypeValid(String authType) {
- if (authType == null) {
- String message = WebContext.getI18nValue("login.error.authtype");
- _logger.debug("login AuthN type can not been null .");
- throw new BadCredentialsException(message);
+ final String message = WebContext.getI18nValue("login.error.authtype");
+ _logger.debug("Login AuthN Type " + authType);
+ if (authType != null && (
+ authType.equalsIgnoreCase("basic")
+ || authType.equalsIgnoreCase("tfa"))
+ ) {
+ return;
}
+ _logger.debug("Login AuthN type must eq basic or tfa .");
+ throw new BadCredentialsException(message);
}
/**
@@ -157,19 +159,17 @@ public abstract class AbstractAuthenticationProvider {
* @param captcha String
*/
protected void captchaValid(String captcha, String authType) {
- if (applicationConfig.getLoginConfig().isCaptcha()) {
- // for basic
- if (authType.equalsIgnoreCase("common")) {
- _logger.info("captcha : "
- + WebContext.getSession().getAttribute(
- WebConstants.KAPTCHA_SESSION_KEY).toString());
- if (captcha == null || !captcha
- .equals(WebContext.getSession().getAttribute(
- WebConstants.KAPTCHA_SESSION_KEY).toString())) {
- String message = WebContext.getI18nValue("login.error.captcha");
- _logger.debug("login captcha valid error.");
- throw new BadCredentialsException(message);
- }
+ // for basic
+ if (applicationConfig.getLoginConfig().isCaptcha() && authType.equalsIgnoreCase("basic")) {
+ _logger.info("captcha : "
+ + WebContext.getSession().getAttribute(
+ WebConstants.KAPTCHA_SESSION_KEY).toString());
+ if (captcha == null || !captcha
+ .equals(WebContext.getSession().getAttribute(
+ WebConstants.KAPTCHA_SESSION_KEY).toString())) {
+ String message = WebContext.getI18nValue("login.error.captcha");
+ _logger.debug("login captcha valid error.");
+ throw new BadCredentialsException(message);
}
}
}
@@ -183,22 +183,19 @@ public abstract class AbstractAuthenticationProvider {
*/
protected void tftcaptchaValid(String otpCaptcha, String authType, UserInfo userInfo) {
// for one time password 2 factor
- if (applicationConfig.getLoginConfig().isOneTimePwd()) {
- if (authType.equalsIgnoreCase("tfa")) {
- UserInfo validUserInfo = new UserInfo();
- validUserInfo.setUsername(userInfo.getUsername());
- String sharedSecret =
- PasswordReciprocal.getInstance().decoder(userInfo.getSharedSecret());
- validUserInfo.setSharedSecret(sharedSecret);
- validUserInfo.setSharedCounter(userInfo.getSharedCounter());
- validUserInfo.setId(userInfo.getId());
- if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) {
- String message = WebContext.getI18nValue("login.error.captcha");
- _logger.debug("login captcha valid error.");
- throw new BadCredentialsException(message);
- }
+ if (applicationConfig.getLoginConfig().isOneTimePwd() && authType.equalsIgnoreCase("tfa")) {
+ UserInfo validUserInfo = new UserInfo();
+ validUserInfo.setUsername(userInfo.getUsername());
+ String sharedSecret =
+ PasswordReciprocal.getInstance().decoder(userInfo.getSharedSecret());
+ validUserInfo.setSharedSecret(sharedSecret);
+ validUserInfo.setSharedCounter(userInfo.getSharedCounter());
+ validUserInfo.setId(userInfo.getId());
+ if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) {
+ String message = WebContext.getI18nValue("login.error.captcha");
+ _logger.debug("login captcha valid error.");
+ throw new BadCredentialsException(message);
}
-
}
}
diff --git a/maxkey-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java b/maxkey-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
index f3d941de..2137cfc1 100644
--- a/maxkey-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
@@ -6,9 +6,7 @@ import java.sql.Types;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
-
import javax.servlet.http.HttpServletResponse;
-
import org.joda.time.DateTime;
import org.joda.time.Duration;
import org.joda.time.format.DateTimeFormat;
@@ -125,7 +123,7 @@ public abstract class AbstractAuthenticationRealm {
if (getPasswordPolicy().getExpiration() > 0) {
String passwordLastSetTimeString = userInfo.getPasswordLastSetTime().substring(0, 19);
- _logger.info("last password set date 锛�" + passwordLastSetTimeString);
+ _logger.info("last password set date " + passwordLastSetTimeString);
DateTime currentdateTime = new DateTime();
DateTime changePwdDateTime = DateTime.parse(passwordLastSetTimeString,
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
index d7dfbfae..a3c97a94 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
@@ -7,17 +7,12 @@ import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.RealmAuthenticationProvider;
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
-import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
-import org.maxkey.authn.support.jwt.JwtLoginService;
import org.maxkey.authn.support.kerberos.KerberosService;
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
import org.maxkey.authn.support.wsfederation.WsFederationConstants;
-import org.maxkey.authn.support.wsfederation.WsFederationService;
import org.maxkey.config.ApplicationConfig;
import org.maxkey.dao.service.UserInfoService;
-import org.maxkey.domain.Registration;
import org.maxkey.domain.UserInfo;
import org.maxkey.util.StringUtils;
import org.maxkey.web.WebConstants;