captcha invalid
验证码登录无效
This commit is contained in:
shimingxy
@@ -19,7 +19,7 @@
|
||||
|
||||
<h3>认证配置</h3>
|
||||
文件
|
||||
maxkey/config/applicationLogin.properties
|
||||
maxkey/config/applicationConfig.properties
|
||||
|
||||
<pre><code class="ini hljs">
|
||||
#enable social sign on
|
||||
|
||||
@@ -13,7 +13,6 @@ import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
@@ -70,12 +69,10 @@ public abstract class AbstractAuthenticationProvider {
|
||||
_logger.error("Failed to authenticate user {} via {}: {}",
|
||||
new Object[] {
|
||||
authentication.getPrincipal(), getProviderName(), e.getMessage() });
|
||||
throw e;
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
String message = "Unexpected exception in " + getProviderName() + " authentication:";
|
||||
_logger.error(message, e);
|
||||
throw new AuthenticationServiceException(message, e);
|
||||
_logger.error("Login error " + message, e);
|
||||
}
|
||||
if (!authentication.isAuthenticated()) {
|
||||
return authentication;
|
||||
@@ -143,11 +140,16 @@ public abstract class AbstractAuthenticationProvider {
|
||||
}
|
||||
|
||||
protected void authTypeValid(String authType) {
|
||||
if (authType == null) {
|
||||
String message = WebContext.getI18nValue("login.error.authtype");
|
||||
_logger.debug("login AuthN type can not been null .");
|
||||
throw new BadCredentialsException(message);
|
||||
final String message = WebContext.getI18nValue("login.error.authtype");
|
||||
_logger.debug("Login AuthN Type " + authType);
|
||||
if (authType != null && (
|
||||
authType.equalsIgnoreCase("basic")
|
||||
|| authType.equalsIgnoreCase("tfa"))
|
||||
) {
|
||||
return;
|
||||
}
|
||||
_logger.debug("Login AuthN type must eq basic or tfa .");
|
||||
throw new BadCredentialsException(message);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -157,9 +159,8 @@ public abstract class AbstractAuthenticationProvider {
|
||||
* @param captcha String
|
||||
*/
|
||||
protected void captchaValid(String captcha, String authType) {
|
||||
if (applicationConfig.getLoginConfig().isCaptcha()) {
|
||||
// for basic
|
||||
if (authType.equalsIgnoreCase("common")) {
|
||||
if (applicationConfig.getLoginConfig().isCaptcha() && authType.equalsIgnoreCase("basic")) {
|
||||
_logger.info("captcha : "
|
||||
+ WebContext.getSession().getAttribute(
|
||||
WebConstants.KAPTCHA_SESSION_KEY).toString());
|
||||
@@ -172,7 +173,6 @@ public abstract class AbstractAuthenticationProvider {
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* captcha validate.
|
||||
@@ -183,8 +183,7 @@ public abstract class AbstractAuthenticationProvider {
|
||||
*/
|
||||
protected void tftcaptchaValid(String otpCaptcha, String authType, UserInfo userInfo) {
|
||||
// for one time password 2 factor
|
||||
if (applicationConfig.getLoginConfig().isOneTimePwd()) {
|
||||
if (authType.equalsIgnoreCase("tfa")) {
|
||||
if (applicationConfig.getLoginConfig().isOneTimePwd() && authType.equalsIgnoreCase("tfa")) {
|
||||
UserInfo validUserInfo = new UserInfo();
|
||||
validUserInfo.setUsername(userInfo.getUsername());
|
||||
String sharedSecret =
|
||||
@@ -198,8 +197,6 @@ public abstract class AbstractAuthenticationProvider {
|
||||
throw new BadCredentialsException(message);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -6,9 +6,7 @@ import java.sql.Types;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.Duration;
|
||||
import org.joda.time.format.DateTimeFormat;
|
||||
@@ -125,7 +123,7 @@ public abstract class AbstractAuthenticationRealm {
|
||||
if (getPasswordPolicy().getExpiration() > 0) {
|
||||
|
||||
String passwordLastSetTimeString = userInfo.getPasswordLastSetTime().substring(0, 19);
|
||||
_logger.info("last password set date 锛<EFBFBD>" + passwordLastSetTimeString);
|
||||
_logger.info("last password set date " + passwordLastSetTimeString);
|
||||
|
||||
DateTime currentdateTime = new DateTime();
|
||||
DateTime changePwdDateTime = DateTime.parse(passwordLastSetTimeString,
|
||||
|
||||
@@ -7,17 +7,12 @@ import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authn.RealmAuthenticationProvider;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
|
||||
import org.maxkey.authn.support.jwt.JwtLoginService;
|
||||
import org.maxkey.authn.support.kerberos.KerberosService;
|
||||
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
|
||||
import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
|
||||
import org.maxkey.authn.support.wsfederation.WsFederationConstants;
|
||||
import org.maxkey.authn.support.wsfederation.WsFederationService;
|
||||
import org.maxkey.config.ApplicationConfig;
|
||||
import org.maxkey.dao.service.UserInfoService;
|
||||
import org.maxkey.domain.Registration;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.util.StringUtils;
|
||||
import org.maxkey.web.WebConstants;
|
||||
|
||||
Reference in New Issue
Block a user