Here is a snippet of code from an EP5 iView I wrote a long time ago...:
public void onChange (Event event)
throws PageException {
state = RESULT_STATE;
Hashtable env = new Hashtable();
InputField userid = (InputField) getComponentByName("userid");
InputField password = (InputField) getComponentByName("password");
m_request = (IPortalComponentRequest) getRequest();
IUserManagementService us = (IUserManagementService) m_request.getService("usermanagement");
IPortalComponentProfile userProfile = m_request.getComponentContext().getProfile();
boolean isADS = false;
String getDC = userProfile.getProperty("useADS");
if (getDC != null && (getDC.equalsIgnoreCase("yes") || getDC.equalsIgnoreCase("true"))) {
isADS = true;
}
String authSvr = userProfile.getProperty("LDAPHost");
String root = userProfile.getProperty("LDAPOrg");
if (authSvr == null || authSvr.length() == 0) {
IRepositories reps = us.getRepositories();
IRepository rep = reps.getRepository("Corporate Authentication Server");
authSvr = "ldap://" + rep.getServer(0) + ":" + rep.getPort(0);
root = rep.getRoot(0);
}
String sPrincID = userProfile.getProperty("LDAPPrincipal");
if (sPrincID == null || sPrincID.length() == 0) {
sPrincID = "cn";
}
String sUser = userid.getValueAsDataType().toString();
String sPassword = password.getValueAsDataType().toString();
mLogin = us.getAuthenticator();
if ((user = mLogin.getLoggedInUser(m_request.getServletRequest(), m_request.getServletResponse(false), null)) == null) {
passwordCheck = false;
return;
}
if (isADS==true || sUser.equalsIgnoreCase(user.getId())) { // did they get the ID correct?
StringBuffer sPrincipal = new StringBuffer();
if (isADS==true) {
sPrincipal.append(sUser); // ADS
} else {
sPrincipal.append(sPrincID.concat("="));
sPrincipal.append(sUser);
sPrincipal.append(", ");
sPrincipal.append(root);
}
if (env.isEmpty()) {
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, authSvr); // Other
if (isADS==true) {
env.put(Context.SECURITY_AUTHENTICATION, "simple");
}
env.put(Context.SECURITY_PRINCIPAL, sPrincipal.toString());
env.put(Context.SECURITY_CREDENTIALS, sPassword);
}
try {
DirContext ctx = new InitialDirContext(env);
// if we got here, everything is OK...
passwordCheck = true;
StringBuffer err = new StringBuffer();
err.append("Autheticated user principal:");
err.append(sPrincipal);
err.append("; pass=" + sPassword);
err.append(";ldaphost=" + authSvr);
result = err.toString();
m_request.getLogger("iview_logger").info("AuthCheckPage: Authcheck OK: " + result);
} catch (NamingException e) {
StringBuffer err = new StringBuffer();
err.append(" Failed to autheticate user principal:");
err.append(sPrincipal);
err.append("; pass=" + sPassword);
err.append(";ldaphost=" + authSvr);
err.append(";error = " + e.toString());
String reason = e.getExplanation();
if ( reason != null && reason.indexOf("error code 49") != -1 ) {
//Invalid password
err.append("WARNING, USER PROVIDED INCORRECT PASSWORD");
} else if ( reason != null && reason.indexOf("password expired") != -1 ) {
err.append("WARNING, USER HAS EXPIRED ACCOUNT");
} else {
err.append(e);
}
result = err.toString();
m_request.getLogger("iview_logger").warning("AuthCheckPage: Authcheck failed: " + result);
failedCheck = true;
passwordCheck = false;
}
} else {
failedCheck = true;
passwordCheck = false;
result = "User ID is not the same as the logged in user";
}
}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.