protected void processAuthenticationResponse(HttpServletRequest request,

1. protected void processAuthenticationResponse(HttpServletRequest request,
2. HttpServletResponse response, AuthenticationContext context)
3. throws AuthenticationFailedException {
4.  
5. String username = request.getParameter("username");
6. String password = request.getParameter("password");
7.  
8. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>> username: " + username);
9. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>> password: " + password);
10.  
11. boolean isAuthenticated = false;
12.  
13. // Check the authentication
14. try {
15. int tenantId = IdentityUtil.getTenantIdOFUser(username);
16. UserRealm userRealm = BasicCustomAuthenticatorComponent.getRealmService()
17. .getTenantUserRealm(tenantId);
18.  
19. if (userRealm != null) {
20. UserStoreManager userStoreManager = (UserStoreManager)userRealm.getUserStoreManager();
21. isAuthenticated = userStoreManager.authenticate(MultitenantUtils.getTenantAwareUsername(username),password);
22.  
23. Map<String, String> parameterMap = getAuthenticatorConfig().getParameterMap();
24. String FrstPWDUseOccrClaim = null;
25. if(parameterMap != null) {
26. FrstPWDUseOccrClaim = parameterMap.get("firstUsePwdEventClaimUri");
27. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>> FrstPWDUseOccrClaim: " + FrstPWDUseOccrClaim);
28. }
29. if (FrstPWDUseOccrClaim == null) {
30. FrstPWDUseOccrClaim = "http://wso2.org/claims/firstUsePwdEvent";
31. System.out.println("+++++++++++++++++++++++++ FrstPWDUseOccrClaim: " + FrstPWDUseOccrClaim);
32. }
33. if(log.isDebugEnabled()) {
34. log.debug("first use pwd event claim has been set as : " + FrstPWDUseOccrClaim);
35. }
36.  
37. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> MultitenantUtils.getTenantAwareUsername(username) : "+ MultitenantUtils.getTenantAwareUsername(username));
38.  
39. String frstPWDUseOccr = userStoreManager.getUserClaimValue(MultitenantUtils.getTenantAwareUsername(username),
40. FrstPWDUseOccrClaim, null);
41. boolean isFrstPWDUseOccr = false;
42. if (frstPWDUseOccr!=null)
43. isFrstPWDUseOccr = frstPWDUseOccr.equalsIgnoreCase("1");
44. if (isAuthenticated && isFrstPWDUseOccr) {
45. System.out.println("user password must be changed! due to userPassword used first!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
46. if (log.isDebugEnabled()) {
47. log.debug("user password must be changed! due to userPassword used first");
48. }
49. //todo
50. AuthenticationContext authenticationContext = FrameworkUtils.getContextData(request);
51. String redirectURL = CarbonUIUtil.getAdminConsoleURL(request);
52. System.out.println(">>>>>>>>>>>>>>>>>>>>>>> : redirectURL before changes: " + redirectURL);
53. redirectURL = redirectURL.replace("commonauth/carbon/", "authenticationendpoint/pwdreset.do");
54.  
55.  
56. String queryParams = FrameworkUtils
57. .getQueryStringWithFrameworkContextId(context.getQueryParams(),
58. context.getCallerSessionKey(),
59. context.getContextIdentifier());
60. queryParams += "&authenticators=" + getName() + ":" + "LOCAL";
61. //redirectURL += "?" + queryParams;
62. System.out.println(">>>>>>>>>>>>>>>>>>>>>> authenticationContext.getRelyingParty() :" + authenticationContext.getRelyingParty());
63. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>> context.getCallerPath() : before changes : " + context.getCallerPath());
64. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>maxLoginAttemptCount : " + ConfigurationFacade.getInstance().getMaxLoginAttemptCount());
65. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>> context.getSessionIdentifier() : " + context.getSessionIdentifier());
66. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>> context.getCallerSessionKey() : " + context.getCallerSessionKey());
67. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>> context.getContextIdentifier() : " + context.getContextIdentifier());
68. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>> context.getContextIdIncludedQueryParams() : " + context.getContextIdIncludedQueryParams());
69. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>> : request.getParameter(sessionDataKey) : " + request.getParameter("sessionDataKey"));
70. String loginPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL();
71. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>> : loginPage" + loginPage);
72. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> context.getQueryParams() :" + context.getQueryParams());
73. System.out.println(">>>>>>>>>>>>>>>>>>>>>>>> redirectURL : " + redirectURL);
74. context.setProperty("username", username);
75. context.setProperty("queryParams", queryParams);
76. context.setCallerPath(redirectURL);
77. context.setSubject(username);
78.  
79. /*
80.  
81. String redirectURL = CarbonUIUtil.getAdminConsoleURL(request);
82. redirectURL = redirectURL.replace("commonauth/carbon/", "authenticationendpoint/pwdreset.do");
83. response.sendRedirect(redirectURL);
84. */
85. } else {
86. System.out.println("user password must be not changed! due to userPassword first is not occured!!!!!!!!!!!!!!!!!!!!!");
87. }
88. } else {
89. throw new AuthenticationFailedException("Cannot find the user realm for the given tenant: " + tenantId);
90. }
91. } catch (IdentityException e) {
92. log.error("CustomAuthentication failed while trying to get the tenant ID of the use", e);
93. throw new AuthenticationFailedException(e.getMessage(), e);
94. } catch (org.wso2.carbon.user.api.UserStoreException e) {
95. log.error("CustomAuthentication failed while trying to authenticate", e);
96. throw new AuthenticationFailedException(e.getMessage(), e);
97. /*
98. } catch (IOException e) {
99. throw new AuthenticationFailedException(e.getMessage(), e);
100. */
101. }
102.  
103. redirectURL = redirectURL+.replace("commonauth/carbon/", "authenticationendpoint/pwdreset.do?"+AssertionConsumerURL);