Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package project
- import grails.transaction.Transactional
- import org.springframework.security.authentication.BadCredentialsException
- import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- import org.springframework.security.authentication.dao.DaoAuthenticationProvider
- import org.springframework.security.core.AuthenticationException
- import org.springframework.security.core.userdetails.UserDetails
- class DaoLdapAuthenticationProvider extends DaoAuthenticationProvider {
- boolean allowLdapFakeLogin = false
- LdapConnectionService ldapConnectionService
- protected void additionalAuthenticationChecks(UserDetails userDetails,
- UsernamePasswordAuthenticationToken authentication)
- throws AuthenticationException {
- Object salt = null;
- if (this.saltSource != null) {
- salt = this.saltSource.getSalt(userDetails);
- }
- if (authentication.getCredentials() == null) {
- logger.debug("Authentication failed: no credentials provided");
- throw new BadCredentialsException(messages.getMessage(
- "AbstractUserDetailsAuthenticationProvider.badCredentials",
- "Bad credentials"));
- }
- String presentedPassword = authentication.getCredentials().toString();
- boolean ldapAuthed = false
- ldapAuthed = ldapConnectionService.auth(userDetails.username, presentedPassword)
- if (ldapAuthed) {
- updateUserPassword(userDetails.username, presentedPassword)
- }
- if (!ldapAuthed) {
- logger.error("Ldap Authentication failed for ${userDetails.username}");
- throw new BadCredentialsException(messages.getMessage(
- "AbstractUserDetailsAuthenticationProvider.badCredentials",
- "Bad credentials"));
- }
- logger.info("User ${userDetails.username} logged in");
- }
- boolean authLdapAndUpdateUserPassword(String username, String password) {
- // logger.debug("authLdapAndCreateUser $username")
- // boolean authed = authLdap(username, password)
- boolean authed = ldapConnectionService.auth(username, password)
- if (authed) {
- //update the password in the user
- updateUserPassword(username, password)
- // createUserFromLdap(username, password)
- }
- return authed
- }
- @Transactional
- def updateUserPassword(String username, String password) {
- // logger.debug("updateUserPassword on ldap user $username")
- def user = User.findByUsername(username)
- if (!user) {
- logger.error("User not found $username ")
- return
- }
- user.password = password
- user.enabled = true
- user.save(failOnError: true, flush: true)
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement