private boolean checkCredentials(MidPointPrincipal principal, T authnCtx, ConnectionEnvironment connEnv) {
UserType userType = principal.getUser();
CredentialsType credentials = userType.getCredentials();
if (credentials == null || getCredential(credentials) == null) {
recordAuthenticationFailure(principal, connEnv, "no credentials in user");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.invalid");
}
CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
// Lockout
if (isLockedOut(getCredential(credentials), credentialsPolicy)) {
recordAuthenticationFailure(principal, connEnv, "password locked-out");
throw new LockedException("web.security.provider.locked");
}
if (suportsAuthzCheck()) {
// Authorizations
if (!hasAnyAuthorization(principal)) {
recordAuthenticationFailure(principal, connEnv, "no authorizations");
throw new DisabledException("web.security.provider.access.denied");
}
}
// Password age
checkPasswordValidityAndAge(connEnv, principal, getCredential(credentials), credentialsPolicy);
return passwordMatches(connEnv, principal, getCredential(credentials), authnCtx);
}
AuthenticationEvaluatorImpl.java 文件源码
java
阅读 22
收藏 0
点赞 0
评论 0
项目:engerek
作者:
评论列表
文章目录
