Commit eea3adb3 authored by Sascha Herzinger's avatar Sascha Herzinger
Browse files

feedback by piotr

parent 7dc02a8d
Pipeline #11785 failed with stage
in 10 minutes and 19 seconds
......@@ -40,7 +40,7 @@ public class UserController extends BaseController {
*/
@GetMapping(value = "/isSessionValid")
@PreAuthorize("isAuthenticated() and authentication.name != '" + Configuration.ANONYMOUS_LOGIN + "'")
public Object isSessionValid(Authentication authentication) {
public Object isSessionValid() {
return new TreeMap<>();
}
......
package lcsb.mapviewer.web.config;
import com.unboundid.ldap.sdk.LDAPException;
import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.model.user.User;
import lcsb.mapviewer.services.UserDTO;
import lcsb.mapviewer.services.interfaces.ILdapService;
......@@ -16,7 +15,6 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
@Order(2)
......@@ -26,24 +24,21 @@ public class LdapAuthenticationProvider implements AuthenticationProvider {
private IUserService userService;
private ILdapService ldapService;
private UserDetailsService userDetailsService;
private PasswordEncoder passwordEncoder;
@Autowired
public LdapAuthenticationProvider(IUserService userService,
ILdapService ldapService,
UserDetailsService userDetailsService,
PasswordEncoder passwordEncoder) {
UserDetailsService userDetailsService) {
this.userService = userService;
this.ldapService = ldapService;
this.userDetailsService = userDetailsService;
this.passwordEncoder = passwordEncoder;
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String username = authentication.getName().toLowerCase();
if (username.isEmpty()) {
throw new UsernameNotFoundException("Invalid username.");
throw new BadCredentialsException("Invalid username.");
}
boolean ldapLoginSuccess;
......@@ -83,7 +78,6 @@ public class LdapAuthenticationProvider implements AuthenticationProvider {
}
User newUser = new User();
newUser.setLogin(userDTO.getLogin());
newUser.setCryptedPassword(passwordEncoder.encode((String) authentication.getCredentials()));
newUser.setConnectedToLdap(true);
newUser.setName(userDTO.getFirstName());
newUser.setSurname(userDTO.getLastName());
......
......@@ -5,6 +5,7 @@ import lcsb.mapviewer.services.interfaces.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.Authentication;
......@@ -45,7 +46,7 @@ public class LocalAuthenticationProvider implements AuthenticationProvider {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String username = authentication.getName();
if (username.isEmpty()) {
throw new UsernameNotFoundException("Username must not be empty.");
throw new BadCredentialsException("Username must not be empty.");
}
User user = userService.getUserByLogin(username);
if (user == null || user.isConnectedToLdap()) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment