| Displaying useful messages to users after failed authentication [message #1857173] |
Sat, 21 January 2023 10:17 |
 J D
Messages: 99
Registered: February 2021 |
Member |
|
|
Hi there everyone,
I have a custom CredentialVerifier that I want to use to check for password validity and other issues related to user authentication.
I would like to be able to either
a) display a message box to the user if authentication failed
b) or, display a message as a string of text at the bottom of the login window
At the moment, I'm working on the first option but will eventually adopt the second option because it seems to be the accepted practice nowadays.
My problem at the moment is I cannot get the message box to appear when authentication fails. My throw new VetoException() calls do not produce the message box.
Here is my CredentialVerifier:
package org.eclipse.scout.apps.ygapp.shared.security;
public class RestCredentialVerifier implements ICredentialVerifier {
private static final Logger LOG = LoggerFactory.getLogger(RestCredentialVerifier.class);
@Override
public int verify(String username, char[] passwordPlainText) throws IOException {
LOG.debug("Method \"verify\" in RestCredentialVerifier. User " + username);
// Test for missing username or password
if (StringUtility.isNullOrEmpty(username) || passwordPlainText == null
|| passwordPlainText.length == 0) {
throw new VetoException(TEXTS.get("MissingUsernameOrPassword")); // [b]*** DOES NOT SHOW![/b]
}
// Test for non-conforming password
// Password MUST have between 8 to 20 characters with a minimum of one uppercase, one lowercase,
// one number, one special character and without spaces
if ((passwordPlainText.length < 8) || (passwordPlainText.length > 20)) {
throw new VetoException(TEXTS.get("ThePasswordMustHaveBetween820Characters")); //[b] *** DOES NOT SHOW![/b]
}
Subject subject = new Subject();
subject.getPrincipals().add(new SimplePrincipal("system"));
subject.setReadOnly();
RunContext runContext = RunContexts.empty().withLocale(Locale.getDefault()); // OK
// RunContext runContext = RunContexts.copyCurrent(true).withSubject(subject); // Fails
Map<String, String> result = runContext.call(new Callable<Map<String, String>>() {
@Override
public Map<String, String> call() throws Exception {
return BEANS.get(IRestAuthenticationService.class).verify(username, passwordPlainText));
}
});
LOG.debug("Leaving method \"verify\" in RestCredentialVerifier. User " + username);
if (result.containsKey("message")
&& result.get("message").equals(TEXTS.get("YouAreNowConnectedToTheServer"))) {
return AUTH_OK;
} else {
return AUTH_FAILED;
}
}
}
Can anyone help me implement (a) and (b)?
Thanks a lot for your kind assistance.
Cheers,
JD
[Updated on: Sat, 21 January 2023 10:46] Report message to a moderator |
|
|
Powered by
FUDForum. Page generated in 0.03626 seconds
] 
Search
Help
Register
Login
Home
