AnsweredAssumed Answered

Disable particular user after three unsuccessful attempts

Question asked by yroopa1229@gmail.com on Oct 31, 2016

Hi All,

I am using alfresco community 5.0d. In this i am trying to disable particular alfresco user who is entering wrong user name or password  continuously three times. For this I made changes to out of box jar class file "AbstractLoginBean.java".

    In this by using  try,catch,finally blocks i am updating property value. in try block user property value is getting  updating ,but in catch block  "nodeService.setProperty value not getting updating.if exception raises every time in catch block value  taking as "zero" .

        Any one can help me to solve this problem.the code is as follows.

protected Map<String, Object> login(String username, String password)

  {

  final String user=username;

  final String pwd=password;

  final Map<String, Object> model = new HashMap<String, Object>(7, 1.0f);

 

  logger.debug("username"+user);

  logger.debug("password"+pwd);

 

                try

  {

  AuthenticationUtil.runAs(new RunAsWork<Object>()

         {

             @SuppressWarnings("synthetic-access")

             public Object doWork() throws Exception

             {

              boolean val=false;

  NodeRef personref = personService.getPerson(user);

  logger.debug("person is"+personref);

  val=personService.personExists(user);

  logger.debug("person exists or not"+val);

  // get ticket

    serviceRegistry.getAuthenticationService().authenticate(user, pwd.toCharArray());

 

 

  if(personService.personExists(user))

  {

  if(nodeService.hasAspect(personref, QName.createQName("{http://www.propsystems.com/model/content/1.0}docaspt")))

  {

  nodeService.setProperty(personref,QName.createQName("{http://www.propsystems.com/model/content/1.0}lockStatusValue"),"0");

  logger.debug("authentication setting");

  }

  else

  {

  nodeService.addAspect(personref,QName.createQName("{http://www.propsystems.com/model/content/1.0}docaspt"), null);

  nodeService.setProperty(personref,QName.createQName("{http://www.propsystems.com/model/content/1.0}lockStatusValue"),"1");

  }

  }

 

 

 

 

 

  // add ticket to model for javascript and template access

  model.put("username", user);

  model.put("ticket",   serviceRegistry.getAuthenticationService().getCurrentTicket());

                    return model;

            }

 

 

           },AuthenticationUtil.getSystemUserName());

             

  }

  catch(AuthenticationException e)

  {

  AuthenticationUtil.runAs(new RunAsWork<Object>()

         {

             @SuppressWarnings("synthetic-access")

             public Object doWork() throws Exception

             {

              boolean val=false;

  NodeRef personref = personService.getPerson(user);

  logger.debug("person is"+personref);

  val=personService.personExists(user);

  logger.debug("person exists or not"+val);

 

                       logger.debug("value is"+val);

          if(personService.personExists(user))

             {         

  if(nodeService.hasAspect(personref, QName.createQName("{http://www.propsystems.com/model/content/1.0}docaspt")))

  {

  logger.debug("in update properties");

  String  lockVal=(String)nodeService.getProperty(personref,QName.createQName("{http://www.propsystems.com/model/content/1.0}lockStatusValue"));

  logger.debug("lock value"+lockVal);

  logger.debug("lock value ref is"+personref);

  int lockValue=Integer.parseInt(lockVal.toString());

  int incrementLck=lockValue+1;

  logger.debug("increment lock value"+incrementLck);

  String incrementLock=String.valueOf(incrementLck);

  logger.debug("datatype of value"+incrementLock.getClass().getName());

  nodeService.setProperty(personref,QName.createQName("{http://www.propsystems.com/model/content/1.0}lockStatusValue"),incrementLock);

  String finalLockVal=(String)nodeService.getProperty(personref, QName.createQName("{http://www.propsystems.com/model/content/1.0}lockStatusValue"));

  logger.debug("final lock value"+finalLockVal);

  String finalVal="3";

  if(finalLockVal.equalsIgnoreCase(finalVal))

  {

  logger.debug("final lock equality");

  serviceRegistry.getAuthenticationService().setAuthenticationEnabled(user,false);

  }

  }

 

 

 

 

 

  }

          return model;

            }

 

 

           },AuthenticationUtil.getSystemUserName());

  throw new WebScriptException(HttpServletResponse.SC_FORBIDDEN, "Login failed");

           

  }

  finally

  {

  logger.debug("in final block");

  AuthenticationUtil.runAs(new RunAsWork<Object>()

         {

             @SuppressWarnings("synthetic-access")

             public Object doWork() throws Exception

             {

            

              return null;

          }

 

 

           },AuthenticationUtil.getSystemUserName());

            

  AuthenticationUtil.clearCurrentSecurityContext();

  }

  return model;

 

 

 

 

 

  }

Outcomes