PasswordPolicy fix

2026-05-15 13:02:07 +08:00 · 2020-09-01 21:08:37 +08:00
parent 5828d2fd1a
commit 1f0377e8ec
8 changed files with 71 additions and 19 deletions
--- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@@ -82,12 +82,12 @@ public abstract class AbstractAuthenticationProvider {
        try {
            authentication = doInternalAuthenticate(authentication);
        } catch (AuthenticationException e) {
-            e.printStackTrace();
            _logger.error("Failed to authenticate user {} via {}: {}",
                    new Object[] { 
                            authentication.getPrincipal(), getProviderName(), e.getMessage() });
+            WebContext.setAttribute(
+                    WebConstants.LOGIN_ERROR_SESSION_MESSAGE, e.getMessage());
        } catch (Exception e) {
-            e.printStackTrace();
            String message = "Unexpected exception in " + getProviderName() + " authentication:";
            _logger.error("Login error " + message, e);
        }
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
@@ -217,12 +217,10 @@ public class PasswordPolicyValidator {
            _logger.debug("PasswordPolicy : " + passwordPolicy);
            _logger.debug("login Attempts is " + userInfo.getBadPasswordCount());
            lockUser(userInfo);
-
            throw new BadCredentialsException(
-                                userInfo.getUsername() + " " +
-                                WebContext.getI18nValue("login.error.attempts") + " " +
-                                userInfo.getBadPasswordCount()
-                                );
+                    WebContext.getI18nValue("login.error.attempts",
+                            new Object[]{userInfo.getUsername(),userInfo.getBadPasswordCount()}) 
+                    );
        }
        
        //locked
@@ -235,8 +233,7 @@ public class PasswordPolicyValidator {
        // inactive
        if(userInfo.getStatus()!=ConstantsStatus.ACTIVE) {
            throw new BadCredentialsException(
-                                userInfo.getUsername()+ " status "+ 
-                                userInfo.getStatus() +
+                                userInfo.getUsername()+ 
                                WebContext.getI18nValue("login.error.inactive") 
                                );
        }
--- a/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
@@ -72,5 +72,7 @@ public class WebConstants {
    public static final String AUTHENTICATION = "current_authentication";
    
    public static final String THEME_COOKIE_NAME = "maxkey_theme";
+    
+    public static final String LOGIN_ERROR_SESSION_MESSAGE = "login_error_session_message_key";

 }
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
@@ -30,4 +30,17 @@ PasswordPolicy.TOO_SHORT=\u5bc6\u7801\u81f3\u5c11{0}\u4f4d\u5b57\u7b26.
 PasswordPolicy.TOO_MANY_OCCURRENCES=\u5bc6\u7801\u5305\u542b{0}\u51fa\u73b0{1}, \u6700\u591a{2} \u6b21.
 PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
-PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
+PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
+
+login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
+login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
+login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
+login.error.password=\u767b\u5f55\u5bc6\u7801\u65e0\u6548.
+login.error.username=\u7528\u6237\u540d\u65e0\u6548.
+login.error.username.null=\u7528\u6237\u540d\u4e0d\u80fd\u4e3a\u7a7a.
+login.error.email.null=\u767b\u5f55\u90ae\u7bb1\u4e0d\u80fd\u4e3a\u7a7a.
+login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
+login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
+login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
+login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
+
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
@@ -30,4 +30,16 @@ PasswordPolicy.TOO_SHORT=Password must be {0} or more characters in length .
 PasswordPolicy.TOO_MANY_OCCURRENCES=Password contains {1} occurrences of the character '{0}', but at most {2} are allowed.
 PasswordPolicy.OLD_PASSWORD_NOT_MATCH=old password not match.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=new password not match confirm password.
-PasswordPolicy.OLD_PASSWORD_MATCH=new password  match old password.
+PasswordPolicy.OLD_PASSWORD_MATCH=new password  match old password.
+
+login.error.attempts={0} login attempts the maximum number of {1} times, please login later.
+login.error.locked=The user is locked.
+login.error.inactive=User inactive state.
+login.error.password=Invalid password.
+login.error.username=Invalid username.
+login.error.username.null=username cannot be empty.
+login.error.email.null=email cannot be empty.
+login.error.password.null=Password cannot be empty.
+login.error.captcha=Verification code error, please login again.
+login.error.authtype=Login authentication type error.
+login.error.session=Login session failed. Please login again.
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
@@ -30,4 +30,16 @@ PasswordPolicy.TOO_SHORT=\u5bc6\u7801\u81f3\u5c11{0}\u4f4d\u5b57\u7b26.
 PasswordPolicy.TOO_MANY_OCCURRENCES=\u5bc6\u7801\u5305\u542b{0}\u51fa\u73b0{1}, \u6700\u591a{2} \u6b21.
 PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
-PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
+PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
+
+login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
+login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
+login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
+login.error.password=\u767b\u5f55\u5bc6\u7801\u65e0\u6548.
+login.error.username=\u7528\u6237\u540d\u65e0\u6548.
+login.error.username.null=\u7528\u6237\u540d\u4e0d\u80fd\u4e3a\u7a7a.
+login.error.email.null=\u767b\u5f55\u90ae\u7bb1\u4e0d\u80fd\u4e3a\u7a7a.
+login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
+login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
+login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
+login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.