PasswordPolicy fix

2026-05-15 21:02:09 +08:00 · 2020-09-01 21:08:37 +08:00
parent 5828d2fd1a
commit 1f0377e8ec
8 changed files with 71 additions and 19 deletions
--- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@@ -82,12 +82,12 @@ public abstract class AbstractAuthenticationProvider {
        try {
            authentication = doInternalAuthenticate(authentication);
        } catch (AuthenticationException e) {
-            e.printStackTrace();
            _logger.error("Failed to authenticate user {} via {}: {}",
                    new Object[] { 
                            authentication.getPrincipal(), getProviderName(), e.getMessage() });
+            WebContext.setAttribute(
+                    WebConstants.LOGIN_ERROR_SESSION_MESSAGE, e.getMessage());
        } catch (Exception e) {
-            e.printStackTrace();
            String message = "Unexpected exception in " + getProviderName() + " authentication:";
            _logger.error("Login error " + message, e);
        }
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
@@ -217,12 +217,10 @@ public class PasswordPolicyValidator {
            _logger.debug("PasswordPolicy : " + passwordPolicy);
            _logger.debug("login Attempts is " + userInfo.getBadPasswordCount());
            lockUser(userInfo);
-
            throw new BadCredentialsException(
-                                userInfo.getUsername() + " " +
-                                WebContext.getI18nValue("login.error.attempts") + " " +
-                                userInfo.getBadPasswordCount()
-                                );
+                    WebContext.getI18nValue("login.error.attempts",
+                            new Object[]{userInfo.getUsername(),userInfo.getBadPasswordCount()}) 
+                    );
        }
        
        //locked
@@ -235,8 +233,7 @@ public class PasswordPolicyValidator {
        // inactive
        if(userInfo.getStatus()!=ConstantsStatus.ACTIVE) {
            throw new BadCredentialsException(
-                                userInfo.getUsername()+ " status "+ 
-                                userInfo.getStatus() +
+                                userInfo.getUsername()+ 
                                WebContext.getI18nValue("login.error.inactive") 
                                );
        }
--- a/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
@@ -72,5 +72,7 @@ public class WebConstants {
    public static final String AUTHENTICATION = "current_authentication";
    
    public static final String THEME_COOKIE_NAME = "maxkey_theme";
+    
+    public static final String LOGIN_ERROR_SESSION_MESSAGE = "login_error_session_message_key";

 }