Re: [sipx-dev] SipXconfig check user permissions on login

Thu, 25 Nov 2010 02:10:49 -0800 

Hi George,
I've added the permission to user-settings.xml and the permission appears
when I add a new user and choose permissions.

Unfortunately the user can always login (if permission is set or not
doesn't matter).

My checkCredentials Method in LoginContextImpl.java looks like this:

public User checkCredentials(String userNameOrAlias, String password) {
    User user = m_coreContext.loadUserByUserNameOrAlias(userNameOrAlias);
    if (user == null) {
        return null;
    }
    if
(((Boolean)user.getSettingTypedValue("permission/application/login")) ==
false) {
        return null;
    }
    String userName = user.getUserName();
    String pintoken = user.getPintoken();
    String encodedPassword = getEncodedPassword(userName, password);
    // Real match
    if (encodedPassword.equals(pintoken)) {
        return user;
    }
    // Special case: if the password is empty and the pintoken is empty,
then declare a match.
    // We have publicized the ability for admins to reset users to have an
empty password by
    // zeroing out the pintoken entry in the database.
    if (StringUtils.isBlank(password) && pintoken.length() == 0) {
        return user;
    }
    return null;
}



How can I debug this?
For some reason the condition "if
(((Boolean)user.getSettingTypedValue("permission/application/login")) ==
false)" does not match.

Regards

Jan


-----Ursprüngliche Nachricht-----
Von: [email protected]
[mailto:[email protected]] Im Auftrag von George
Niculae
Gesendet: Montag, 22. November 2010 19:33
An: sipXecs developer discussions
Betreff: Re: [sipx-dev] SipXconfig check user permissions on login

On Mon, Nov 22, 2010 at 7:38 PM, Jan Thiemo Fricke <[email protected]>
wrote:
> Hi members,
>
> I’d like to add a permission that allows or disallows users to login at
> their user portal. Can somebody tell me which method is executed when a
> users tries to login at the webinterface and which method I should use
to
> check if the user has a specific permission?

LoginContextImpl.checkCredentials. You can make an extra check here
for the setting and return null if not allowed
if (!user.getSettingTypedValue("permission/application/login"))
  return null;

For adding a new user setting take a look at
etc/commserver/user-settings.xml, should be something like:
  <group name="permission">
    <group name="application">
....
      <setting name="login">
        <type refid="enable-disable" />
        <value>DISABLE</value>
      </setting>
....

George
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev/
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev/

Reply via email to