mirror of
https://github.com/DSpace/DSpace.git
synced 2025-10-10 19:43:10 +00:00
update eperson's attributes right after successful login
This commit is contained in:
Sascha Szott
@@ -68,12 +68,8 @@ import org.dspace.services.factory.DSpaceServicesFactory;
|
||||
* @author Ivan Masár
|
||||
* @author Michael Plate
|
||||
*/
|
||||
public class LDAPAuthentication
|
||||
implements AuthenticationMethod {
|
||||
public class LDAPAuthentication implements AuthenticationMethod {
|
||||
|
||||
/**
|
||||
* log4j category
|
||||
*/
|
||||
private static final Logger log
|
||||
= org.apache.logging.log4j.LogManager.getLogger(LDAPAuthentication.class);
|
||||
|
||||
@@ -130,7 +126,7 @@ public class LDAPAuthentication
|
||||
return false;
|
||||
}
|
||||
|
||||
/*
|
||||
/**
|
||||
* This is an explicit method.
|
||||
*/
|
||||
@Override
|
||||
@@ -138,7 +134,7 @@ public class LDAPAuthentication
|
||||
return false;
|
||||
}
|
||||
|
||||
/*
|
||||
/**
|
||||
* Add authenticated users to the group defined in dspace.cfg by
|
||||
* the login.specialgroup key.
|
||||
*/
|
||||
@@ -177,7 +173,7 @@ public class LDAPAuthentication
|
||||
return Collections.EMPTY_LIST;
|
||||
}
|
||||
|
||||
/*
|
||||
/**
|
||||
* Authenticate the given credentials.
|
||||
* This is the heart of the authentication method: test the
|
||||
* credentials for authenticity, and if accepted, attempt to match
|
||||
@@ -250,7 +246,7 @@ public class LDAPAuthentication
|
||||
}
|
||||
|
||||
// Check a DN was found
|
||||
if ((dn == null) || (dn.trim().equals(""))) {
|
||||
if (StringUtils.isBlank(dn)) {
|
||||
log.info(LogHelper
|
||||
.getHeader(context, "failed_login", "no DN found for user " + netid));
|
||||
return BAD_CREDENTIALS;
|
||||
@@ -269,6 +265,18 @@ public class LDAPAuthentication
|
||||
context.setCurrentUser(eperson);
|
||||
request.setAttribute(LDAP_AUTHENTICATED, true);
|
||||
|
||||
// update eperson's attributes
|
||||
context.turnOffAuthorisationSystem();
|
||||
setEpersonAttributes(context, eperson, ldap, Optional.empty());
|
||||
try {
|
||||
ePersonService.update(context, eperson);
|
||||
context.dispatchEvents();
|
||||
} catch (AuthorizeException e) {
|
||||
log.warn("update of eperson " + eperson.getID() + " failed", e);
|
||||
} finally {
|
||||
context.restoreAuthSystemState();
|
||||
}
|
||||
|
||||
// assign user to groups based on ldap dn
|
||||
assignGroups(dn, ldap.ldapGroup, context);
|
||||
|
||||
@@ -313,14 +321,13 @@ public class LDAPAuthentication
|
||||
log.info(LogHelper.getHeader(context,
|
||||
"type=ldap-login", "type=ldap_but_already_email"));
|
||||
context.turnOffAuthorisationSystem();
|
||||
eperson.setNetid(netid.toLowerCase());
|
||||
setEpersonAttributes(context, eperson, ldap, Optional.of(netid));
|
||||
ePersonService.update(context, eperson);
|
||||
context.dispatchEvents();
|
||||
context.restoreAuthSystemState();
|
||||
context.setCurrentUser(eperson);
|
||||
request.setAttribute(LDAP_AUTHENTICATED, true);
|
||||
|
||||
|
||||
// assign user to groups based on ldap dn
|
||||
assignGroups(dn, ldap.ldapGroup, context);
|
||||
|
||||
@@ -331,20 +338,7 @@ public class LDAPAuthentication
|
||||
try {
|
||||
context.turnOffAuthorisationSystem();
|
||||
eperson = ePersonService.create(context);
|
||||
if (StringUtils.isNotEmpty(email)) {
|
||||
eperson.setEmail(email);
|
||||
}
|
||||
if (StringUtils.isNotEmpty(ldap.ldapGivenName)) {
|
||||
eperson.setFirstName(context, ldap.ldapGivenName);
|
||||
}
|
||||
if (StringUtils.isNotEmpty(ldap.ldapSurname)) {
|
||||
eperson.setLastName(context, ldap.ldapSurname);
|
||||
}
|
||||
if (StringUtils.isNotEmpty(ldap.ldapPhone)) {
|
||||
ePersonService.setMetadataSingleValue(context, eperson,
|
||||
MD_PHONE, ldap.ldapPhone, null);
|
||||
}
|
||||
eperson.setNetid(netid.toLowerCase());
|
||||
setEpersonAttributes(context, eperson, ldap, Optional.of(netid));
|
||||
eperson.setCanLogIn(true);
|
||||
authenticationService.initEPerson(context, request, eperson);
|
||||
ePersonService.update(context, eperson);
|
||||
@@ -382,6 +376,27 @@ public class LDAPAuthentication
|
||||
return BAD_ARGS;
|
||||
}
|
||||
|
||||
/**
|
||||
* Update eperson's attributes
|
||||
*/
|
||||
private void setEpersonAttributes(Context context, EPerson eperson, SpeakerToLDAP ldap, Optional<String> netid) throws SQLException {
|
||||
if (StringUtils.isNotEmpty(ldap.ldapEmail)) {
|
||||
eperson.setEmail(ldap.ldapEmail);
|
||||
}
|
||||
if (StringUtils.isNotEmpty(ldap.ldapGivenName)) {
|
||||
eperson.setFirstName(context, ldap.ldapGivenName);
|
||||
}
|
||||
if (StringUtils.isNotEmpty(ldap.ldapSurname)) {
|
||||
eperson.setLastName(context, ldap.ldapSurname);
|
||||
}
|
||||
if (StringUtils.isNotEmpty(ldap.ldapPhone)) {
|
||||
ePersonService.setMetadataSingleValue(context, eperson, MD_PHONE, ldap.ldapPhone, null);
|
||||
}
|
||||
if (netid.isPresent()) {
|
||||
eperson.setNetid(netid.get().toLowerCase());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Internal class to manage LDAP query and results, mainly
|
||||
* because there are multiple values to return.
|
||||
@@ -671,7 +686,7 @@ public class LDAPAuthentication
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
/**
|
||||
* Returns the URL of an external login page which is not applicable for this authn method.
|
||||
*
|
||||
* Note: Prior to DSpace 7, this method return the page of login servlet.
|
||||
@@ -699,7 +714,7 @@ public class LDAPAuthentication
|
||||
return "ldap";
|
||||
}
|
||||
|
||||
/*
|
||||
/**
|
||||
* Add authenticated users to the group defined in dspace.cfg by
|
||||
* the authentication-ldap.login.groupmap.* key.
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user