Merge with 69f810c84e882a49d6470bfa8a2c07309eda4231

This commit is contained in:
Heng Sin Low 2012-08-17 10:48:52 +08:00
commit 3c3b264887
4 changed files with 186 additions and 177 deletions

View File

@ -36,6 +36,7 @@ import org.compiere.util.CCache;
import org.compiere.util.CLogger;
import org.compiere.util.DB;
import org.compiere.util.Env;
import org.compiere.util.KeyNamePair;
import org.compiere.util.Msg;
import org.compiere.util.Secure;
import org.compiere.util.SecureEngine;
@ -173,80 +174,62 @@ public class MUser extends X_AD_User
return null;
}
boolean hash_password = MSysConfig.getBooleanValue(MSysConfig.USER_PASSWORD_HASH, false);
boolean email_login = MSysConfig.getBooleanValue(MSysConfig.USE_EMAIL_FOR_LOGIN, false);
ArrayList<KeyNamePair> clientList = new ArrayList<KeyNamePair>();
ArrayList<Integer> clientsValidated = new ArrayList<Integer>();
MUser retValue = null;
if (!hash_password)
{
int AD_Client_ID = Env.getAD_Client_ID(ctx);
String sql = "SELECT * FROM AD_User "
+ "WHERE COALESCE(LDAPUser, Name)=? " // #1
+ " AND ((Password=? AND (SELECT IsEncrypted FROM AD_Column WHERE AD_Column_ID=417)='N') " // #2
+ "OR (Password=? AND (SELECT IsEncrypted FROM AD_Column WHERE AD_Column_ID=417)='Y'))" // #3
+ " AND IsActive='Y' AND AD_Client_ID=?" // #4
;
PreparedStatement pstmt = null;
ResultSet rs = null;
try
{
pstmt = DB.prepareStatement (sql, null);
pstmt.setString (1, name);
pstmt.setString (2, password);
pstmt.setString (3, SecureEngine.encrypt(password));
pstmt.setInt(4, AD_Client_ID);
rs = pstmt.executeQuery ();
if (rs.next ())
{
retValue = new MUser (ctx, rs, null);
if (rs.next())
s_log.warning ("More then one user with Name/Password = " + name);
}
StringBuffer where = new StringBuffer("Password IS NOT NULL AND ");
if (email_login)
where.append("EMail=?");
else
s_log.fine("No record");
}
catch (Exception e)
{
s_log.log(Level.SEVERE, sql, e);
}
finally
{
DB.close(rs, pstmt);
rs = null; pstmt = null;
}
} else {
String where = " COALESCE(LDAPUser,Name) = ? AND" +
" EXISTS (SELECT * FROM AD_User_Roles ur" +
" INNER JOIN AD_Role r ON (ur.AD_Role_ID=r.AD_Role_ID)" +
" WHERE ur.AD_User_ID=AD_User.AD_User_ID AND ur.IsActive='Y' AND r.IsActive='Y') AND " +
" EXISTS (SELECT * FROM AD_Client c" +
" WHERE c.AD_Client_ID=AD_User.AD_Client_ID" +
" AND c.IsActive='Y') AND " +
" AD_User.IsActive='Y'";
where.append("COALESCE(LDAPUser,Name)=?");
where.append(" AND")
.append(" EXISTS (SELECT * FROM AD_User_Roles ur")
.append(" INNER JOIN AD_Role r ON (ur.AD_Role_ID=r.AD_Role_ID)")
.append(" WHERE ur.AD_User_ID=AD_User.AD_User_ID AND ur.IsActive='Y' AND r.IsActive='Y') AND ")
.append(" EXISTS (SELECT * FROM AD_Client c")
.append(" WHERE c.AD_Client_ID=AD_User.AD_Client_ID")
.append(" AND c.IsActive='Y') AND ")
.append(" AD_User.IsActive='Y'");
MUser user = MTable.get(ctx, MUser.Table_ID).createQuery( where, null).setParameters(name).firstOnly(); // throws error if username collision occurs
List<MUser> users = new Query(ctx, MUser.Table_Name, where.toString(), null)
.setParameters(name)
.setOrderBy(MUser.COLUMNNAME_AD_User_ID)
.list();
String hash = null;
String salt = null;
if (user != null )
{
hash = user.getPassword();
salt = user.getSalt();
if (users.size() == 0) {
s_log.saveError("UserPwdError", name, false);
return null;
}
for (MUser user : users) {
if (clientsValidated.contains(user.getAD_Client_ID())) {
s_log.severe("Two users with password with the same name/email combination on same tenant: " + name);
return null;
}
clientsValidated.add(user.getAD_Client_ID());
boolean valid = false;
if (hash_password) {
String hash = user.getPassword();
String salt = user.getSalt();
// always do calculation to confuse timing based attacks
if ( user == null )
user = MUser.get(ctx, 0);
if ( hash == null )
hash = "0000000000000000";
if ( salt == null )
salt = "0000000000000000";
valid = user.authenticateHash(password);
} else {
// password not hashed
valid = user.getPassword().equals(password);
}
if ( user.authenticateHash(password) )
{
if (valid){
retValue=user;
}
}
return retValue;
} // get

View File

@ -275,21 +275,21 @@ public final class ALogin extends CDialog
// DefaultTab
defaultPanel.setLayout(defaultPanelLayout);
//
clientLabel.setText("Client");
clientLabel.setHorizontalAlignment(SwingConstants.RIGHT);
clientLabel.setLabelFor(clientCombo);
clientCombo.addActionListener(this);
defaultPanel.add(clientLabel, new GridBagConstraints(0, 0, 1, 1, 0.0, 0.0
,GridBagConstraints.EAST, GridBagConstraints.NONE, new Insets(12, 12, 5, 5), 0, 0));
defaultPanel.add(clientCombo, new GridBagConstraints(1, 0, 1, 1, 1.0, 0.0
,GridBagConstraints.WEST, GridBagConstraints.HORIZONTAL, new Insets(12, 0, 5, 12), 0, 0));
roleLabel.setText("Role");
roleLabel.setHorizontalAlignment(SwingConstants.RIGHT);
roleLabel.setLabelFor(roleCombo);
roleCombo.addActionListener(this);
defaultPanel.add(roleLabel, new GridBagConstraints(0, 0, 1, 1, 0.0, 0.0
,GridBagConstraints.EAST, GridBagConstraints.NONE, new Insets(12, 12, 5, 5), 0, 0));
defaultPanel.add(roleCombo, new GridBagConstraints(1, 0, 1, 1, 1.0, 0.0
,GridBagConstraints.WEST, GridBagConstraints.HORIZONTAL, new Insets(12, 0, 5, 12), 0, 0));
clientLabel.setText("Client");
clientLabel.setHorizontalAlignment(SwingConstants.RIGHT);
clientLabel.setLabelFor(clientCombo);
defaultPanel.add(clientLabel, new GridBagConstraints(0, 1, 1, 1, 0.0, 0.0
defaultPanel.add(roleLabel, new GridBagConstraints(0, 1, 1, 1, 0.0, 0.0
,GridBagConstraints.EAST, GridBagConstraints.NONE, new Insets(5, 12, 5, 5), 0, 0));
clientCombo.addActionListener(this);
defaultPanel.add(clientCombo, new GridBagConstraints(1, 1, 1, 1, 1.0, 0.0
defaultPanel.add(roleCombo, new GridBagConstraints(1, 1, 1, 1, 1.0, 0.0
,GridBagConstraints.WEST, GridBagConstraints.HORIZONTAL, new Insets(5, 0, 5, 12), 0, 0));
orgLabel.setText("Organization");
orgLabel.setHorizontalAlignment(SwingConstants.RIGHT);
@ -500,10 +500,10 @@ public final class ALogin extends CDialog
else if (e.getSource() == languageCombo)
languageComboChanged();
//
else if (e.getSource() == roleCombo)
roleComboChanged();
else if (e.getSource() == clientCombo)
clientComboChanged();
else if (e.getSource() == roleCombo)
roleComboChanged();
else if (e.getSource() == orgCombo)
orgComboChanged();
else if ("onlineLoginHelp".equals(e.getActionCommand()))
@ -645,13 +645,13 @@ public final class ALogin extends CDialog
// Reference check
Ini.setProperty(Ini.P_LOGMIGRATIONSCRIPT, "Reference".equalsIgnoreCase(CConnection.get().getDbUid()));
// Get Roles
// Get Clients
m_login = new Login(m_ctx);
KeyNamePair[] roles = null;
KeyNamePair[] clients = null;
try
{
roles = m_login.getRoles(m_user, new String(m_pwd));
if (roles == null || roles.length == 0)
clients = m_login.getClients(m_user, new String(m_pwd));
if (clients == null || clients.length == 0)
{
statusBar.setStatusLine(txt_UserPwdError, true);
userTextField.setBackground(AdempierePLAF.getFieldBackground_Error());
@ -679,34 +679,38 @@ public final class ALogin extends CDialog
// Delete existing role items
m_comboActive = true;
if (roleCombo.getItemCount() > 0)
roleCombo.removeAllItems();
if (clientCombo.getItemCount() > 0)
clientCombo.removeAllItems();
// Initial role
KeyNamePair iniValue = null;
String iniDefault = Ini.getProperty(Ini.P_ROLE);
String iniDefault = Ini.getProperty(Ini.P_CLIENT);
// fill roles
for (int i = 0; i < roles.length; i++)
for (int i = 0; i < clients.length; i++)
{
roleCombo.addItem(roles[i]);
if (roles[i].getName().equals(iniDefault))
iniValue = roles[i];
clientCombo.addItem(clients[i]);
if (clients[i].getName().equals(iniDefault))
iniValue = clients[i];
}
if (iniValue != null){
clientCombo.setSelectedItem(iniValue);
} else {
clientCombo.setSelectedItem(clients[0]);
}
if (iniValue != null)
roleCombo.setSelectedItem(iniValue);
// If we have only one role, we can hide the combobox - metas-2009_0021_AP1_G94
if (roleCombo.getItemCount() == 1 && ! MSysConfig.getBooleanValue(MSysConfig.ALogin_ShowOneRole, true))
if (clientCombo.getItemCount() == 1)
{
roleCombo.setSelectedIndex(0);
roleLabel.setVisible(false);
roleCombo.setVisible(false);
clientCombo.setSelectedIndex(0);
clientCombo.setVisible(false);
clientCombo.setVisible(false);
clientLabel.setVisible(false);
}
else
{
roleLabel.setVisible(true);
roleCombo.setVisible(true);
clientCombo.setVisible(true);
clientCombo.setVisible(true);
}
userTextField.setBackground(AdempierePLAF.getFieldBackground_Normal());
@ -715,57 +719,13 @@ public final class ALogin extends CDialog
this.setTitle(hostField.getDisplay());
statusBar.setStatusLine(txt_LoggedIn);
m_comboActive = false;
roleComboChanged();
clientComboChanged();
return true;
} // tryConnection
/**
* Role changed - fill Client List
*/
private void roleComboChanged ()
{
KeyNamePair role = (KeyNamePair)roleCombo.getSelectedItem();
if (role == null || m_comboActive)
return;
log.config(": " + role);
m_comboActive = true;
//
KeyNamePair[] clients = m_login.getClients(role);
// delete existing client/org items
if (clientCombo.getItemCount() > 0)
clientCombo.removeAllItems();
if (orgCombo.getItemCount() > 0)
orgCombo.removeAllItems();
// No Clients
if (clients == null || clients.length == 0)
{
statusBar.setStatusLine(txt_RoleError, true);
m_comboActive = false;
return;
}
// initial client
KeyNamePair iniValue = null;
String iniDefault = Ini.getProperty(Ini.P_CLIENT);
// fill clients
for (int i = 0; i < clients.length; i++)
{
clientCombo.addItem(clients[i]);
if (clients[i].getName().equals(iniDefault))
iniValue = clients[i];
}
// fini
if (iniValue != null)
clientCombo.setSelectedItem(iniValue);
//
m_comboActive = false;
clientComboChanged();
} // roleComboChanged
/**
* Client changed - fill Org & Warehouse List
* Client changed - fill Role List
*/
private void clientComboChanged ()
{
@ -777,13 +737,77 @@ public final class ALogin extends CDialog
// @Trifon - Set Proper "#AD_Client_ID", #AD_User_ID and "#SalesRep_ID"
// https://sourceforge.net/tracker/?func=detail&aid=2957215&group_id=176962&atid=879332
Env.setContext(m_ctx, "#AD_Client_ID", client.getKey());
MUser user = MUser.get (m_ctx, userTextField.getText(), new String (passwordField.getPassword()) );
MUser user = MUser.get (m_ctx, userTextField.getText());
if (user != null) {
Env.setContext(m_ctx, "#AD_User_ID", user.getAD_User_ID() );
Env.setContext(m_ctx, "#SalesRep_ID", user.getAD_User_ID() );
}
//
KeyNamePair[] orgs = m_login.getOrgs(client);
KeyNamePair[] roles = m_login.getRoles(userTextField.getText(), client);
// delete existing rol/org items
if (roleCombo.getItemCount() > 0)
roleCombo.removeAllItems();
if (orgCombo.getItemCount() > 0)
orgCombo.removeAllItems();
// No Clients
if (roles == null || roles.length == 0)
{
statusBar.setStatusLine(txt_RoleError, true);
m_comboActive = false;
return;
}
// initial rol
KeyNamePair iniValue = null;
String iniDefault = Ini.getProperty(Ini.P_ROLE);
// fill roles
for (int i = 0; i < roles.length; i++)
{
roleCombo.addItem(roles[i]);
if (roles[i].getName().equals(iniDefault))
iniValue = roles[i];
}
// fini
if (iniValue != null)
roleCombo.setSelectedItem(iniValue);
//
// If we have only one role, we can hide the combobox - metas-2009_0021_AP1_G94
if(roleCombo.getItemCount()==1 && ! MSysConfig.getBooleanValue(MSysConfig.ALogin_ShowOneRole, true))
{
roleCombo.setSelectedIndex(0);
roleCombo.setVisible(false);
roleCombo.setVisible(false);
roleLabel.setVisible(false);
}
m_comboActive = false;
roleComboChanged();
} // roleComboChanged
/**
* role changed - fill Org & Warehouse List
*/
private void roleComboChanged()
{
KeyNamePair rol = (KeyNamePair)roleCombo.getSelectedItem();
if (rol == null || m_comboActive)
return;
log.config(": " + rol);
m_comboActive = true;
if( Env.getContextAsInt(m_ctx, "#AD_Client_ID") > 0 )
{
MUser user = MUser.get (m_ctx, userTextField.getText());
if (user != null) {
Env.setContext(m_ctx, "#AD_User_ID", user.getAD_User_ID() );
Env.setContext(m_ctx, "#SalesRep_ID", user.getAD_User_ID() );
}
}
//
KeyNamePair[] orgs = m_login.getOrgs(rol);
// delete existing cleint items
if (orgCombo.getItemCount() > 0)
orgCombo.removeAllItems();

View File

@ -333,10 +333,7 @@ public class AdempiereWebUI extends Window implements EventListener<Event>, IWeb
appDesktop.logout();
Executions.getCurrent().getDesktop().getSession().getAttributes().clear();
MSession mSession = MSession.get(Env.getCtx(), false);
if (mSession != null) {
mSession.logout();
}
AEnv.logout();
SessionManager.clearSession();
super.getChildren().clear();

View File

@ -49,6 +49,7 @@ import org.compiere.model.Lookup;
import org.compiere.model.MAcctSchema;
import org.compiere.model.MLookup;
import org.compiere.model.MQuery;
import org.compiere.model.MSession;
import org.compiere.util.CCache;
import org.compiere.util.CLogger;
import org.compiere.util.CacheMgt;
@ -189,9 +190,13 @@ public final class AEnv
public static void logout()
{
Env.logout();
String sessionID = Env.getContext(Env.getCtx(), "#AD_Session_ID");
windowCache.remove(sessionID);
// End Session
MSession session = MSession.get(Env.getCtx(), false); // finish
if (session != null)
session.logout();
//
}
/**
@ -240,12 +245,12 @@ public final class AEnv
log.config("Window=" + WindowNo + ", AD_Window_ID=" + AD_Window_ID);
GridWindowVO mWindowVO = null;
String locale = Env.getLanguage(Env.getCtx()).getLocale().toString();
String sessionID = Env.getContext(Env.getCtx(), "#AD_Session_ID");
if (AD_Window_ID != 0 && Ini.isCacheWindow()) // try cache
{
synchronized (windowCache)
{
CCache<Integer,GridWindowVO> cache = windowCache.get(locale);
CCache<Integer,GridWindowVO> cache = windowCache.get(sessionID);
if (cache != null)
{
mWindowVO = cache.get(AD_Window_ID);
@ -267,11 +272,11 @@ public final class AEnv
{
synchronized (windowCache)
{
CCache<Integer,GridWindowVO> cache = windowCache.get(locale);
CCache<Integer,GridWindowVO> cache = windowCache.get(sessionID);
if (cache == null)
{
cache = new CCache<Integer, GridWindowVO>("AD_Window", 10);
windowCache.put(locale, cache);
windowCache.put(sessionID, cache);
}
cache.put(AD_Window_ID, mWindowVO);
}