Package sk.iway.iwcm.common

Class LogonTools

java.lang.Object
sk.iway.iwcm.common.LogonTools
public class LogonTools extends Object

  • Constructor Details

    • LogonTools

      protected LogonTools()

  • Method Details

    • checkAllowLoginDates

      public static boolean checkAllowLoginDates(ResultSet rs)
      Skontroluje ci sa moze pouzivatel prihlasit vzhladom na zadane datumy mozneho prihlasenia
      Parameters:
      rs -
      Returns:

    • logon

      public static String logon(String username, String password, Identity user, Map<String,String> errors, javax.servlet.http.HttpServletRequest request, Prop prop)
      Description of the Method
      Parameters:
      username - Description of the Parameter
      password - Description of the Parameter
      user - Description of the Parameter
      errors - Description of the Parameter
      request - Description of the Parameter
      Returns:
      Description of the Return Value

    • setUserPerms

      public static void setUserPerms(Identity user)
      Nastavi userovi prava na adresare (editable groups a pages)
      Parameters:
      user -

    • auditLogon

      public static void auditLogon(List<String> errors, Identity user, String username, javax.servlet.http.HttpServletRequest request)

    • logonUser

      public static List<String> logonUser(javax.servlet.http.HttpServletRequest request, String username, String password)

    • logonUserWithAllChecks

      public static List<String> logonUserWithAllChecks(javax.servlet.http.HttpServletRequest request, String username, String password)

    • afterLogon

      public static void afterLogon(Identity user, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

    • checkForAlarm

      public static int checkForAlarm(Identity user)

    • invalidateSessionOnFirstPost

      public static void invalidateSessionOnFirstPost(javax.servlet.http.HttpServletRequest request)
      Ochrana Session Fixation (MFSR pentesty) ktora zabezpeci pri PRVOM odoslani (POST) logon formularu invalidnutie session
      Parameters:
      request -

    • saveAfterLogonRedirect

      public static void saveAfterLogonRedirect(javax.servlet.http.HttpServletRequest request)
      Ulozi URL pred zobrazenim logon formu na ktoru sa po prihlaseni presmeruje
      Parameters:
      request -

    • setUserToSession

      public static org.springframework.security.core.Authentication setUserToSession(javax.servlet.http.HttpSession session, Identity user)
      Nastavi usera do session a nastavi spring prava
      Parameters:
      session -
      user -

    • isLoginBlocked

      public static boolean isLoginBlocked(javax.servlet.http.HttpServletRequest request)
      Test if login is not time/IP blocked
      Parameters:
      request -
      Returns:

    • setLoginBlocked

      public static void setLoginBlocked(javax.servlet.http.HttpServletRequest request)
      Cache info about bad credentials/login to block for 10 seconds
      Parameters:
      request -