lams / lams_central / src / java / org / lamsfoundation / lams / security

UniversalLoginModule.java

Tools

Line History

Line Count Graph
Line Count Graph

Stats

Commits this week: 0
Total Committers: 7
Last Commit: 11 May 16
Commits this week: 0
Total Lines of Code (LoC): 389
Net change in LoC this week: 0

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Thursday 01 Dec 2016
11:05 am

sanjana

LDEV-4030 :Disable login for a few minutes after X number of attempts

Options
    • -1
    • +1
    ./UniversalLoginModule.java
  2. … 5 more files in changeset.
Wednesday 11 May 2016
3:28 pm

Marcin Cieslak

LDEV-3776: Remove $Id CVS keyword.

Options
    • -1
    • +1
    ./UniversalLoginModule.java
  2. … 1074 more files in changeset.
Thursday 05 May 2016
4:08 pm

Marcin Cieslak

LDEV-3776: Clean up and format all LAMS Java code.

Options
    • -311
    • +291
    ./UniversalLoginModule.java
  2. … 2120 more files in changeset.
4:08 pm

Marcin Cieslak

LDEV-3776: Clean up and format all LAMS Java code.

Options
    • -13
    • +14
    ./UniversalLoginModule.java
  2. … 1860 more files in changeset.
Wednesday 16 Mar 2016
8:12 pm

Marcin Cieslak

LDEV-3674: Remove multiple Flash elements: Authoring, icons, themes, i18n files, WDDX libraries and classes, methods, servlets etc.

Rename/rewrite methods for Flashless use.

Options
    • -24
    • +6
    ./UniversalLoginModule.java
  2. … 420 more files in changeset.
Friday 23 Oct 2015
4:42 pm

Marcin Cieslak

LDEV-3578: Use single-use passwords for internal authentication in LoginRequestServlet and LoginAsAction.

Options
    • -7
    • +18
    ./UniversalLoginModule.java
  2. … 3 more files in changeset.
Wednesday 21 Oct 2015
7:44 pm

Marcin Cieslak

LDEV-3578: Convert passwords from sha1 to sha256 with salt after successful authentication and on password change.

Remove password hashing in browser.

Change internal authentication mechanism for LoginRequestServlet and LoginAsAction.

Options
    • -23
    • +33
    ./UniversalLoginModule.java
  2. … 23 more files in changeset.
Monday 19 Oct 2015
8:20 pm

Marcin Cieslak

LDEV-3591: Flatten UniversalLoginModule hierarchy - it was just a single leaf anyway.

Format code. Clean up logs, errors and comments.

Move queries from config files to code.

Options
    • -206
    • +334
    ./UniversalLoginModule.java
  2. … 12 more files in changeset.
Friday 28 Nov 2014
8:27 pm

Marcin Cieslak

LDEV-3383: Remove Web authentication method.

Options
    • -4
    • +1
    ./UniversalLoginModule.java
  2. … 5 more files in changeset.
8:11 pm

Marcin Cieslak

LDEV-3383: Remove Web authentication method.

Options
    • -5
    • +1
    ./UniversalLoginModule.java
  2. … 5 more files in changeset.
Tuesday 25 Nov 2014
5:39 pm

Marcin Cieslak

LDEV-3335, LDEV-3340: Make SessionManager a storage for servlet context, so it can be accesses by other classes at any time. Remove obsolete SSO classes.

Options
    • -3
    • +2
    ./UniversalLoginModule.java
  2. … 15 more files in changeset.
4:43 pm

Marcin Cieslak

LDEV-3335, LDEV-3340: Remove or simplify SSO components. Fix sysadmin LoginAs functionality.

Options
    • -3
    • +4
    ./UniversalLoginModule.java
  2. … 17 more files in changeset.
Wednesday 19 Nov 2014
12:20 am

Marcin Cieslak

LDEV-3335, LDEV-3334: Use SSO mechanism introduced in WildFly 9.

Do not create web.xml files with XDoclet as it can not produce them based on 3.1 schema. Use static ones instead.

Make SessionManager just a proxy to webserver's HTTP session. Remov custom shared sessions and JSESSIONIDSSO cookie as they are obsolete. Remove own session monitoring as the container should take care of invalidation.

Move injecting UserDTO into session to SsoHandler intead of UniversalLoginModule as an authentication request may not reach the latter due to WildFly credentials caching.

Options
    • -311
    • +285
    ./UniversalLoginModule.java
  2. … 226 more files in changeset.
Wednesday 15 Oct 2014
12:43 am

Marcin Cieslak

LDEV-3275: Remove duplicate error log.

Options
    • -2
    • +1
    ./UniversalLoginModule.java
Tuesday 14 Oct 2014
8:49 pm

Marcin Cieslak

LDEV-3275: Add SsoConsumer in LAMS Central as requests (index.jsp, index.do) immediate after j_security_check are also being authenticated.

They also are considered an authentication attempt, but they bypass shared session creation in SsoProducer and it causes errors. This was addressed by a simple check - no shared session in UniversalLoginModule, no authentication attempt.

Options
    • -3
    • +3
    ./UniversalLoginModule.java
  2. … 2 more files in changeset.
Tuesday 30 Sep 2014
9:10 pm

Marcin Cieslak

LDEV-3315: Clean up roles and paths to secured resources in all modules.

Remove AUTHOR ADMIN role.

Options
    • -290
    • +310
    ./UniversalLoginModule.java
  2. … 73 more files in changeset.
1:09 am

Marcin Cieslak

LDEV-3315: Remove AUTHOR ADMIN role.

Allow AUTHOR role to preview lessons.

Allow MONITOR role to edit activities and run Live Edit.

Options
    • -3
    • +2
    ./UniversalLoginModule.java
  2. … 72 more files in changeset.
Friday 19 Sep 2014
6:55 pm

Marcin Cieslak

LDEV-3275: Introduce SSO using Undertow mechanisms.

Valves do not exist in Undertow. Another approach had to be used.

In each WAR there is a file in META-INF/service dir which adds a class in request processing chaing.

For Central it is SsoProducer which put the authenticated account into shared session.

All other modules use SsoConsumer which takes the account and puts it into its security context.

In standalone.xml caching of credentials was switched off as it would prevent UniversalLoginModule from putting UserDTO into shared session.

TODO: use a simple pass-all authentication mechanism for static files like images and JS files.

Options
    • -311
    • +290
    ./UniversalLoginModule.java
  2. … 12 more files in changeset.
Monday 01 Mar 2010
12:53 pm

lfoxton

LDEV-2517 Merging head theme changes with 2.3 branch for 2.3.4

Options
    • -236
    • +294
    ./UniversalLoginModule.java
  2. … 64 more files in changeset.
Thursday 18 Feb 2010
1:41 pm

lfoxton

SIF-4 Making single-signon capabilities for openid

Options
    • -282
    • +313
    ./UniversalLoginModule.java
  2. … 31 more files in changeset.
Thursday 20 Aug 2009
12:37 pm

lfoxton

LDEV-2420 Removing uneccessary data structures and tables from the db, as well as implementing the same theme settings for flash themes

Options
    • -8
    • +24
    ./UniversalLoginModule.java
  2. … 49 more files in changeset.
Wednesday 19 Aug 2009
2:45 pm

lfoxton

LDEV-2420 Adding functionality to add new themes to the database. All that is left now is to remove the defunct tables that are not used

Options
    • -5
    • +39
    ./UniversalLoginModule.java
  2. … 21 more files in changeset.
Thursday 13 Nov 2008
9:20 am

jliew

use Sun 120 formatting standard

Options
    • -228
    • +241
    ./UniversalLoginModule.java
9:18 am

jliew

LDEV-1937 try another method of getting spring bean when NoSuchBeanDefinitionException encountered

Options
    • -4
    • +16
    ./UniversalLoginModule.java
Wednesday 28 Nov 2007
9:33 am

jliew

Get the ldapService bean only when ldap provisioning is enabled - so if spring can't find the bean (throws NoSuchBeanDefinitionException for unknown reason), logging in will still work if ldap provisioning is disabled.

Options
    • -2
    • +2
    ./UniversalLoginModule.java
Friday 02 Nov 2007
9:22 am

jliew

merge latest changes from ldap2_0_4 branch (dated 26/10/07)

Options
    • -4
    • +1
    ./UniversalLoginModule.java
  2. … 4 more files in changeset.
Friday 26 Oct 2007
1:38 pm

jliew

fix for ConcurrentModificationException while Iterating over a Set; stop printing password in logs; make reading of roles mapping values more flexible

Options
    • -4
    • +1
    ./UniversalLoginModule.java
  2. … 4 more files in changeset.
Thursday 04 Oct 2007
9:06 am

jliew

merging changes from ldap2_0_4 branch to HEAD

Options
    • -3
    • +10
    ./UniversalLoginModule.java
  2. … 13 more files in changeset.
8:17 am

jliew

fix problem with integration users getting rejected when LDAPEncryptPasswordFromBrowser is false; generate random password for ldap users instead of hard coded text

Options
    • -3
    • +10
    ./UniversalLoginModule.java
  2. … 1 more file in changeset.
Tuesday 25 Sep 2007
3:26 pm

jliew

merge changes from ldap2_0_4 branch back to HEAD

Options
    • -7
    • +10
    ./UniversalLoginModule.java
  2. … 1 more file in changeset.