DHIS 2

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java 2010-03-31 16:44:55 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java 2010-11-22 20:01:22 +0000 @@ -38,8 +38,6 @@ void registerLoginFailure( String username ); - void resetLockoutTimeframe( String username ); - int getLoginFailures( String username ); int getMaxAttempts(); === modified file 'dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java' --- dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java 2010-04-12 21:23:33 +0000 +++ dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java 2010-11-22 20:01:22 +0000 @@ -68,12 +68,17 @@ this.userAuditStore = userAuditStore; } + // ------------------------------------------------------------------------- + // UserAuditService implementation + // ------------------------------------------------------------------------- + @Override + @Transactional public void registerLoginSuccess( String username ) { log.info( "User login success: '" + username + "'" ); - resetLockoutTimeframe( username ); + userAuditStore.resetLoginFailures( username, getDate() ); } @Override @@ -82,8 +87,8 @@ log.info( "User logout: '" + username + "'" ); } + @Override @Transactional - @Override public void registerLoginFailure( String username ) { log.info( "User login failure: '" + username + "'" ); @@ -100,8 +105,8 @@ } } + @Override @Transactional - @Override public int getLoginFailures( String username ) { return userAuditStore.getLoginFailures( username, getDate() ); @@ -119,11 +124,9 @@ return (Integer) systemSettingManager.getSystemSetting( KEY_TIMEFRAME_MINUTES, DEFAULT_TIMEFRAME_MINUTES ); } - @Override - public void resetLockoutTimeframe( String username ) - { - userAuditStore.resetLoginFailures( username, getDate() ); - } + // ------------------------------------------------------------------------- + // Supportive methods + // ------------------------------------------------------------------------- private Date getDate() { === modified file 'dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/hibernate/HibernateUserAuditStore.java' --- dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/hibernate/HibernateUserAuditStore.java 2010-10-29 12:19:15 +0000 +++ dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/hibernate/HibernateUserAuditStore.java 2010-11-22 20:01:22 +0000 @@ -88,6 +88,7 @@ } //TODO: create GUI for reset and accurate logging + @Override public void resetLoginFailures( String username, Date date ) { === renamed file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.jsp' => 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.html' --- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.jsp 2010-11-18 09:42:34 +0000 +++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.html 2010-11-22 20:01:22 +0000 @@ -1,37 +1,20 @@ - - - DHIS 2 + - +

- <% - Object obj = session.getAttribute( "SPRING_SECURITY_LAST_USERNAME" ); - boolean formVisible = true; - if( obj != null ) - { - String username = obj.toString(); - if( userAuditService.getLoginFailures(username) >= userAuditService.getMaxAttempts() ) - { - formVisible = false; - %> - Maximum Tries exceeded. Please try after <%=userAuditService.getLockoutTimeframe() %> mins - <% - } - } - %> - <% if(formVisible){%> + - <% } %>

=== renamed file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/loginfailed.jsp' => 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/loginfailed.html' --- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/loginfailed.jsp 2010-11-18 09:42:34 +0000 +++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/loginfailed.html 2010-11-22 20:01:22 +0000 @@ -1,6 +1,3 @@ - - - @@ -17,22 +14,7 @@

- <% - Object obj = session.getAttribute( "SPRING_SECURITY_LAST_USERNAME" ); - boolean formVisible = true; - if( obj != null ) - { - String username = obj.toString(); - if( userAuditService.getLoginFailures(username) >= userAuditService.getMaxAttempts() ) - { - formVisible = false; - %> - Maximum Tries exceeded... Please try after <%=userAuditService.getLockoutTimeframe() %> mins - <% - } - } - %> - <% if( formVisible ){%> + - Wrong username or password. Please try again. - <% } %> + Wrong username or password. Please try again.

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/UserAuditLogoutFilter.java' --- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/UserAuditLogoutFilter.java 2010-10-07 07:10:30 +0000 +++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/UserAuditLogoutFilter.java 2010-11-22 20:01:22 +0000 @@ -52,7 +52,7 @@ public void logout( HttpServletRequest request, HttpServletResponse response, Authentication authentication ) { - if ( authentication != null ) + if ( authentication != null && authentication.getPrincipal() != null ) { String username = ((UserDetails) authentication.getPrincipal()).getUsername(); userAuditService.registerLogout( username ); === modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/beans.xml' --- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/beans.xml 2010-11-20 08:23:34 +0000 +++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/beans.xml 2010-11-22 20:01:22 +0000 @@ -318,7 +318,7 @@ - + @@ -360,7 +360,7 @@ - +