From e44ba3b979d0bfbea9381f85769849f3a1ac3feb Mon Sep 17 00:00:00 2001 From: gayanch Date: Wed, 19 Sep 2018 19:16:35 +0530 Subject: [PATCH 1/9] feature improvements --- .../com.wso2telco.mbss.authenticator/pom.xml | 7 ----- .../authenticator/MBSSBasicAuthenticator.java | 4 ++- .../model/MBSSAuthenticatorConfig.java | 10 +++++++ .../util/MBSSAuthenticatorDbUtil.java | 8 +++-- .../mbss/authenticator/util/SessionCache.java | 30 ------------------- .../resources/mbss-authenticator-config.xml | 3 +- 6 files changed, 21 insertions(+), 41 deletions(-) delete mode 100644 mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/SessionCache.java diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/pom.xml b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/pom.xml index bc270f5..047027d 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/pom.xml +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/pom.xml @@ -52,12 +52,6 @@ org.wso2.carbon.identity.application.authentication.framework 5.2.2 - - - com.google.guava - guava - 24.1.1-jre - @@ -99,7 +93,6 @@ javax.servlet, javax.servlet.http, - com.google.common.cache.*;version="[19.0,24.1.1-jre)", *;resolution:=optional diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSBasicAuthenticator.java b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSBasicAuthenticator.java index 20521f7..96d2d34 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSBasicAuthenticator.java +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSBasicAuthenticator.java @@ -368,13 +368,15 @@ private boolean isNewSessionAllowed(HttpServletRequest request, HttpServletRespo final int maximumSessionCount = ConfigLoader.getInstance().getMbssAuthenticatorConfig().getFeatureConfig() .getMaximumSessionLimit(); + final long sessionTimeout = ConfigLoader.getInstance().getMbssAuthenticatorConfig().getFeatureConfig() + .getSessionTimeout(); String username = request.getParameter(MBSSAuthenticatorConstants.USER_NAME); String serviceProviderName = context.getServiceProviderName(); boolean allowed = false; try { int cachedActiveSessions = MBSSAuthenticatorDbUtil.getActiveSessionCount(username + ":" - + serviceProviderName); + + serviceProviderName, sessionTimeout); if (cachedActiveSessions < maximumSessionCount) { allowed = true; } else { diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/model/MBSSAuthenticatorConfig.java b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/model/MBSSAuthenticatorConfig.java index 4f486c3..8733102 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/model/MBSSAuthenticatorConfig.java +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/model/MBSSAuthenticatorConfig.java @@ -79,6 +79,7 @@ public static class FeatureConfig { private boolean loginTimeRestrictionEnabled; private boolean periodicPasswordChangeEnabled; private int maximumSessionLimit; + private long sessionTimeout; @XmlElement(name = "accountSuspensionFeature") public boolean isAccountSuspensionEnabled() { @@ -124,6 +125,15 @@ public int getMaximumSessionLimit() { public void setMaximumSessionLimit(int maximumSessionLimit) { this.maximumSessionLimit = maximumSessionLimit; } + + @XmlElement(name = "sessionTimeout") + public long getSessionTimeout() { + return sessionTimeout; + } + + public void setSessionTimeout(long sessionTimeout) { + this.sessionTimeout = sessionTimeout; + } } public static class ErrorMessagesConfig { diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/MBSSAuthenticatorDbUtil.java b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/MBSSAuthenticatorDbUtil.java index 154b0c2..ed17d54 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/MBSSAuthenticatorDbUtil.java +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/MBSSAuthenticatorDbUtil.java @@ -52,18 +52,22 @@ private static void closeResources (Connection con, PreparedStatement prep, Resu } } - public static int getActiveSessionCount(String key) throws SQLException { + public static int getActiveSessionCount(String key, long sessionTimeout) throws SQLException { String keys[] = key.split(":"); String username = keys[0]; String serviceProviderName = keys[1]; + long currentTime = System.currentTimeMillis(); + String sql = "SELECT COUNT(SESSION_ID) FROM IDN_AUTH_SESSION_INFO WHERE USERNAME = ? AND " + "SERVICE_PROVIDER = ? AND " + - "floor(TERMINATION_TIME/1000) > unix_timestamp()"; + "(START_TIME + ?) > ?"; Connection con = getIdentityDbConnection(); PreparedStatement prep = con.prepareStatement(sql); prep.setString(1, username); prep.setString(2, serviceProviderName); + prep.setLong(3, sessionTimeout * 1000); //converting session timeout to milliseconds + prep.setLong(4, currentTime); ResultSet res = prep.executeQuery(); int activeSessionCount = -1; diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/SessionCache.java b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/SessionCache.java deleted file mode 100644 index a333fee..0000000 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/SessionCache.java +++ /dev/null @@ -1,30 +0,0 @@ -package com.wso2telco.mbss.authenticator.util; - -import com.google.common.cache.CacheBuilder; -import com.google.common.cache.CacheLoader; -import com.google.common.cache.LoadingCache; - -import java.util.concurrent.ExecutionException; -import java.util.concurrent.TimeUnit; - -public class SessionCache { - private static LoadingCache sessionCache = CacheBuilder.newBuilder() - .maximumSize(1000) - .expireAfterAccess(15, TimeUnit.MINUTES) - .build( - new CacheLoader() { - @Override - public Integer load(String key) throws Exception { - return MBSSAuthenticatorDbUtil.getActiveSessionCount(key); - } - } - ); - - public static Integer getActiveSessionCount(String username, String serviceProviderName) throws ExecutionException { - return sessionCache.get(username + ":" + serviceProviderName); - } - - public static void updateActiveSessionCount(String username, String serviceProviderName) throws ExecutionException { - sessionCache.refresh(username + ":" + serviceProviderName); - } -} diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml index edf56ee..7ab321a 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml @@ -41,9 +41,10 @@ true true - false + true true 1 + 1800 From 47954c9fa8656c3f64bb9d74001a697e6f0d195c Mon Sep 17 00:00:00 2001 From: gayanch Date: Thu, 20 Sep 2018 13:07:26 +0530 Subject: [PATCH 2/9] fixed a configuration issue --- .../src/main/resources/mbss-authenticator-config.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml index 7ab321a..96ee33e 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml @@ -24,7 +24,7 @@ User account is suspended for inactivity. Please contact administrator. - Login failed because there are other active sessions. End other sessions before trying agaiin. + Login failed because there are other active sessions. End other sessions before trying again. Unauthorized use of Celcoms applications is prohibited. User account is locked. Please contact administrator. Login failed due to login time restrictions. Contact administrator for more details. From 364ab0d6c929b444d714b71268426314ac0d5bd7 Mon Sep 17 00:00:00 2001 From: gayanch Date: Thu, 20 Sep 2018 14:43:51 +0530 Subject: [PATCH 3/9] session data publisher changes --- .../AbstractAuthenticationDataPublisher.java | 18 ------------------ .../session/AuthPublisherConstants.java | 18 ------------------ .../session/AuthnDataPublisherProxy.java | 18 ------------------ .../session/AuthnDataPublisherUtils.java | 18 ------------------ .../session/impl/DbLoginDataPublisherImpl.java | 18 ------------------ .../impl/DbSessionDataPublisherImpl.java | 18 ------------------ .../AuthenticationDataPublisherDataHolder.java | 18 ------------------ ...nticationDataPublisherServiceComponent.java | 18 ------------------ 8 files changed, 144 deletions(-) diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AbstractAuthenticationDataPublisher.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AbstractAuthenticationDataPublisher.java index 90719b0..10347ba 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AbstractAuthenticationDataPublisher.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AbstractAuthenticationDataPublisher.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session; import org.apache.commons.lang.StringUtils; diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthPublisherConstants.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthPublisherConstants.java index bbd2be2..7fe525a 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthPublisherConstants.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthPublisherConstants.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session; public class AuthPublisherConstants { diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherProxy.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherProxy.java index ab4f112..91ed012 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherProxy.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherProxy.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session; import org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher; diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherUtils.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherUtils.java index 1953ee9..5a46307 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherUtils.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/AuthnDataPublisherUtils.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session; import org.apache.axiom.om.util.Base64; diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbLoginDataPublisherImpl.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbLoginDataPublisherImpl.java index 4554c8f..c8e2884 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbLoginDataPublisherImpl.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbLoginDataPublisherImpl.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session.impl; import org.apache.commons.lang.StringUtils; diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbSessionDataPublisherImpl.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbSessionDataPublisherImpl.java index 8364ad8..b0498c1 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbSessionDataPublisherImpl.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/impl/DbSessionDataPublisherImpl.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session.impl; import org.apache.commons.logging.Log; diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherDataHolder.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherDataHolder.java index 76b883e..aa3b037 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherDataHolder.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherDataHolder.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session.internal; import org.wso2.carbon.event.stream.core.EventStreamService; diff --git a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherServiceComponent.java b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherServiceComponent.java index 55773ed..eb926d0 100644 --- a/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherServiceComponent.java +++ b/mbss-athenticator/components/org.wso2.carbon.identity.data.publisher.session/src/main/java/org/wso2/carbon/identity/data/publisher/session/internal/AuthenticationDataPublisherServiceComponent.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.identity.data.publisher.session.internal; import org.osgi.framework.BundleContext; From bff386dc79c146fa73adcf241886e96adf179fec Mon Sep 17 00:00:00 2001 From: gayanch Date: Thu, 20 Sep 2018 15:48:26 +0530 Subject: [PATCH 4/9] fixed https://jira.wso2telco.com/jira/browse/QA-15 --- .../mbss/authenticator/util/TimeZoneUtils.java | 15 ++++++++++++++- .../main/resources/mbss-authenticator-config.xml | 4 ++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java index e1f2975..ea5a3a2 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java @@ -26,7 +26,20 @@ public static TimeOffset decodeOffsetString(String offset) { int minutes = 0; if (hoursAndMinutes.length == 2 && isNumeric(hoursAndMinutes[1])) { - minutes = hours < 0 ? Integer.parseInt(hoursAndMinutes[1]) * -1 : Integer.parseInt(hoursAndMinutes[1]); + char sign = offset.charAt(0); + switch (sign) { + case '+': + minutes = Integer.parseInt(hoursAndMinutes[1]); + break; + + case '-': + minutes = Integer.parseInt(hoursAndMinutes[1]) * -1; + break; + + default: + minutes = Integer.parseInt(hoursAndMinutes[1]); + break; + } } timeOffset.setHours(hours); diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml index 96ee33e..dd89414 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/resources/mbss-authenticator-config.xml @@ -4,8 +4,8 @@ engineerRole - 0800 - 1600 + 0300 + 0430 From 95225ab86660c9841e433e79521b3c6bfc8b63ec Mon Sep 17 00:00:00 2001 From: gayanch Date: Thu, 20 Sep 2018 16:39:06 +0530 Subject: [PATCH 5/9] code cleanups --- .../com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java index ea5a3a2..731843c 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/util/TimeZoneUtils.java @@ -28,14 +28,11 @@ public static TimeOffset decodeOffsetString(String offset) { if (hoursAndMinutes.length == 2 && isNumeric(hoursAndMinutes[1])) { char sign = offset.charAt(0); switch (sign) { - case '+': - minutes = Integer.parseInt(hoursAndMinutes[1]); - break; - case '-': minutes = Integer.parseInt(hoursAndMinutes[1]) * -1; break; + case '+': default: minutes = Integer.parseInt(hoursAndMinutes[1]); break; From 83ab0f1bf8211e19a558ff99e94a003641764c74 Mon Sep 17 00:00:00 2001 From: gayanch Date: Thu, 20 Sep 2018 17:15:48 +0530 Subject: [PATCH 6/9] added readme file --- mbss-athenticator/README.MD | 94 +++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 mbss-athenticator/README.MD diff --git a/mbss-athenticator/README.MD b/mbss-athenticator/README.MD new file mode 100644 index 0000000..e44dea8 --- /dev/null +++ b/mbss-athenticator/README.MD @@ -0,0 +1,94 @@ +DESCRIPTION +------------ +MBSS basic authenticator has following functionalities, + * Session limiting feature + * Configurable Login time restrictions (Work time authenticator) + * Periodic password change feature + * Detects suspended/locked accounts and prevents those accounts from authorizing. + +Please perform below modifications to the current deployment to reflect the changes. + +PRE-REQUISITES +-------------- + +System Requirements + +a) Java SE Development Kit 1.8 +b) wso2telcoids-2.2.0 + + +DEPENDANT PATCHES +------------------------- +This patch depends on following patches + * patch_mig00087 + * patch_mig00088 + * patch_dep00096 + + +INSTALLATION INSTRUCTIONS +------------------------- +1) Copy following artifacts from resources/ directory into /repository/components/dropins (replace existing ones if needed) + * com.wso2telco.mbss.authenticator-1.0.0.jar + * org.wso2.carbon.identity.data.publisher.session-1.0.0.jar + * password_history/password-history-manager-1.0.0.jar + +2) Copy following configuration files (replace existing ones if needed), + * resources/mbss-authenticator-config.xml into /repository/conf directory + * resources/password_history/password-history-identity-mgt.properties into /repository/conf/identity + +3) Copy resources/pwd-reset.jsp into /repository/deployment/server/webapps/authenticationendpoint/ directory. + +4) Copy 'patch00093' directory into /repository/components/patches directory. + +5) To create required database tables, execute following scripts on WSO2IDENTITY_DB + * resources/db_setup.mysql.sql + * resources/password_history/mysql.sql + + +Configuration +------------------------------------------------------- + +1) Open identity.xml file located at /repository/conf/identity directory and find the section and insert the following snippet at the end of the section if not already present, + + + +2) Various configurations options of MBSS Authenticator is defined in /repository/conf/mbss-authenticator-config.xml file. Change those configurations as needed. + +2) Configuration options of Password history manager is defined in /repository/conf/identity/password-history-identity-mgt.properties file. Modify as needed. + +3) Create following claims in IS using management console, Skip if already exists and leave the other fields in deafult state. + + i) Dialect: http://wso2.org/claims + Display Name: UTC Offset + Description: UTC Offset + Claim Uri: http://wso2.org/claims/identity/utcOffset + Mapped Attribute (s): utcOffset + Supported by Default: true + + ii) Dialect: http://wso2.org/claims + Display Name: Day light saving time offset + Description: Day light saving time offset + Claim Uri: http://wso2.org/claims/identity/dstOffset + Mapped Attribute (s): dstOffset + Supported by Default: true + + iii) Dialect: http://wso2.org/claims + Display Name: Intitial Password Changed + Description: Intitial Password Changed + Claim Uri: http://wso2.org/claims/identity/initialPasswordChanged + Mapped Attribute (s): initialPasswordChanged + Supported by Default: false + +3) Create the roles defined in mbss-authenticator-config.xml (inside workingTime sections) on IS using management console or remove unecessary definitions from configuration file. + +4) Assign newly created roles to users as needed. + +5) Restart IS + +6) Now there will be an authenticator named 'MBSSBasicAuthenticator' in Authenticator configuration section of service providers. Assign MBSSBasicAuthenticator to a service provider. (NOTE: Make sure that the MBSSBasicAuthenticator is the only authenticator assigned to a particular SP) + + From 5121227b6b32cb94d300328de5a340234a518b97 Mon Sep 17 00:00:00 2001 From: gayanch Date: Thu, 20 Sep 2018 17:17:08 +0530 Subject: [PATCH 7/9] added readme file --- mbss-athenticator/{README.MD => README.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename mbss-athenticator/{README.MD => README.txt} (100%) diff --git a/mbss-athenticator/README.MD b/mbss-athenticator/README.txt similarity index 100% rename from mbss-athenticator/README.MD rename to mbss-athenticator/README.txt From 6618844f20b8ea90a29853e092234e488541b2da Mon Sep 17 00:00:00 2001 From: gayanch Date: Fri, 21 Sep 2018 11:57:23 +0530 Subject: [PATCH 8/9] fixed: claim values are not visible in store side --- .../mbss/authenticator/MBSSAuthenticatorConstants.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSAuthenticatorConstants.java b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSAuthenticatorConstants.java index 6b6fee4..14ffbbf 100644 --- a/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSAuthenticatorConstants.java +++ b/mbss-athenticator/components/com.wso2telco.mbss.authenticator/src/main/java/com/wso2telco/mbss/authenticator/MBSSAuthenticatorConstants.java @@ -18,8 +18,8 @@ public abstract class MBSSAuthenticatorConstants { public static final String ACCOUNT_SUSPENDED_CLAIM = "http://wso2.org/claims/identity/accountSuspended"; public static final String LAST_PASSWORD_CHANGE_CLAIM = "http://wso2.org/claims/identity/lastPasswordUpdateTime"; - public static final String UTC_OFFSET_CLAIM = "http://wso2.org/claims/identity/utcOffset"; - public static final String DST_OFFSET_CLAIM = "http://wso2.org/claims/identity/dstOffset"; + public static final String UTC_OFFSET_CLAIM = "http://wso2.org/claims/utcOffset"; + public static final String DST_OFFSET_CLAIM = "http://wso2.org/claims/dstOffset"; public static final String INITIAL_PASSWORD_CHANGED_CLAIM = "http://wso2.org/claims/identity/initialPasswordChanged"; public static final String FAILED_REASON = "authorizationFailedReason"; From 6068b68aa95122550070c129513d839739185d3f Mon Sep 17 00:00:00 2001 From: gayanch Date: Fri, 21 Sep 2018 12:02:08 +0530 Subject: [PATCH 9/9] readme updated --- mbss-athenticator/README.txt | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/mbss-athenticator/README.txt b/mbss-athenticator/README.txt index e44dea8..67300ad 100644 --- a/mbss-athenticator/README.txt +++ b/mbss-athenticator/README.txt @@ -1,3 +1,9 @@ +================================================================ +Patch ID : patch_mig00093 +Public Jira : https://jira.wso2telco.com/jira/browse/INTGW-233 +Description : MBSS Basic Authenticator for MIG 2.2.0 +================================================================ + DESCRIPTION ------------ MBSS basic authenticator has following functionalities, @@ -65,14 +71,14 @@ Configuration i) Dialect: http://wso2.org/claims Display Name: UTC Offset Description: UTC Offset - Claim Uri: http://wso2.org/claims/identity/utcOffset + Claim Uri: http://wso2.org/claims/utcOffset Mapped Attribute (s): utcOffset Supported by Default: true ii) Dialect: http://wso2.org/claims Display Name: Day light saving time offset Description: Day light saving time offset - Claim Uri: http://wso2.org/claims/identity/dstOffset + Claim Uri: http://wso2.org/claims/dstOffset Mapped Attribute (s): dstOffset Supported by Default: true