Index: /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/action/LoginActionBean.java =================================================================== --- /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/action/LoginActionBean.java (revision 729717) +++ /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/action/LoginActionBean.java (working copy) @@ -1,3 +1,23 @@ +/* + JSPWiki - a JSP-based WikiWiki clone. + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. + */ package com.ecyrd.jspwiki.action; import java.security.Principal; @@ -17,6 +37,7 @@ import com.ecyrd.jspwiki.WikiContext; import com.ecyrd.jspwiki.WikiEngine; import com.ecyrd.jspwiki.WikiSession; +import com.ecyrd.jspwiki.auth.AuthenticationManager; import com.ecyrd.jspwiki.auth.NoSuchPrincipalException; import com.ecyrd.jspwiki.auth.WikiSecurityException; import com.ecyrd.jspwiki.auth.login.CookieAssertionLoginModule; @@ -129,7 +150,15 @@ if( !getContext().getEngine().getAuthenticationManager().login( wikiSession, m_username, m_password ) ) { log.info( "Failed to authenticate user " + m_username ); - errors.addGlobalError( new SimpleError( rb.getString( "login.error.password" ) ) ); + String loginMessage = AuthenticationManager.getLoginMessageForUser( m_username ); + if( loginMessage == null ) + { + errors.addGlobalError( new SimpleError( rb.getString( "login.error.password" ) ) ); + } + else + { + errors.addGlobalError( new SimpleError( loginMessage ) ); + } } } catch( WikiSecurityException e ) Index: /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java =================================================================== --- /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java (revision 729421) +++ /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java (working copy) @@ -25,7 +25,6 @@ import java.net.URL; import java.security.Principal; import java.util.*; - import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.LoginException; @@ -155,6 +154,10 @@ private TimedCounterList m_lastLoginAttempts = new TimedCounterList(); + /** Keep a list of last login messages for each logged in user */ + + private static Hashtable c_loginMessages = new Hashtable(); + /** * Creates an AuthenticationManager instance for the given WikiEngine and * the specified set of properties. All initialization for the modules is @@ -713,4 +716,28 @@ } } + /** + * Get the last issued login Message. This message could have been set by + * the configured LoginModule + * + * @param userName the user for which the message is needed + * @return last issued login message for this user + */ + public static String getLoginMessageForUser( String userName ) + { + return c_loginMessages.get( userName ); + } + + /** + * Set the last issued login Message. This message is normally set by the + * configured LoginModule + * + * @param userName the user for which the message is to be set + * @param loginMessage login message to save for this user, for example + * "Userid not found" or "Password not matched" + */ + public static void setLoginMessageForUser( String userName, String loginMessage ) + { + c_loginMessages.put( userName, loginMessage ); + } } Index: /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/auth/login/WikiCallbackHandler.java =================================================================== --- /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/auth/login/WikiCallbackHandler.java (revision 729421) +++ /home/metskem/workspace/JSPWiki/src/com/ecyrd/jspwiki/auth/login/WikiCallbackHandler.java (working copy) @@ -22,13 +22,12 @@ import java.io.IOException; -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.callback.*; +import com.ecyrd.jspwiki.auth.AuthenticationManager; import com.ecyrd.jspwiki.auth.user.UserDatabase; +import com.ecyrd.jspwiki.log.Logger; +import com.ecyrd.jspwiki.log.LoggerFactory; /** * Handles logins made from inside the wiki application, rather than via the web @@ -42,6 +41,8 @@ */ public class WikiCallbackHandler implements CallbackHandler { + private static final Logger log = LoggerFactory.getLogger(WikiCallbackHandler.class); + private final UserDatabase m_database; private final String m_password; @@ -84,6 +85,15 @@ { ( (PasswordCallback) callback ).setPassword( m_password.toCharArray() ); } + else if( callbacks[i] instanceof TextOutputCallback ) + { + TextOutputCallback textOutputCb = (TextOutputCallback) callbacks[i]; + String loginResult = textOutputCb.getMessage(); + log.warn( loginResult ); + + // save the result, Login.jsp can display this message to the user + AuthenticationManager.setLoginMessageForUser( m_username, loginResult ); + } else { throw new UnsupportedCallbackException( callback );