From 451c82c8154b4e2bd4fb4cee5bded7109a1e1942 Mon Sep 17 00:00:00 2001 From: Jean Raby Date: Fri, 1 Feb 2013 18:35:10 -0500 Subject: [PATCH] Don't use user/password cache from the login page The idea is to always use memcached for credentials to avoid hitting the authentication backend on every click but to check with the auth backend for every login requests. This should fix #2169 While there, fix whitespace (killtab) --- SoObjects/SOGo/SOGoUserManager.h | 16 +++++++++---- SoObjects/SOGo/SOGoUserManager.m | 33 ++++++++++++++++++++------- SoObjects/SOGo/SOGoWebAuthenticator.h | 16 +++++++++---- SoObjects/SOGo/SOGoWebAuthenticator.m | 28 +++++++++++++++++++---- 4 files changed, 72 insertions(+), 21 deletions(-) diff --git a/SoObjects/SOGo/SOGoUserManager.h b/SoObjects/SOGo/SOGoUserManager.h index 23ef643df..6564e10b2 100644 --- a/SoObjects/SOGo/SOGoUserManager.h +++ b/SoObjects/SOGo/SOGoUserManager.h @@ -82,11 +82,19 @@ - (NSString *) getLoginForDN: (NSString *) theDN; - (BOOL) checkLogin: (NSString *) _login - password: (NSString *) _pwd + password: (NSString *) _pwd domain: (NSString **) _domain - perr: (SOGoPasswordPolicyError *) _perr - expire: (int *) _expire - grace: (int *) _grace; + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace; + +- (BOOL) checkLogin: (NSString *) _login + password: (NSString *) _pwd + domain: (NSString **) _domain + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace + useCache: (BOOL) _useCache; - (BOOL) changePasswordForLogin: (NSString *) login inDomain: (NSString *) domain diff --git a/SoObjects/SOGo/SOGoUserManager.m b/SoObjects/SOGo/SOGoUserManager.m index 28fec2a21..d6a0f9a5b 100644 --- a/SoObjects/SOGo/SOGoUserManager.m +++ b/SoObjects/SOGo/SOGoUserManager.m @@ -448,11 +448,28 @@ static Class NSNullK; } - (BOOL) checkLogin: (NSString *) _login - password: (NSString *) _pwd + password: (NSString *) _pwd domain: (NSString **) _domain - perr: (SOGoPasswordPolicyError *) _perr - expire: (int *) _expire - grace: (int *) _grace + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace +{ + return [self checkLogin: _login + password: _pwd + domain: _domain + perr: _perr + expire: _expire + grace: _grace + useCache: YES]; +} + +- (BOOL) checkLogin: (NSString *) _login + password: (NSString *) _pwd + domain: (NSString **) _domain + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace + useCache: (BOOL) useCache { NSString *dictPassword, *username, *jsonUser; NSMutableDictionary *currentUser; @@ -468,7 +485,7 @@ static Class NSNullK; jsonUser = [[SOGoCache sharedCache] userAttributesForLogin: username]; currentUser = [jsonUser objectFromJSONString]; dictPassword = [currentUser objectForKey: @"password"]; - if (currentUser && dictPassword) + if (useCache && currentUser && dictPassword) { checkOK = ([dictPassword isEqualToString: [_pwd asSHA1String]]); //NSLog(@"Password cache hit for user %@", _login); @@ -482,9 +499,9 @@ static Class NSNullK; { checkOK = YES; if (!currentUser) - { - currentUser = [NSMutableDictionary dictionary]; - } + { + currentUser = [NSMutableDictionary dictionary]; + } // It's important to cache the password here as we might have cached the // user's entry in -contactInfosForUserWithUIDorEmail: and if we don't diff --git a/SoObjects/SOGo/SOGoWebAuthenticator.h b/SoObjects/SOGo/SOGoWebAuthenticator.h index 5a3533c70..a2d9eeb5b 100644 --- a/SoObjects/SOGo/SOGoWebAuthenticator.h +++ b/SoObjects/SOGo/SOGoWebAuthenticator.h @@ -42,11 +42,19 @@ + (id) sharedSOGoWebAuthenticator; - (BOOL) checkLogin: (NSString *) _login - password: (NSString *) _pwd + password: (NSString *) _pwd domain: (NSString **) _domain - perr: (SOGoPasswordPolicyError *) _perr - expire: (int *) _expire - grace: (int *) _grace; + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace; + +- (BOOL) checkLogin: (NSString *) _login + password: (NSString *) _pwd + domain: (NSString **) _domain + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace + useCache: (BOOL) useCache; - (WOCookie *) cookieWithUsername: (NSString *) username andPassword: (NSString *) password diff --git a/SoObjects/SOGo/SOGoWebAuthenticator.m b/SoObjects/SOGo/SOGoWebAuthenticator.m index cfe2482f0..008c9517e 100644 --- a/SoObjects/SOGo/SOGoWebAuthenticator.m +++ b/SoObjects/SOGo/SOGoWebAuthenticator.m @@ -104,11 +104,28 @@ } - (BOOL) checkLogin: (NSString *) _login - password: (NSString *) _pwd + password: (NSString *) _pwd domain: (NSString **) _domain - perr: (SOGoPasswordPolicyError *) _perr - expire: (int *) _expire - grace: (int *) _grace + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace +{ + return [self checkLogin: _login + password: _pwd + domain: _domain + perr: _perr + expire: _expire + grace: _grace + useCache: YES]; +} + +- (BOOL) checkLogin: (NSString *) _login + password: (NSString *) _pwd + domain: (NSString **) _domain + perr: (SOGoPasswordPolicyError *) _perr + expire: (int *) _expire + grace: (int *) _grace + useCache: (BOOL) _useCache { SOGoCASSession *session; SOGoSystemDefaults *sd; @@ -144,7 +161,8 @@ domain: _domain perr: _perr expire: _expire - grace: _grace]; + grace: _grace + useCache: _useCache]; //[self logWithFormat: @"Checked login with ppolicy enabled: %d %d %d", *_perr, *_expire, *_grace];