Expandir minha barra de realizações na Comunidade.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events
Learn More
SOLUCIONADO

Cannot disable users with disable(String reason) method

Avatar

Level 4
Level 4
21/12/2022 12:28:37 AM

Dear community,

I'd like to block users from login with user.disable("reason") method in my Servlet under certain condition.

I could read/write user properties, but the disable part doesn't work and I could still login with this user.

YuSheng_0-1671616176061.png

(code snippet attached below)

 

Did I miss something important to make it work?

Thanks a lot! 

 

UserManager userManager = ((JackrabbitSession) session).getUserManager();
Authorizable userAuth = userManager.getAuthorizable(userId);
User user = (User) userManager.getAuthorizable(userId);

if (userAuth != null) {

	int totalCount = 1;
	SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
	Value[] userPropertyValueArray = userAuth.getProperty("profile/loginAttemptCount");

	if (userPropertyValueArray != null) {
		int userFailureLoginCount = Integer.parseInt(userPropertyValueArray[0].toString());

		if (userFailureLoginCount == 5) {						
			Date nowTime = new Date();						
			long time = 15 * 60 * 1000;
			Date lockUntil = new Date(nowTime.getTime() + time);
			userAuth.setProperty("profile/lockUntil",
					session.getValueFactory().createValue(sdf.format(lockUntil)));
			user.disable("Reach failure login limit");
			return;
			
		} else {
			totalCount = userFailureLoginCount + 1;
			userAuth.setProperty("profile/loginAttemptCount", session.getValueFactory().createValue(totalCount));
		}
	}
	
	userAuth.setProperty("profile/loginAttemptTimestamp",
			session.getValueFactory().createValue(sdf.format(new Date())));
}

session.save();
session.logout();

 

Tópicos

Os tópicos ajudam a categorizar o conteúdo da comunidade e aumentam sua capacidade de descobrir conteúdo relevante.

Security

Visualizações

707

respostas

4
Faça logon para curtir esse conteúdo

Total de curtidas

Traduzir
Traduzir
1 Solução aceita

Avatar

Resposta correta de
Community Advisor
Community Advisor
21/12/2022 2:54:50 AM

Hi @YuSheng,

I did a quick check of disabled method usage and it worked fine on my end. In general it sets rep:disabled property with string value I have passed as an argument. This is a sample code.

 

 

UserManager userManager = ((JackrabbitSession) session).getUserManager();
User user = (User) userManager.getAuthorizable("test");
user.disable("Reach failure login limit");
session.save();

 

 

I see one problem in your implementation, in below part of your code

 

 

		if (userFailureLoginCount == 5) {						
			Date nowTime = new Date();						
			long time = 15 * 60 * 1000;
			Date lockUntil = new Date(nowTime.getTime() + time);
			userAuth.setProperty("profile/lockUntil",
					session.getValueFactory().createValue(sdf.format(lockUntil)));
			user.disable("Reach failure login limit");
			return;
			
		}

 

 

You are using return statement before you saved your changes, this is why user account is not disabled.

Please remove return statement from the body of above if condition block, or add session.save before return. In other words currently you are not saving changes you did.

Your code could look like below

 

 

if (userFailureLoginCount == 5) {						
  Date nowTime = new Date();						
  long time = 15 * 60 * 1000;
  Date lockUntil = new Date(nowTime.getTime() + time);
  userAuth.setProperty("profile/lockUntil",			session.getValueFactory().createValue(sdf.format(lockUntil)));
  user.disable("Reach failure login limit");
  session.save();
  return;
}

 

 

or like that

 

 

if (userFailureLoginCount == 5) {						
  Date nowTime = new Date();						
  long time = 15 * 60 * 1000;
  Date lockUntil = new Date(nowTime.getTime() + time);
  userAuth.setProperty("profile/lockUntil",			session.getValueFactory().createValue(sdf.format(lockUntil)));
  user.disable("Reach failure login limit");
}

 

 

Ver solução na publicação original

Visualizações

677

respostas

1
Faça logon para curtir esse conteúdo

Total de curtidas

Traduzir
Traduzir
Ir para a resposta
4 Respostas

Avatar

Community Advisor
Community Advisor
21/12/2022 1:01:25 AM

Could you please check below thread if this helps

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-disable-user-login/... 



Arun Patidar

Visualizações

698

respostas

1
Faça logon para curtir esse conteúdo

Total de curtidas

Traduzir
Traduzir

Avatar

Level 4
Level 4
21/12/2022 1:37:31 AM
Em resposta a arunpatidar

Hi @arunpatidar, thank you for the reply.

I've seen this post and it doesn't help in my case.

Simply wanna know how to make this method work since it's the most straitforward approach to prevent user from login.

YuSheng_1-1671615382468.png

Visualizações

689

respostas

0
Faça logon para curtir esse conteúdo

Total de curtidas

Traduzir
Traduzir

Avatar

Resposta correta de
Community Advisor
Community Advisor
21/12/2022 2:54:50 AM

Hi @YuSheng,

I did a quick check of disabled method usage and it worked fine on my end. In general it sets rep:disabled property with string value I have passed as an argument. This is a sample code.

 

 

UserManager userManager = ((JackrabbitSession) session).getUserManager();
User user = (User) userManager.getAuthorizable("test");
user.disable("Reach failure login limit");
session.save();

 

 

I see one problem in your implementation, in below part of your code

 

 

		if (userFailureLoginCount == 5) {						
			Date nowTime = new Date();						
			long time = 15 * 60 * 1000;
			Date lockUntil = new Date(nowTime.getTime() + time);
			userAuth.setProperty("profile/lockUntil",
					session.getValueFactory().createValue(sdf.format(lockUntil)));
			user.disable("Reach failure login limit");
			return;
			
		}

 

 

You are using return statement before you saved your changes, this is why user account is not disabled.

Please remove return statement from the body of above if condition block, or add session.save before return. In other words currently you are not saving changes you did.

Your code could look like below

 

 

if (userFailureLoginCount == 5) {						
  Date nowTime = new Date();						
  long time = 15 * 60 * 1000;
  Date lockUntil = new Date(nowTime.getTime() + time);
  userAuth.setProperty("profile/lockUntil",			session.getValueFactory().createValue(sdf.format(lockUntil)));
  user.disable("Reach failure login limit");
  session.save();
  return;
}

 

 

or like that

 

 

if (userFailureLoginCount == 5) {						
  Date nowTime = new Date();						
  long time = 15 * 60 * 1000;
  Date lockUntil = new Date(nowTime.getTime() + time);
  userAuth.setProperty("profile/lockUntil",			session.getValueFactory().createValue(sdf.format(lockUntil)));
  user.disable("Reach failure login limit");
}

 

 

Visualizações

678

respostas

1
Faça logon para curtir esse conteúdo

Total de curtidas

Traduzir
Traduzir
Ir para a resposta

Avatar

Level 4
Level 4
21/12/2022 8:07:19 AM
Em resposta a lukasz-m

@lukasz-m Thanks for the reply, I check the exception when the the disable was executed and got 

"javax.jcr.AccessDeniedException: OakAccess0000: Access denied"

I think the problem is the system user I created doesn't have enough permission to execute disable.

Visualizações

660

respostas

0
Faça logon para curtir esse conteúdo

Total de curtidas

Traduzir
Traduzir
Conversas relacionadas
Installed AEM version 6.5 with SP18, Workbench won't run. Solved

Visualizações

124

Curtida

0

respostas

4
Steps to work with AEM Server Side Rendering with Remote SPA Solved

Visualizações

124

Curtida

0

respostas

2
AEM Cloud: Headless query to graphQL with date filter (not less that current day)

Visualizações

36

Curtida

1

respostas

0
Parsys is not displaying in initial content of the editable template using RemoteSPA with react with Wknd SPA initial setup

Visualizações

40

Curtida

0

respostas

2
Need help regaring AEM with Remote SPA using Next JS

Visualizações

48

Curtida

0

respostas

1