Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

: UserPolicy can be set for each userType.

...

Info

loginFailCount

: This is a property type in the user schema

When a user fails to log in, the number increases

If not, create a property type (valueType : INT)

...

Info

lastPasswordChangeDate

: This is a property type in the user schema

When the user changes the password, the date is updated.

If not, create a property type (valueType : DATE)

...

Info

lastConnectionTime

: This is a property type in the user schema

When the user login, the date is updated.

If not, create a property type (valueType : DATE)

...

Code Block
(설명) admin 사용자에 대하여 
- 중복로그인을 허용하지 않고
- 비밀번호 실패 횟수 5회 설정
- 비밀번호 변경 주기 3개월
- 미접속가능기간 1년
- 비밀번호 실패횟수 또는 미접속 가능 기간이 도래한 경우 사용자 계정 잠금 처리

{{protocol}}://{{hostname}}:{{port}}/node/userPolicy/1871395741

{
    "result": "200",
    "resultMessage": "SUCCESS",
    "item": {
        "id": "1871395741",
        "label": "admin",
        "userType": {
            "value": "admin",
            "label": "Admin"
        },
        "site": null,
        "allowedLoginDuplication": false,
        "allowedLoginFailCount": 5,
        "passwordChangeCycle": {
            "value": "P3M",
            "label": "3개월"
        },
        "passwordChangeExtendPeriod": null,
        "unconnectablePeriod": {
            "value": "P1Y",
            "label": "1년"
        },
        "enableUserLock": [
            {
                "value": "allowedLoginFailCount",
                "label": "허용 된 로그인 실패 횟수"
            },
            {
                "value": "unconnectablePeriod",
                "label": "미접속 가능 기간"
            }
        ]
    }
}

SessionProcess

SessionProcess can define signIn, signUp, withdraw, and initPassword for each user type.

You can customize the SessionProcess for each project.

  • Create a class that inherits the SessionProcess interface.

    • Path : net/ion/ice/core/session/process/SessionProcess.java

    • Naming convention : sessionProcessProjectId

      Image Added
  • If you don't create a project's SessionProcess, the default is used.

    • SessionProcessDefault.java

SessionService.java

Code Block
languagejava
@PostConstruct
public void init() {
    this.project = configuration.getProject();
    sessionCloser = new SessionCloser(sessionTimeoutConfiguration,
            clusterService,
            this);
    sessionCloser.setDaemon(true);
    sessionCloser.start();
    try {
        sessionProcess = (SessionProcess) ApplicationContextManager.getBean("sessionProcess" + WordUtils.capitalize(project));
    } catch (NoSuchBeanDefinitionException e) {
        logger.error(e.getMessage());
        sessionProcess = (SessionProcess) ApplicationContextManager.getBean("sessionProcessDefault");
    }
}

SessionProcessDefault.java

Code Block
languagejava
public class SessionProcessDefault implements SessionProcess {
    static Logger logger = LoggerFactory.getLogger(SessionProcess.class);

    protected final SessionService sessionService;

    public SessionProcessDefault(SessionService sessionService) {
        this.sessionService = sessionService;
    }

    @Override
    public Map<String, Object> signInAdmin(String id, String password, Map<String, Object> session, HttpServletRequest request) {
        Map<String, Object> result = new HashMap<>(session);

        UserAccount account = new UserAccount(id, getAdmin(id));
        account.validate(request, session, "adm", "admin", id, password);

        session.putAll(SessionUtils.getSessionService().initAdminSession(id, account.getUser()));

        result.put("user", account.getUser());
        result.put("result", "200");
        result.put("resultMessage", "SUCCESS");
        return result;
    }
    
    ...
    
}

UserAccount.java

Code Block
languagejava
public UserAccount(String id, Node user) {
    if (StringUtils.isEmpty(id) || user == null) {
        throw new ApiException(ApiResCode.NotFoundUser);
    }
    this.user = user;
    this.userPolicy = new UserPolicy(user);
}

UserPolicy.java

Code Block
languagejava
public UserPolicy(Node node) {
    this.user = node;
    if (StringUtils.equals(node.getTypeId(), "customer")) {
        List<Node> list = NodeUtils.getNodeList(USERPOLICY, "userType_matching=customer&site_matching=" + node.getStringValue("site"));
        if (list.size() == 0) {
            this.userPolicy = null;
        } else {
            this.userPolicy = list.get(0);
        }
    } else {
        this.userPolicy = ((List<Node>) NodeQuery.build(USERPOLICY).matching("userType", node.getTypeId()).getList()).stream().findFirst().orElse(null);
    }
}

[BO] Platform Console > Account/Authority > User Policy Setting

...