org.acegisecurity.BadCredentialsException Java Examples
The following examples show how to use
org.acegisecurity.BadCredentialsException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: DebugDaoAuthenticationProvider.java From webcurator with Apache License 2.0 | 6 votes |
|
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails,
UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
Object salt = null;
System.out.println("User pwd: "+userDetails.getPassword());
System.out.println("Auth pwd raw: "+authentication.getCredentials().toString());
if (getSaltSource() != null) {
salt = getSaltSource().getSalt(userDetails);
}
System.out.println("Auth pwd: "+getPasswordEncoder().encodePassword(authentication.getCredentials().toString().trim(), salt));
System.out.println("Salt: "+salt);
System.out.println("Encoder: "+getPasswordEncoder());
if (!getPasswordEncoder().isPasswordValid(userDetails.getPassword(),
authentication.getCredentials().toString(), salt)) {
throw new BadCredentialsException(messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.badCredentials",
"Bad credentials"), userDetails);
}
}
Example #2
| Source File: GitLabSecurityRealm.java From gitlab-oauth-plugin with MIT License | 5 votes |
|
@Override
public SecurityComponents createSecurityComponents() {
return new SecurityComponents(new AuthenticationManager() {
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (authentication instanceof GitLabAuthenticationToken) {
return authentication;
}
if (authentication instanceof UsernamePasswordAuthenticationToken) {
try {
UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication;
GitLabAuthenticationToken gitlab = new GitLabAuthenticationToken(token.getCredentials().toString(), getGitlabApiUri(), TokenType.PRIVATE_TOKEN);
SecurityContextHolder.getContext().setAuthentication(gitlab);
return gitlab;
} catch (IOException e) {
throw new RuntimeException(e);
}
}
throw new BadCredentialsException("Unexpected authentication type: " + authentication);
}
}, new UserDetailsService() {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
return GitLabSecurityRealm.this.loadUserByUsername(username);
}
});
}
Example #3
| Source File: SubsonicLdapBindAuthenticator.java From subsonic with GNU General Public License v3.0 | 5 votes |
|
public LdapUserDetails authenticate(String username, String password) {
// LDAP authentication must be enabled on the system.
if (!settingsService.isLdapEnabled()) {
throw new BadCredentialsException("LDAP authentication disabled.");
}
// User must be defined in Subsonic, unless auto-shadowing is enabled.
User user = securityService.getUserByName(username);
if (user == null && !settingsService.isLdapAutoShadowing()) {
throw new BadCredentialsException("User does not exist.");
}
// LDAP authentication must be enabled for the given user.
if (user != null && !user.isLdapAuthenticated()) {
throw new BadCredentialsException("LDAP authentication disabled for user.");
}
try {
createDelegate();
LdapUserDetails details = delegateAuthenticator.authenticate(username, password);
if (details != null) {
LOG.info("User '" + username + "' successfully authenticated in LDAP. DN: " + details.getDn());
if (user == null) {
User newUser = new User(username, "", null, true, 0L, 0L, 0L);
newUser.setStreamRole(true);
newUser.setSettingsRole(true);
securityService.createUser(newUser);
LOG.info("Created local user '" + username + "' for DN " + details.getDn());
}
}
return details;
} catch (RuntimeException x) {
LOG.info("Failed to authenticate user '" + username + "' in LDAP.", x);
throw x;
}
}
Example #4
| Source File: Listener.java From blueocean-plugin with MIT License | 4 votes |
|
@Override
protected UserDetails authenticate(String username, String password) throws AuthenticationException {
if (username.equals(password))
return loadUserByUsername(username);
throw new BadCredentialsException(username);
}
Example #5
| Source File: JenkinsRule.java From jenkins-test-harness with MIT License | 4 votes |
|
@Override
protected UserDetails authenticate(String username, String password) throws AuthenticationException {
if (username.equals(password))
return loadUserByUsername(username);
throw new BadCredentialsException(username);
}
Example #6
| Source File: KualiCasAuthenticationProvider.java From rice with Educational Community License v2.0 | 4 votes |
|
/**
* This overridden method is copied from CAS verbatim. For some reason
* {@link authenticateNow} would not override and the super method
* would get called until did this method was also overridden.
*
* @see org.acegisecurity.providers.cas.CasAuthenticationProvider#authenticate(org.acegisecurity.Authentication)
*/
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
StatelessTicketCache statelessTicketCache = this.getStatelessTicketCache();
String key = this.getKey();
if (!supports(authentication.getClass())) {
return null;
}
if (authentication instanceof UsernamePasswordAuthenticationToken
&& (!CasProcessingFilter.CAS_STATEFUL_IDENTIFIER.equals(authentication.getPrincipal().toString())
&& !CasProcessingFilter.CAS_STATELESS_IDENTIFIER.equals(authentication.getPrincipal().toString()))) {
// UsernamePasswordAuthenticationToken not CAS related
return null;
}
// If an existing CasAuthenticationToken, just check we created it
if (authentication instanceof CasAuthenticationToken) {
if (key.hashCode() == ((CasAuthenticationToken) authentication).getKeyHash()) {
return authentication;
} else {
throw new BadCredentialsException(messages.getMessage("CasAuthenticationProvider.incorrectKey",
"The presented CasAuthenticationToken does not contain the expected key"));
}
}
// Ensure credentials are presented
if ((authentication.getCredentials() == null) || "".equals(authentication.getCredentials())) {
throw new BadCredentialsException(messages.getMessage("CasAuthenticationProvider.noServiceTicket",
"Failed to provide a CAS service ticket to validate"));
}
boolean stateless = false;
if (authentication instanceof UsernamePasswordAuthenticationToken
&& CasProcessingFilter.CAS_STATELESS_IDENTIFIER.equals(authentication.getPrincipal())) {
stateless = true;
}
CasAuthenticationToken result = null;
if (stateless) {
// Try to obtain from cache
result = statelessTicketCache.getByTicketId(authentication.getCredentials().toString());
}
if (result == null) {
result = this.authenticateNow(authentication);
result.setDetails(authentication.getDetails());
}
if (stateless) {
// Add to cache
statelessTicketCache.putTicketInCache(result);
}
return result;
}
Example #7
| Source File: KualiCasProxyTicketValidator.java From rice with Educational Community License v2.0 | 4 votes |
|
/**
* This overridden method gets the authentication source and
* Distributed Session Ticket from the response
*
* @see org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator#validateNow(edu.yale.its.tp.cas.client.ProxyTicketValidator)
*/
protected TicketResponse validateNow(ProxyTicketValidator pv)
throws AuthenticationServiceException, BadCredentialsException {
String sAuthenticationSource = null;
String sDST = null;
try {
pv.validate();
} catch (Exception internalProxyTicketValidatorProblem) {
throw new AuthenticationServiceException(internalProxyTicketValidatorProblem.getMessage());
}
if (!pv.isAuthenticationSuccesful()) {
throw new BadCredentialsException(pv.getErrorCode() + ": " + pv.getErrorMessage());
}
logger.debug("PROXY RESPONSE: " + pv.getResponse());
if (logger.isDebugEnabled()) {
logger.debug("DEBUG");
}
try {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = factory.newDocumentBuilder();
InputSource inStream = new InputSource();
inStream.setCharacterStream(new StringReader(pv.getResponse()));
Document doc = builder.parse(inStream);
Element head = doc.getDocumentElement();
NodeList attrs = head.getElementsByTagName("cas:attribute");
for (int i=0; i<attrs.getLength(); i++) {
logger.debug(("Field name:" + ((Element)attrs.item(i)).getAttribute("name")) + "=" + ((Element)attrs.item(i)).getAttribute("value"));
if ( ((Element)attrs.item(i)).getAttribute("name").equals("authenticationMethod") ) {
sAuthenticationSource = ((Element)attrs.item(i)).getAttribute("value");
} else if ( ((Element)attrs.item(i)).getAttribute("name").equals("DST") ) {
sDST = ((Element)attrs.item(i)).getAttribute("value");
}
}
if (sAuthenticationSource != null && sDST != null) {
String sPrincipal = pv.getUser() + "@" + sAuthenticationSource;
if (logger.isDebugEnabled()) {
logger.debug("Updating session: " + sDST + " " + sPrincipal);
}
// Touching here may be overkill since it should happen in the filter
distributedSession.touchSesn(sDST);
// distributedSession.addPrincipalToSesn(sDST, sPrincipal);
} else {
if (logger.isDebugEnabled()) {
logger.debug("Incomplete data from CAS:" + sAuthenticationSource + ":" + sDST);
}
}
} catch (Exception e) {
logger.error("Error parsing CAS Result", e);
}
logger.debug("Authentication Method:" + sAuthenticationSource);
return new KualiTicketResponse(pv.getUser(), pv.getProxyList(), pv.getPgtIou(), sDST);
}
