org.apache.shiro.authc.IncorrectCredentialsException Java Examples
The following examples show how to use
org.apache.shiro.authc.IncorrectCredentialsException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ApiServiceImpl.java From wangmarket with Apache License 2.0 | 6 votes |
|
public UserVO identityVerifyAndSession(String key) {
UserVO vo = identityVerify(key);
if(vo.getResult() - UserVO.FAILURE == 0){
return vo;
}
UsernamePasswordToken token = new UsernamePasswordToken(vo.getUser().getUsername(), vo.getUser().getUsername());
token.setRememberMe(false);
Subject currentUser = SecurityUtils.getSubject();
try {
currentUser.login(token);
} catch ( UnknownAccountException uae ) {
uae.printStackTrace();
} catch ( IncorrectCredentialsException ice ) {
ice.printStackTrace();
} catch ( LockedAccountException lae ) {
lae.printStackTrace();
} catch ( ExcessiveAttemptsException eae ) {
eae.printStackTrace();
} catch ( org.apache.shiro.authc.AuthenticationException ae ) {
ae.printStackTrace();
}
return vo;
}
Example #2
| Source File: LoginController.java From SpringBootBucket with MIT License | 6 votes |
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpServletRequest request, Map<String, Object> map) {
_logger.info("登录方法start.........");
// 登录失败从request中获取shiro处理的异常信息。shiroLoginFailure:就是shiro异常类的全类名.
Object exception = request.getAttribute("shiroLoginFailure");
String msg;
if (exception != null) {
if (UnknownAccountException.class.isInstance(exception)) {
msg = "用户名不正确,请重新输入";
} else if (IncorrectCredentialsException.class.isInstance(exception)) {
msg = "密码错误,请重新输入";
} else if (IncorrectCaptchaException.class.isInstance(exception)) {
msg = "验证码错误";
} else if (ForbiddenUserException.class.isInstance(exception)) {
msg = "该用户已被禁用,如有疑问请联系系统管理员。";
} else {
msg = "发生未知错误,请联系管理员。";
}
map.put("username", request.getParameter("username"));
map.put("password", request.getParameter("password"));
map.put("msg", msg);
return "login";
}
//如果已经登录,直接跳转主页面
return "index";
}
Example #3
| Source File: ShiroRealm.java From SpringAll with MIT License | 6 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
User user = userMapper.findByUserName(userName);
if (user == null) {
throw new UnknownAccountException("用户名或密码错误!");
}
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException("用户名或密码错误!");
}
if (user.getStatus().equals("0")) {
throw new LockedAccountException("账号已被锁定,请联系管理员!");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
Example #4
| Source File: ShiroServiceImpl.java From spring-boot-seed with MIT License | 6 votes |
|
/**
* 校验用户密码
*
* @param user 用户
* @param password 需要校验的密码
*/
private void validateUserPassword(User user, String password) {
if (user == null) {
// 用户不存在
throw new UnknownAccountException();
}
if (BooleanEnum.NO.getValue() == user.getStateCode()) {
// 账户不可用
throw new LockedAccountException();
}
String passwordDb = user.getPassword();
if (!passwordDb.equals(PasswordUtil.encrypt(password, user.getSalt()))) {
//密码不正确
throw new IncorrectCredentialsException();
}
}
Example #5
| Source File: FirstSuccessfulModularRealAuthenticatorTest.java From nexus-public with Eclipse Public License 1.0 | 6 votes |
|
@Test
public void testSingleRealmFailureIsStillSuccessful() {
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("username", "password");
Realm realmOne = mock(Realm.class);
Realm realmTwo = mock(Realm.class);
when(realmOne.supports(usernamePasswordToken)).thenReturn(true);
when(realmTwo.supports(usernamePasswordToken)).thenReturn(true);
when(realmOne.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());
when(realmTwo.getAuthenticationInfo(usernamePasswordToken)).thenReturn(new SimpleAccount());
firstSuccessfulModularRealmAuthenticator
.doMultiRealmAuthentication(Lists.newArrayList(realmOne, realmTwo), usernamePasswordToken);
}
Example #6
| Source File: ShiroRealm.java From SpringAll with MIT License | 6 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
User user = userMapper.findByUserName(userName);
if (user == null) {
throw new UnknownAccountException("用户名或密码错误!");
}
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException("用户名或密码错误!");
}
if (user.getStatus().equals("0")) {
throw new LockedAccountException("账号已被锁定,请联系管理员!");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
Example #7
| Source File: CaptchaFormAuthenticationFilter.java From MultimediaDesktop with Apache License 2.0 | 6 votes |
|
protected void setFailureAttribute(ServletRequest request,
AuthenticationException ae) {
String errorMessage = null;
if (ae instanceof IncorrectCredentialsException) {
errorMessage = "密码错误,输入错误超过当日限制,将锁定账户";
// 登录失败日志记录
logLoginStatus(request, LoginType.登录失败);
} else if (ae instanceof ValidateCodeException) {
errorMessage = "验证码错误";
} else if (ae instanceof UnValidationAccountException) {
errorMessage = "账号未被验证";
} else if (ae instanceof LockedAccountException) {
errorMessage = "密码输入错误超过当日限制,请明天再试";
} else if (ae instanceof DisabledAccountException) {
errorMessage = "账号被管理员锁定";
} else if (ae instanceof UnknownAccountException) {
errorMessage = "账号不存在";
} else {
errorMessage = "未知错误";
log.fatal("登录错误-未知错误,请管理员检查", ae);
}
request.setAttribute(getFailureKeyAttribute(), errorMessage);
}
Example #8
| Source File: ExceptionUtils.java From onedev with MIT License | 6 votes |
|
public static void handle(HttpServletResponse response, Exception exception) {
try {
if (ExceptionUtils.find(exception, UnauthenticatedException.class) != null) {
requireAuthentication(response);
} else if (find(exception, UnauthorizedException.class) != null) {
if (!SecurityUtils.getSubject().isAuthenticated())
requireAuthentication(response);
else
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access denied.");
} else if (find(exception, IncorrectCredentialsException.class) != null) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Incorrect credentials.");
} else if (find(exception, UnknownAccountException.class) != null) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unknown user name.");
} else {
logger.warn("Error serving request", exception);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, exception.getMessage());
}
} catch (IOException e) {
throw new RuntimeException(e);
}
}
Example #9
| Source File: AppHandoffRealm.java From arcusplatform with Apache License 2.0 | 6 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
SessionHandoff handoff = null;
try {
handoff = handoffDao.validate(((AppHandoffToken) token).getToken()).orElseThrow(() -> new IncorrectCredentialsException());
AppHandoffMetrics.incValidateTokenSuccess();
}catch(IncorrectCredentialsException e) {
AppHandoffMetrics.incValidateTokenFailed();
throw e;
}
if(checkSameIp) {
String tokenHost = ((AppHandoffToken) token).getHost();
if(StringUtils.isBlank(tokenHost) || StringUtils.isBlank(handoff.getIp()) || !tokenHost.equalsIgnoreCase(handoff.getIp())) {
if(StringUtils.isBlank(handoff.getIp()) && StringUtils.isBlank(tokenHost)) {
logger.warn("Both IP in token and app_handoff_token DB is null for person [{}]. Should not happen!", handoff.getPersonId());
}
AppHandoffMetrics.incSameIPFailed();
throw new IncorrectCredentialsException();
}
AppHandoffMetrics.incSameIPSuccess();
}
Login login = new Login();
login.setUserId(handoff.getPersonId());
login.setUsername(handoff.getUsername());
return new SimpleAuthenticationInfo(principalResolver.resolvePrincipal(login), token, getName());
}
Example #10
| Source File: HomeController.java From Spring-Boot-Book with Apache License 2.0 | 6 votes |
|
@RequestMapping("/login")
public String login(HttpServletRequest request, Map<String, Object> map) throws Exception {
// 登录失败从request中获取shiro处理的异常信息。
// shiroLoginFailure:就是shiro异常类的全类名.
//初始登陆用户名密码long/longzhonghua,或者long/123456
String exception = (String) request.getAttribute("shiroLoginFailure");
System.out.println("exception=" + exception);
String msg = "";
if (exception != null) {
if (UnknownAccountException.class.getName().equals(exception)) {
msg = "账号不存在:";
} else if (IncorrectCredentialsException.class.getName().equals(exception)) {
msg = "密码不正确:";
} else if ("kaptchaValidateFailed".equals(exception)) {
msg = "验证码错误";
} else {
msg = "else >> " + exception;
}
}
map.put("msg", msg);
// 此方法不处理登录成功,由shiro进行处理
return "/login";
}
Example #11
| Source File: OAuth2Realm.java From kitty with GNU Lesser General Public License v3.0 | 6 votes |
|
/**
* 认证(登录时调用)
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
String token = (String) authenticationToken.getPrincipal();
// 根据accessToken,查询用户token信息
SysUserToken sysUserToken = sysUserTokenService.findByToken(token);
if(sysUserToken == null || sysUserToken.getExpireTime().getTime() < System.currentTimeMillis()){
// token已经失效
throw new IncorrectCredentialsException("token失效,请重新登录");
}
// 查询用户信息
SysUser user = sysUserService.findById(sysUserToken.getUserId());
// 账号被锁定
if(user.getStatus() == 0){
throw new LockedAccountException("账号已被锁定,请联系管理员");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, token, getName());
return info;
}
Example #12
| Source File: FormAuthenticationFilter.java From frpMgr with MIT License | 6 votes |
|
/**
* 登录失败调用事件
*/
@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
String className = e.getClass().getName(), message = "";
if (IncorrectCredentialsException.class.getName().equals(className) || UnknownAccountException.class.getName().equals(className)) {
message = Global.getText("sys.login.failure");
} else if (e.getMessage() != null && StringUtils.startsWith(e.getMessage(), "msg:")) {
message = StringUtils.replace(e.getMessage(), "msg:", "");
} else {
message = Global.getText("sys.login.error");
logger.error(message, e); // 输出到日志文件
}
request.setAttribute(getFailureKeyAttribute(), className);
request.setAttribute(DEFAULT_MESSAGE_PARAM, message);
return true;
}
Example #13
| Source File: ShiroRealm.java From SpringAll with MIT License | 6 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
User user = userMapper.findByUserName(userName);
if (user == null) {
throw new UnknownAccountException("用户名或密码错误!");
}
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException("用户名或密码错误!");
}
if (user.getStatus().equals("0")) {
throw new LockedAccountException("账号已被锁定,请联系管理员!");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
Example #14
| Source File: ShiroRealm.java From SpringAll with MIT License | 6 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
User user = userMapper.findByUserName(userName);
if (user == null) {
throw new UnknownAccountException("用户名或密码错误!");
}
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException("用户名或密码错误!");
}
if (user.getStatus().equals("0")) {
throw new LockedAccountException("账号已被锁定,请联系管理员!");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
Example #15
| Source File: ShiroRealm.java From SpringAll with MIT License | 6 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
User user = userMapper.findByUserName(userName);
if (user == null) {
throw new UnknownAccountException("用户名或密码错误!");
}
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException("用户名或密码错误!");
}
if (user.getStatus().equals("0")) {
throw new LockedAccountException("账号已被锁定,请联系管理员!");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
Example #16
| Source File: ShiroRealm.java From SpringAll with MIT License | 6 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
User user = userMapper.findByUserName(userName);
if (user == null) {
throw new UnknownAccountException("用户名或密码错误!");
}
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException("用户名或密码错误!");
}
if (user.getStatus().equals("0")) {
throw new LockedAccountException("账号已被锁定,请联系管理员!");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
Example #17
| Source File: FirstSuccessfulModularRealAuthenticatorTest.java From nexus-public with Eclipse Public License 1.0 | 6 votes |
|
@Test
public void testMultiRealmMultipleFailures() {
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("username", "password");
Realm realmOne = mock(Realm.class);
Realm realmTwo = mock(Realm.class);
when(realmOne.supports(usernamePasswordToken)).thenReturn(true);
when(realmTwo.supports(usernamePasswordToken)).thenReturn(true);
when(realmOne.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());
when(realmTwo.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new UnknownAccountException());
try {
firstSuccessfulModularRealmAuthenticator
.doMultiRealmAuthentication(Lists.newArrayList(realmOne, realmTwo), usernamePasswordToken);
}
catch (NexusAuthenticationException e) {
assertThat(e.getAuthenticationFailureReasons(), containsInAnyOrder(AuthenticationFailureReason.INCORRECT_CREDENTIALS, AuthenticationFailureReason.USER_NOT_FOUND));
}
}
Example #18
| Source File: FirstSuccessfulModularRealAuthenticatorTest.java From nexus-public with Eclipse Public License 1.0 | 6 votes |
|
@Test
public void testMultiRealmInvalidCredentials() {
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("username", "password");
Realm realmOne = mock(Realm.class);
Realm realmTwo = mock(Realm.class);
when(realmOne.supports(usernamePasswordToken)).thenReturn(true);
when(realmTwo.supports(usernamePasswordToken)).thenReturn(true);
when(realmOne.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());
when(realmTwo.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());
try {
firstSuccessfulModularRealmAuthenticator
.doMultiRealmAuthentication(Lists.newArrayList(realmOne, realmTwo), usernamePasswordToken);
}
catch (NexusAuthenticationException e) {
assertThat(e.getAuthenticationFailureReasons(), containsInAnyOrder(AuthenticationFailureReason.INCORRECT_CREDENTIALS));
}
}
Example #19
| Source File: MockRealm.java From nexus-public with Eclipse Public License 1.0 | 6 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String password = new String(upToken.getPassword());
String userId = upToken.getUsername();
// username == password
try {
if (userId.endsWith(password) && userManager.getUser(userId) != null) {
return new SimpleAuthenticationInfo(new SimplePrincipalCollection(token.getPrincipal(),
this.getName()), userId);
}
else {
throw new IncorrectCredentialsException("User [" + userId + "] bad credentials.");
}
}
catch (UserNotFoundException e) {
throw new UnknownAccountException("User [" + userId + "] not found.");
}
}
Example #20
| Source File: LoginResource.java From cassandra-reaper with Apache License 2.0 | 6 votes |
|
@Path("/login")
@POST
public void login(
@FormParam("username") String username,
@FormParam("password") String password,
@FormParam("rememberMe") boolean rememberMe,
@Auth Subject subject) throws IOException {
ensurePresent(username, "Invalid credentials: missing username.");
ensurePresent(password, "Invalid credentials: missing password.");
try {
subject.login(new UsernamePasswordToken(username, password, rememberMe));
} catch (AuthenticationException e) {
throw new IncorrectCredentialsException("Invalid credentials combination for user: " + username);
}
}
Example #21
| Source File: Login.java From Student-Homework-Management-System with MIT License | 6 votes |
|
/**
* 用户登陆
*
* @param model {@link Model}
* @param request {@link HttpServletRequest}
* @return jsp/login.jsp
* @throws LoginException LoginException
*/
@RequestMapping("login")
public String userLogin(Model model, HttpServletRequest request) throws LoginException {
User user = (User) SecurityUtils.getSubject().getPrincipal();
if (user != null && user.getUid() != null) {
logger.debug("用户成功登录 {}", user);
return "redirect:index.jsp";
}
String exceptionClassName = (String) request.getAttribute("shiroLoginFailure");
if (exceptionClassName != null) {
if (UnknownAccountException.class.getName().equals(exceptionClassName)) {
model.addAttribute("returninfo", "账号不存在");
} else if (IncorrectCredentialsException.class.getName().equals(
exceptionClassName) || AuthenticationException.class.getName().equals(exceptionClassName)) {
model.addAttribute("returninfo", "用户名/密码错误");
} else {
throw new LoginException(exceptionClassName);
}
}
return "jsp/login.jsp";
}
Example #22
| Source File: LoginController.java From mumu with Apache License 2.0 | 6 votes |
|
@RequestMapping(value = "/login")
public String showLoginForm(HttpServletRequest req, Model model) {
if(req.getMethod().equalsIgnoreCase("get")){
return "login";
}
String exceptionClassName = (String)req.getAttribute("shiroLoginFailure");
String error = null;
if(UnknownAccountException.class.getName().equals(exceptionClassName)) {
error = "用户名/密码错误";
} else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)) {
error = "用户名/密码错误";
} else if(exceptionClassName != null) {
error = "其他错误:" + exceptionClassName;
}
if(error!=null){
model.addAttribute("shiroLoginFailure", error);
return "login";
}
return "redirect:/main";
}
Example #23
| Source File: FormAuthenticationFilter.java From easyweb with Apache License 2.0 | 6 votes |
|
/**
* 登录失败调用事件
*/
@Override
protected boolean onLoginFailure(AuthenticationToken token,
AuthenticationException e, ServletRequest request, ServletResponse response) {
String className = e.getClass().getName(), message = "";
if (IncorrectCredentialsException.class.getName().equals(className)
|| UnknownAccountException.class.getName().equals(className)){
message = "用户或密码错误, 请重试.";
}
else if (e.getMessage() != null && StringUtils.startsWith(e.getMessage(), "msg:")){
message = StringUtils.replace(e.getMessage(), "msg:", "");
}
else{
message = "系统出现点问题,请稍后再试!";
e.printStackTrace(); // 输出到控制台
}
request.setAttribute(getFailureKeyAttribute(), className);
request.setAttribute(getMessageParam(), message);
return true;
}
Example #24
| Source File: AccountController.java From VideoMeeting with Apache License 2.0 | 6 votes |
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
@ResponseBody
public Result<User> login(String username, String password)
throws IOException {
// response.setHeader("resetCookie", "true");
if (TextUtil.isEmpty(username) || TextUtil.isEmpty(password)) {
return new Result<User>(false, "用户名或密码为空",
null);
}
Result<User> result;
try {
User returnUser = accountService.login(username, password);
if (returnUser != null) {
// response.setHeader("resetCookie", "true");
result = new Result<User>(true, null, returnUser);
} else {
result = new Result<User>(false, "登录失败.", null);
}
} catch (IncorrectCredentialsException e) {
result = new Result<User>(false, "帐号密码错误", null);
} catch (UnknownAccountException e1) {
result = new Result<User>(false, "帐号密码错误", null);
}
return result;
}
Example #25
| Source File: LoginController.java From roncoo-pay with Apache License 2.0 | 6 votes |
|
/**
* 函数功能说明 : 进入后台登陆页面.
*
* @参数: @return
* @return String
* @throws
*/
@RequestMapping("/login")
public String login(HttpServletRequest req, Model model) {
String exceptionClassName = (String) req.getAttribute("shiroLoginFailure");
String error = null;
if (UnknownAccountException.class.getName().equals(exceptionClassName)) {
error = "用户名/密码错误";
} else if (IncorrectCredentialsException.class.getName().equals(exceptionClassName)) {
error = "用户名/密码错误";
} else if (PermissionException.class.getName().equals(exceptionClassName)) {
error = "网络异常,请联系龙果管理员";
} else if (exceptionClassName != null) {
error = "错误提示:" + exceptionClassName;
}
model.addAttribute("message", error);
return "system/login";
}
Example #26
| Source File: SystemLoginController.java From cms with Apache License 2.0 | 6 votes |
|
@RequestMapping(value = "${web.adminPath}/login", method = RequestMethod.POST)
public String showLoginForm(HttpServletRequest request, Model model) {
String error = null;
String exceptionClassName = (String)request.getAttribute(FormAuthenticationCaptchaFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
if(AccountException.class.getName().equals(exceptionClassName)){
error = "对不起,您输入用户名";
} else if(UnknownAccountException.class.getName().equals(exceptionClassName)){
error = "对不起,您输入用户名不存在";
} else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)){
error = "对不起,您输入用户名/密码错误";
} else if(CaptchaException.class.getName().equals(exceptionClassName)) {
error="对不起,您输入验证码错误";
} else if(LockedAccountException.class.getName().equals(exceptionClassName)) {
error="对不起,您账号被冻结,请联系管理员";
} else if(ExcessiveAttemptsException.class.getName().equals(exceptionClassName)){
error="重复密码错误超过5次,请等待30分钟...";
}else if(exceptionClassName != null) {
error = "登录系统错误";
}
model.addAttribute("error", error);
return getRemoteView("login_signin");
// return "redirect:/"+getTemplate()+"/login";
}
Example #27
| Source File: LoginController.java From cms with Apache License 2.0 | 6 votes |
|
@RequestMapping(value = "login", method = RequestMethod.POST)
public String showLoginForm(HttpServletRequest request, Model model) {
String error = null;
String exceptionClassName = (String)request.getAttribute(FormAuthenticationCaptchaFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
if(AccountException.class.getName().equals(exceptionClassName)){
error = "对不起,您输入用户名";
} else if(UnknownAccountException.class.getName().equals(exceptionClassName)){
error = "对不起,您输入用户名不存在";
} else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)){
error = "对不起,您输入用户名/密码错误";
} else if(CaptchaException.class.getName().equals(exceptionClassName)) {
error="对不起,您输入验证码错误";
} else if(LockedAccountException.class.getName().equals(exceptionClassName)) {
error="对不起,您账号被冻结,请联系管理员";
} else if(ExcessiveAttemptsException.class.getName().equals(exceptionClassName)){
error="重复密码错误超过5次,请等待30分钟...";
}else if(exceptionClassName != null) {
error = "登录系统错误";
}
model.addAttribute("error", error);
return getRemoteView("login");
// return "redirect:/"+getTemplate()+"/login";
}
Example #28
| Source File: ShiroRealm.java From SpringAll with MIT License | 6 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String userName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
User user = userMapper.findByUserName(userName);
if (user == null) {
throw new UnknownAccountException("用户名或密码错误!");
}
if (!password.equals(user.getPassword())) {
throw new IncorrectCredentialsException("用户名或密码错误!");
}
if (user.getStatus().equals("0")) {
throw new LockedAccountException("账号已被锁定,请联系管理员!");
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
return info;
}
Example #29
| Source File: ShiroController.java From niubi-job with Apache License 2.0 | 5 votes |
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
@ExceptionForward("/shiro/login")
public String login(HttpServletRequest request) {
String exception = (String) request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
if (UnknownAccountException.class.getName().equals(exception)) {
failed("Unknown account.");
} else if (IncorrectCredentialsException.class.getName().equals(exception)) {
failed("Incorrect password.");
} else {
LoggerHelper.error("unknown error : " + exception);
failed("Unknown error.");
}
return "shiro_login";
}
Example #30
| Source File: AjaxAuthenticationFilter.java From java-platform with Apache License 2.0 | 5 votes |
|
@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
if (WebHelper.isAjax((HttpServletRequest) request)) {
Result result = Result.failure();
if (e instanceof IncorrectCredentialsException) {
result.message("密码错误");
} else if (e instanceof ExpiredCredentialsException) {
result.message("密码已过期");
} else if (e instanceof UnknownAccountException) {
result.message("该账号不存在");
} else if (e instanceof DisabledAccountException) {
result.message("该账号已禁用");
} else if (e instanceof LockedAccountException) {
result.message("该账号已锁定");
} else if (e instanceof AccountException) {
result.message("账号错误");
} else if (e instanceof CredentialsException) {
result.message("密码错误");
}
try {
writeObject(request, response, result);
} catch (IOException ex) {
throw new RuntimeException(ex);
}
return false;
}
return super.onLoginFailure(token, e, request, response);
}
