Example usage for javax.security.auth.login CredentialExpiredException CredentialExpiredException

List of usage examples for javax.security.auth.login CredentialExpiredException CredentialExpiredException

  1. HOME
  2. Java
  3. javax
  4. javax.security.auth.login.*
  5. CredentialExpiredException
  6. CredentialExpiredException

Introduction

In this page you can find the example usage for javax.security.auth.login CredentialExpiredException CredentialExpiredException.

Prototype

public CredentialExpiredException(String msg)

Source Link

Document

Constructs a CredentialExpiredException with the specified detail message.

Usage

From source file:dk.dma.msinm.user.security.JWTService.java

/**
 * Parses a JWT authorization header. Throws an exception if the JWT cannot be verified
 *
 * @param token the JWT token//ww w.  j  a  v a  2 s  .co  m
 * @return the parsed JWT
 */
public ParsedJWTInfo parseSignedJWT(String token) throws Exception {
    // Parse back and check signature
    SignedJWT signedJWT = SignedJWT.parse(token);

    JWSVerifier verifier = new MACVerifier(hmacSharedKey.getBytes());

    boolean verifiedSignature = signedJWT.verify(verifier);

    if (!verifiedSignature) {
        throw new CredentialExpiredException("JWT token expired");
    }

    ReadOnlyJWTClaimsSet claims = signedJWT.getJWTClaimsSet();

    // Collect the interesting information in a ParsedJWTInfo and return it
    ParsedJWTInfo jwtInfo = new ParsedJWTInfo();
    jwtInfo.setSubject(claims.getSubject());
    jwtInfo.setExpirationTime(claims.getExpirationTime());
    jwtInfo.setIssueTime(claims.getIssueTime());
    return jwtInfo;
}

From source file:net.sf.jpam.jaas.JpamLoginModule.java

/**
 * Method to authenticate a <code>Subject</code> (phase 1).
 * <p/>/*from   w w w .ja v a 2 s  . co m*/
 * <p> The implementation of this method authenticates
 * a <code>Subject</code>.  For example, it may prompt for
 * <code>Subject</code> information such
 * as a username and password and then attempt to verify the password.
 * This method saves the result of the authentication attempt
 * as private state within the LoginModule.
 * <p/>
 * <p/>
 *
 * @return true if the authentication succeeded, or false if this
 *         <code>LoginModule</code> should be ignored.
 * @throws javax.security.auth.login.LoginException
 *          if the authentication fails
 */
public boolean login() throws LoginException {
    pam = createPam();

    Callback[] callbacks = new Callback[2];
    String username = null;
    NameCallback nameCallback = new NameCallback("Enter Username: ");
    callbacks[0] = nameCallback;
    String credentials = null;
    PasswordCallback passwordCallback = new PasswordCallback("Enter Credentials: ", false);
    callbacks[1] = passwordCallback;

    try {
        callbackHandler.handle(callbacks);
    } catch (IOException e) {
        LOG.error("IOException handling login: " + e.getMessage(), e);
        throw new LoginException(e.getMessage());
    } catch (UnsupportedCallbackException e) {
        LOG.error("UnsupportedCallbackException handling login: " + e.getMessage(), e);
        throw new LoginException(e.getMessage());
    }
    username = nameCallback.getName();
    credentials = String.copyValueOf(passwordCallback.getPassword());
    boolean authenticated = false;
    PamReturnValue pamReturnValue = pam.authenticate(username, credentials);
    if (pamReturnValue.equals(PamReturnValue.PAM_SUCCESS)) {
        authenticated = true;
    } else if (pamReturnValue.equals(PamReturnValue.PAM_ACCT_EXPIRED)) {
        throw new AccountExpiredException(PamReturnValue.PAM_ACCT_EXPIRED.toString());
    } else if (pamReturnValue.equals(PamReturnValue.PAM_CRED_EXPIRED)) {
        throw new CredentialExpiredException(PamReturnValue.PAM_CRED_EXPIRED.toString());
    } else {
        throw new FailedLoginException(pamReturnValue.toString());
    }
    return authenticated;
}

From source file:gov.nih.nci.security.authentication.loginmodules.CSMLoginModule.java

/**
 * Retrieves the user credentials from the CallBacks and tries to validate 
 * them against the database. It retrieves userID and password from the 
 * CallbackHandler. It uses helper class to perform the actual authentication 
 * operations and access the user record. This method returns a true if
 * the user authentication was sucessful else it throws a Login Exception.
 * @throws LoginException //from  w ww  . j a  v  a 2 s  .c  o m
 * @see javax.security.auth.spi.LoginModule#login()
 */
public boolean login() throws LoginException, CSInternalLoginException, CSInternalConfigurationException {
    if (callbackHandler == null) {
        if (log.isDebugEnabled())
            log.debug("Authentication|||login|Failure| Error in obtaining the CallBack Handler |");
        throw new LoginException("Error in obtaining Callback Handler");
    }
    Callback[] callbacks = new Callback[2];
    callbacks[0] = new NameCallback("userid: ");
    callbacks[1] = new PasswordCallback("password: ", false);

    try {
        callbackHandler.handle(callbacks);
        userID = ((NameCallback) callbacks[0]).getName();
        char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword();

        if (tmpPassword == null) {
            // treat a NULL password as an empty password
            tmpPassword = new char[0];
        }
        password = new char[tmpPassword.length];
        System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length);
        ((PasswordCallback) callbacks[1]).clearPassword();
    } catch (java.io.IOException e) {
        if (log.isDebugEnabled())
            log.debug("Authentication|||login|Failure| Error in creating the CallBack Handler |"
                    + e.getMessage());
        throw new LoginException("Error in Creating the CallBack Handler");
    } catch (UnsupportedCallbackException e) {
        if (log.isDebugEnabled())
            log.debug("Authentication|||login|Failure| Error in creating the CallBack Handler |"
                    + e.getMessage());
        throw new LoginException("Error in Creating the CallBack Handler");
    }
    if (isFirstTimeLogin(options, userID)) {
        loginSuccessful = false;
        password = null;
        throw new FailedLoginException("User logging in first time, Password should be changed ");
    }
    DataConfiguration config;
    try {
        config = ConfigurationHelper.getConfiguration();
    } catch (CSConfigurationException e) {
        // TODO Auto-generated catch block
        throw new CSInternalConfigurationException("Exception while reading config data!!");
    }

    if (isPasswordExpired(options, userID)) {
        loginSuccessful = false;
        userID = null;
        password = null;

        throw new CredentialExpiredException("User password expired, Ceate new password");
    }

    try {
        //now validate user
        if (validate(options, userID, password, subject)) {
            if (isActive(options, userID))
                loginSuccessful = true;
            else {
                loginSuccessful = false;
                password = null;
                throw new AccountExpiredException("User is not active, Contact the system administrator");
            }
        } else {
            // clear the values         
            loginSuccessful = false;
            userID = null;
            password = null;

            throw new LoginException("Invalid Login Credentials");
        }
    } catch (FailedLoginException fle) {
        if (log.isDebugEnabled())
            if (log.isDebugEnabled())
                log.debug("Authentication|||login|Failure| Invalid Login Credentials |" + fle.getMessage());
        throw new LoginException("Invalid Login Credentials");
    }
    if (log.isDebugEnabled())
        log.debug("Authentication|||login|Success| Authentication is " + loginSuccessful + "|");
    return loginSuccessful;
}