List of usage examples for org.apache.shiro.authc AuthenticationException AuthenticationException
public AuthenticationException()
From source file:com.kalix.framework.webapp.shiro.DemoRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) { UsernamePasswordToken upToken = (UsernamePasswordToken) token; User user = userDao.findUser(upToken.getUsername()); if (user == null) { throw new AuthenticationException(); }/*from w ww. j a va 2 s . c o m*/ return new SimpleAccount(user, user.getHashedPassword(), getName()); }
From source file:com.streamreduce.core.service.EventServiceITCase.java
License:Apache License
/** * Tests that {@link EventService#createEvent(com.streamreduce.core.event.EventId, com.streamreduce.core.model.ObjectWithId, * java.util.Map)}//from w w w . j a v a 2 s . c o m * works as expected when a user is not logged in and we are creating an event. */ @Test @Ignore("Integration Tests depended on sensitive account keys, ignoring until better harness is in place.") public void testCreateEvent_ReadEventWithNoLoggedInUser() throws Exception { // Test creating an event with no logged in user EventService eventService = applicationManager.getEventService(); SecurityService mockSecurityService = mock(SecurityService.class); when(mockSecurityService.getCurrentUser()).thenThrow(new AuthenticationException()); ReflectionTestUtils.setField(eventService, "securityService", mockSecurityService); Event event = eventService.createEvent(EventId.READ, testUser, null); Assert.assertNull(event); }
From source file:com.streamreduce.core.service.EventServiceITCase.java
License:Apache License
/** * Tests that {@link EventService#createEvent(com.streamreduce.core.event.EventId, com.streamreduce.core.model.ObjectWithId, * java.util.Map)}// w ww. j a v a 2s. c o m * works as expected when a user is not logged in and we are creating a SobaMessage */ @Test @Ignore("Integration Tests depended on sensitive account keys, ignoring until better harness is in place.") public void testCreateEvent_CreateSobaMessageWithNoLoggedInUser() throws Exception { // Test creating an event with no logged in user EventService eventService = applicationManager.getEventService(); SecurityService mockSecurityService = mock(SecurityService.class); when(mockSecurityService.getCurrentUser()).thenThrow(new AuthenticationException()); ReflectionTestUtils.setField(eventService, "securityService", mockSecurityService); // Test creating a SobaObject event with no logged in user Connection connection = new Connection.Builder() .provider( connectionProviderFactory.connectionProviderFromId(ProviderIdConstants.GITHUB_PROVIDER_ID)) .account(testAccount).alias("Test GitHub Connection") .description("This is a test GitHub connection.").user(testUser) .authType(AuthType.USERNAME_PASSWORD) .credentials(new ConnectionCredentials("somegithubusername", "somegithubpassword")).build(); Event event = eventService.createEvent(EventId.CREATE, connection, null); Assert.assertNotNull(event); }
From source file:com.thesett.util.security.model.JWTAuthenticationToken.java
License:Apache License
/** * Parses the token and checks that its signature is valid. * * <p/>The {@link #setPublicKey(PublicKey)} method needs to the invoked with the correct verification key, prior to * calling this.//from ww w . j av a 2s . c o m * * @throws AuthenticationException If the token is not valid. */ public void assertValid() { boolean isValidToken = checkValid(); if (!isValidToken) { throw new AuthenticationException(); } }
From source file:com.vsc.dayspring.security.ShiroDbRealm.java
License:Apache License
/** * ?,.// w w w . j a v a2s .c o m */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder .getRequestAttributes(); String serverName = attributes.getRequest().getHeader("Host"); if (StringUtils.isEmpty(serverName)) { serverName = attributes.getRequest().getServerName(); } if (this.getSubDomains(KEY_APP_DOMAIN).contains(serverName)) { throw new AuthenticationException(); } MyUsernamePasswordToken token = (MyUsernamePasswordToken) authcToken; List<Account> accountList = null; List<CompanyAccount> companyAccountList = null; if (token.getUsername() == null) { return null; } byte[] salt = null; //DEMO&&? if (CodeConstant.CODE_WHETHER_1.equals(CodeConstant.SYS_TYPE_FLAG) && CodeConstant.CODE_LOGIN_TYPE_SERIAL_NUMBER_USER.equals(token.getType())) { companyAccountList = compAccountService.getCompAccountBySerialNumber(token.getUsername()); if (CollectionUtils.isEmpty(companyAccountList)) { throw new AuthenticationException(); } CompanyAccount loginInfo = companyAccountList.get(0); Company company = companyMapper.selectByPrimaryKey(loginInfo.getCompUuid()); if (company == null || CodeConstant.CODE_DELETE_FLAG_YES.equals(company.getDeleteFlag())) { throw new AuthenticationException(); } loginInfo.setCompInitFlg(company.getInitFlag()); loginInfo.setCompName(company.getShortName()); salt = DigestUtils.generateSalt(AuthServer.SALT_SIZE); SimpleHash hash = new SimpleHash(HASH_ALGORITHM, token.getPassword(), ByteSource.Util.bytes(salt), HASH_INTERATIONS); return new SimpleAuthenticationInfo(loginInfo, hash.toHex(), ByteSource.Util.bytes(salt), getName()); } else { if (token.getUsername().toLowerCase().indexOf(ConditionConstant.CONDITION_AT_YOWITS_COM) > 0) { // TODO DEBUG try { accountList = authServer.getLoginInfo(token.getUsername()); } catch (Exception e) { e.printStackTrace(); } } else { // TODO DEBUG try { companyAccountList = compAccountService.getCompAccountCountNoOrgByLoginId(token.getUsername()); } catch (Exception e) { e.printStackTrace(); } } if (!CollectionUtils.isEmpty(companyAccountList)) { CompanyAccount loginInfo = companyAccountList.get(0); if ("1".equals(loginInfo.getDeleteFlag())) { throw new AuthenticationException(); } // ?wizard uuid???? if (StringUtils.isEmpty(loginInfo.getWizardUuid())) { Company company = companyMapper.selectByPrimaryKey(loginInfo.getCompUuid()); if (company == null || CodeConstant.CODE_DELETE_FLAG_YES.equals(company.getDeleteFlag())) { throw new AuthenticationException(); } loginInfo.setCompInitFlg(company.getInitFlag()); loginInfo.setCompName(company.getShortName()); } salt = EncodeUtils.decodeHex(loginInfo.getSalt()); return new SimpleAuthenticationInfo(loginInfo, loginInfo.getPassword(), ByteSource.Util.bytes(salt), getName()); } else if (!CollectionUtils.isEmpty(accountList)) { if (!this.getSubDomains(KEY_OFFIC_DOMAIN).contains(serverName)) { throw new AuthenticationException(); } Account loginInfo = accountList.get(0); if ("1".equals(loginInfo.getDeleteFlag())) { throw new AuthenticationException(); } salt = EncodeUtils.decodeHex(loginInfo.getSalt()); return new SimpleAuthenticationInfo(loginInfo, loginInfo.getPassword(), ByteSource.Util.bytes(salt), getName()); } else { throw new AuthenticationException(); } } }
From source file:com.xz.oa.core.service.user.ShiroDbRealm.java
License:Apache License
/** * ?,.//from w w w . j ava 2 s . c om */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; User user = userService.findByName(token.getUsername()); if (user != null) { byte[] salt = Encodes.decodeHex(user.getSalt()); ShiroUser shiroUser = new ShiroUser(user); return new SimpleAuthenticationInfo(shiroUser, user.getPassword(), ByteSource.Util.bytes(salt), user.getReal_name()); } else { throw new AuthenticationException(); } }
From source file:org.apache.aurora.scheduler.http.api.security.ShiroKerberosAuthenticationFilterTest.java
License:Apache License
@Test public void testLoginFailure401() { subject.login(isA(AuthenticationToken.class)); expectLastCall().andThrow(new AuthenticationException()); replayAndStart();//from w w w . j a v a2 s. c o m ClientResponse clientResponse = getRequestBuilder(PATH) .header(HttpHeaders.AUTHORIZATION, ShiroKerberosAuthenticationFilter.NEGOTIATE + " asdf") .get(ClientResponse.class); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, clientResponse.getStatus()); assertEquals(ShiroKerberosAuthenticationFilter.NEGOTIATE, clientResponse.getHeaders().getFirst(HttpHeaders.WWW_AUTHENTICATE)); }
From source file:org.archone.ad.authentication.ShoadRealm.java
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); Assert.notNull(username, "Null usernames are not allowed by this realm."); String password = new String(upToken.getPassword()); Assert.hasLength(password, "Empty passwords are not allowed by this realm."); DirContext ctx = null;//w w w . j ava2 s.c o m try { String userDn = getUserDn(username); ctx = contextSource.getContext(userDn, password); Attributes attrs = ctx.getAttributes(userDn); DirContextAdapter result = new DirContextAdapter(attrs, new DistinguishedName(userDn)); return new SimpleAuthenticationInfo(result, password.toCharArray(), getName()); } catch (javax.naming.NamingException ex) { throw new AuthenticationException(); } catch (NamingException ex) { throw new AuthenticationException(); } }
From source file:org.archone.ad.authentication.ShoadRealm.java
private String getUserDn(String username) throws javax.naming.NamingException { SearchControls controls = new SearchControls(); controls.setSearchScope(SearchControls.SUBTREE_SCOPE); DirContext dirContext = contextSource.getReadOnlyContext(); NamingEnumeration<SearchResult> searchResults = dirContext.search("", adConfiguration.getUserDnSearchFilter(), new String[] { username }, controls); SearchResult sr = searchResults.next(); if (sr == null || searchResults.hasMore()) { throw new AuthenticationException(); }/*from www .ja v a 2s. com*/ return sr.getNameInNamespace(); }
From source file:org.cherchgk.actions.security.LoginActionTest.java
License:Apache License
public void testUndefinedUserLogin() throws Exception { request.setParameter("login", "login"); request.setParameter("password", "password"); request.setParameter("currentPage", "http://localhost/main.action"); ActionProxy proxy = getActionProxy("/login"); LoginAction loginAction = (LoginAction) proxy.getAction(); PowerMockito.mockStatic(SecurityUtils.class); Subject subjectMock = Mockito.mock(Subject.class); Mockito.when(SecurityUtils.getSubject()).thenReturn(subjectMock); Mockito.doThrow(new AuthenticationException()).when(subjectMock).login(Mockito.<AuthenticationToken>any()); String result = proxy.execute(); assertEquals(Action.ERROR, result); assertEquals("FAILED", loginAction.getLoginError()); }