List of usage examples for org.apache.shiro.authc AuthenticationException AuthenticationException
public AuthenticationException(Throwable cause)
From source file:org.seedstack.seed.security.internal.realms.ShiroRealmAdapter.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { org.seedstack.seed.security.api.AuthenticationToken seedToken = convertToken(token); if (seedToken == null) { throw new UnsupportedTokenException("The token " + token.getClass() + " is not supported"); }/*from ww w . j a v a 2s .c o m*/ org.seedstack.seed.security.api.AuthenticationInfo apiAuthenticationInfo; try { apiAuthenticationInfo = realm.getAuthenticationInfo(seedToken); } catch (org.seedstack.seed.security.api.exceptions.IncorrectCredentialsException e) { throw new IncorrectCredentialsException(e); } catch (org.seedstack.seed.security.api.exceptions.UnknownAccountException e) { throw new UnknownAccountException(e); } catch (org.seedstack.seed.security.api.exceptions.UnsupportedTokenException e) { throw new UnsupportedTokenException(e); } catch (org.seedstack.seed.security.api.exceptions.AuthenticationException e) { throw new AuthenticationException(e); } SimpleAuthenticationInfo authcInfo = new SimpleAuthenticationInfo(); SimplePrincipalCollection principals = new SimplePrincipalCollection( apiAuthenticationInfo.getIdentityPrincipal(), this.getName()); authcInfo.setCredentials(token.getCredentials()); //Realm principals for (PrincipalProvider<?> principal : apiAuthenticationInfo.getOtherPrincipals()) { principals.add(principal, this.getName()); } //Custom principals for (PrincipalCustomizer<?> principalCustomizer : principalCustomizers) { if (principalCustomizer.supportedRealm().isAssignableFrom(getRealm().getClass())) { for (PrincipalProvider<?> principal : principalCustomizer.principalsToAdd( apiAuthenticationInfo.getIdentityPrincipal(), apiAuthenticationInfo.getOtherPrincipals())) { principals.add(principal, this.getName()); } } } authcInfo.setPrincipals(principals); return authcInfo; }
From source file:org.seedstack.seed.security.internal.ShiroRealmAdapter.java
License:Mozilla Public License
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { org.seedstack.seed.security.AuthenticationToken seedToken = convertToken(token); if (seedToken == null) { throw new UnsupportedTokenException("The token " + token.getClass() + " is not supported"); }// ww w. j a va 2 s . c om org.seedstack.seed.security.AuthenticationInfo apiAuthenticationInfo; try { apiAuthenticationInfo = realm.getAuthenticationInfo(seedToken); } catch (org.seedstack.seed.security.IncorrectCredentialsException e) { throw new IncorrectCredentialsException(e); } catch (org.seedstack.seed.security.UnknownAccountException e) { throw new UnknownAccountException(e); } catch (org.seedstack.seed.security.UnsupportedTokenException e) { throw new UnsupportedTokenException(e); } catch (org.seedstack.seed.security.AuthenticationException e) { throw new AuthenticationException(e); } SimpleAuthenticationInfo authcInfo = new SimpleAuthenticationInfo(); SimplePrincipalCollection principals = new SimplePrincipalCollection( apiAuthenticationInfo.getIdentityPrincipal(), this.getName()); authcInfo.setCredentials(token.getCredentials()); //Realm principals for (PrincipalProvider<?> principal : apiAuthenticationInfo.getOtherPrincipals()) { principals.add(principal, this.getName()); } //Custom principals for (PrincipalCustomizer<?> principalCustomizer : principalCustomizers) { if (principalCustomizer.supportedRealm().isAssignableFrom(getRealm().getClass())) { for (PrincipalProvider<?> principal : principalCustomizer.principalsToAdd( apiAuthenticationInfo.getIdentityPrincipal(), apiAuthenticationInfo.getOtherPrincipals())) { principals.add(principal, this.getName()); } } } authcInfo.setPrincipals(principals); return authcInfo; }
From source file:org.sisto.jeeplate.security.shiro.JNDIAndSaltAwareJdbcRealm.java
License:Open Source License
private PasswordSalt getPasswordSaltForUser(String user) { Connection jdbcConnection = null; PreparedStatement statement = null; ResultSet resultSet = null;/* ww w. ja v a 2 s .com*/ String username = (user == null) ? "" : user; String salt = null; String password = ""; try { jdbcConnection = this.dataSource.getConnection(); statement = jdbcConnection.prepareStatement(authenticationQuery); statement.setString(1, username); resultSet = statement.executeQuery(); boolean hasAccount = resultSet.next(); if (hasAccount) { password = resultSet.getString(1); salt = resultSet.getString(2); boolean notUniqueAccount = resultSet.next(); if (notUniqueAccount) { throw new AuthenticationException( String.format("User '%s' does not have unique account!", user)); } } else { throw new AuthenticationException(String.format("User '%s' does not have account!", user)); } } catch (SQLException e) { throw new AuthenticationException(e.getMessage()); } finally { JdbcUtils.closeResultSet(resultSet); JdbcUtils.closeStatement(statement); JdbcUtils.closeConnection(jdbcConnection); } return (new PasswordSalt(password, salt)); }
From source file:org.smallmind.nutsnbolts.shiro.realm.ActiveDirectoryLdapRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { try {//from w w w . ja v a 2s. c o m SearchControls searchControls; NamingEnumeration answer; String searchFilter; searchFilter = "(&(objectClass=user)(sAMAccountName=" + token.getPrincipal() + "))"; searchControls = new SearchControls(); searchControls.setReturningAttributes(RETURNED_ATTRIBUTES); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchControls.setCountLimit(1); answer = getLdapContext(connectionDetails.getUserName(), connectionDetails.getPassword()) .search(searchPath, searchFilter, searchControls); if (answer.hasMoreElements()) { if (((SearchResult) answer.next()).getAttributes() != null) { getLdapContext(token.getPrincipal().toString() + "@" + domain, new String((char[]) token.getCredentials())); Hash sha1Hash; ByteSource salt; sha1Hash = new Sha1Hash(new String((char[]) token.getCredentials()), salt = new SimpleByteSource(UUID.randomUUID().toString())); return new SimpleAuthenticationInfo(token.getPrincipal(), sha1Hash.getBytes(), salt, getName()); } } } catch (NamingException namingException) { throw new AuthenticationException(namingException); } return null; }
From source file:org.smallmind.nutsnbolts.shiro.realm.DefaultLdapRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { Hashtable<String, String> env; env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + connectionDetails.getHost() + ":" + connectionDetails.getPort() + "/" + connectionDetails.getRootNamespace()); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, connectionDetails.getUserName()); env.put(Context.SECURITY_CREDENTIALS, connectionDetails.getPassword()); try {/*from w w w. j ava 2s .c om*/ Attributes userAttributes; if ((userAttributes = ((DirContext) new InitialDirContext(env).lookup(searchPath)) .getAttributes("uid=" + token.getPrincipal().toString())) != null) { Attribute passwordAttribute; if ((passwordAttribute = userAttributes.get("userPassword")) != null) { String hashedPasswordPlusAlgorithm; Hash sha1Hash; hashedPasswordPlusAlgorithm = new String((byte[]) passwordAttribute.get()); sha1Hash = new Sha1Hash(new String((char[]) token.getCredentials())); if (hashedPasswordPlusAlgorithm.equals("{SHA}" + sha1Hash.toBase64())) { return new SimpleAuthenticationInfo(token.getPrincipal(), sha1Hash.getBytes(), getName()); } } } } catch (NamingException namingException) { throw new AuthenticationException(namingException); } return null; }
From source file:org.sonatype.nexus.ldap.internal.realms.LdapAuthenticator.java
License:Open Source License
public void authenticateUserWithPassword(LdapUser ldapUser, String password) throws AuthenticationException { // use the passwordmanager if (!this.passwordManager.isPasswordValid(ldapUser.getPassword(), password, null)) { throw new AuthenticationException("User '" + ldapUser.getUsername() + "' cannot be authenticated."); }//from w w w . j a va 2 s.c o m }
From source file:org.sonatype.nexus.ldap.LdapRealm.java
License:Open Source License
@Override protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); String pass = String.valueOf(upToken.getPassword()); // Verify non-empty password if (Strings.isNullOrEmpty(pass)) { throw new AuthenticationException("Password must not be empty"); }/*from ww w. java2 s .c om*/ this.ldapManager.authenticateUser(username, pass); // creating AuthInfo with plain pass (relates to creds matcher too) return new SimpleAuthenticationInfo(username, pass.toCharArray(), getName()); }
From source file:org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.java
License:Open Source License
@Override protected AuthenticationInfo doMultiRealmAuthentication(final Collection<Realm> realms, final AuthenticationToken token) { log.trace("Iterating through [{}] realms for PAM authentication", realms.size()); for (Realm realm : realms) { // check if the realm supports this token if (realm.supports(token)) { log.trace("Attempting to authenticate token [{}] using realm of type [{}]", token, realm); try { AuthenticationInfo info = realm.getAuthenticationInfo(token); if (info != null) { return info; }/* ww w . j a v a 2 s .c om*/ log.trace("Realm [{}] returned null when authenticating token [{}]", realm, token); } catch (Throwable t) { log.trace("Realm [{}] threw an exception during a multi-realm authentication attempt", realm, t); } } else { log.trace("Realm of type [{}] does not support token [{}]; skipping realm", realm, token); } } throw new AuthenticationException("Authentication token of type [" + token.getClass() + "] could not be authenticated by any configured realms. Please ensure that at least one realm can " + "authenticate these tokens."); }
From source file:org.sonatype.security.ldap.realms.AbstractLdapAuthenticationRealm.java
License:Open Source License
@Override protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); String pass = String.valueOf(upToken.getPassword()); // Verify non-empty password if (Strings.isNullOrEmpty(pass)) { throw new AuthenticationException("Password must not be empty"); }/*from w ww . ja v a2 s.c om*/ try { this.ldapManager.authenticateUser(username, pass); return this.buildAuthenticationInfo(username, null); } catch (org.sonatype.security.authentication.AuthenticationException e) { if (this.logger.isDebugEnabled()) { this.logger.debug("User: " + username + " could not be authenticated ", e); } throw new org.apache.shiro.authc.AuthenticationException(e.getMessage()); } }
From source file:org.sonatype.security.mock.realms.ExceptionThrowingMockRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { throw new AuthenticationException("This realm only throws exceptions"); }