Example usage for org.apache.shiro.authc AuthenticationException AuthenticationException

List of usage examples for org.apache.shiro.authc AuthenticationException AuthenticationException

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.authc.*
  5. AuthenticationException
  6. AuthenticationException

Introduction

In this page you can find the example usage for org.apache.shiro.authc AuthenticationException AuthenticationException.

Prototype

public AuthenticationException(Throwable cause)

Source Link

Document

Constructs a new AuthenticationException.

Usage

From source file:to.sauerkraut.krautadmin.resources.SessionResource.java

License:Open Source License

@POST
@Path("/login")
public GenericResponse<String> login(@FormParam("username") final String username,
        @FormParam("password") final String password, @Auth final Subject subject,
        @Context final HttpServletRequest request) {

    // do not set a rememberMe-cookie on non-encrypted connections
    final boolean rememberMe = !(!request.isSecure()
            && configuration.getSecurityConfiguration().getRememberMeCookieConfiguration().isSecure());
    final KrautAdminConfiguration.SecurityConfiguration securityConfiguration = configuration
            .getSecurityConfiguration();

    final String hashedIp = DigestUtils.md5Hex(request.getRemoteAddr());
    final int banDays = securityConfiguration.getBanDays();
    final int maximumFailedAttempts = securityConfiguration.getMaximumFailedAttempts();
    final LoginAttempt loginAttempt = loginAttemptRepository.findByHashedIp(hashedIp);

    if (loginAttempt != null && loginAttempt.getFailedAttempts() >= maximumFailedAttempts) {
        throw new AuthenticationException("Es sind nicht mehr als " + maximumFailedAttempts
                + " fehlerhafte Versuche pro IP und innerhalb einer Ban-Periode (" + banDays + " Tag"
                + (banDays != 1 ? "e" : "") + ") "
                + "erlaubt (IPs werden nicht gespeichert, sondern nur deren Hash-Werte "
                + "und diese nur kurzfristig und nur, wenn die Login-Versuche erfolglos bleiben - "
                + "bei erfolgreichem Login wird weder IP noch Hash gespeichert!). "
                + "Der letze fehlerhafte Versuch fand statt am "
                + (new SimpleDateFormat("dd.MM.yyyy 'um' HH:mm").format(loginAttempt.getLastAttempt())
                        + " Uhr (Serverzeit)"));
    } else {//from   ww w. jav a  2  s  .  co m
        return login(hashedIp, subject, username, password, rememberMe);
    }
}

From source file:utils.security.SampleRealm.java

License:Open Source License

private void checkNotNull(String reference, String message) throws AuthenticationException {
    if (reference == null) {
        throw new AuthenticationException(message);
    }//  ww  w.  j  av  a  2 s .  c o  m
}

From source file:waffle.shiro.AbstractWaffleRealm.java

License:Open Source License

@Override
protected final AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken authToken) {
    AuthenticationInfo authenticationInfo = null;
    if (authToken instanceof UsernamePasswordToken) {
        final UsernamePasswordToken token = (UsernamePasswordToken) authToken;
        final String username = token.getUsername();
        IWindowsIdentity identity = null;
        try {/*from   ww  w.  ja va  2 s . c o m*/
            AbstractWaffleRealm.LOGGER.debug("Attempting login for user {}", username);
            identity = this.provider.logonUser(username, new String(token.getPassword()));
            if (identity.isGuest()) {
                AbstractWaffleRealm.LOGGER.debug("Guest identity for user {}; denying access", username);
                throw new AuthenticationException("Guest identities are not allowed access");
            }
            final Object principal = new WaffleFqnPrincipal(identity);
            authenticationInfo = this.buildAuthenticationInfo(token, principal);
            AbstractWaffleRealm.LOGGER.debug("Successful login for user {}", username);
        } catch (final RuntimeException e) {
            AbstractWaffleRealm.LOGGER.debug("Failed login for user {}: {}", username, e.getMessage());
            AbstractWaffleRealm.LOGGER.trace("", e);
            throw new AuthenticationException("Login failed", e);
        } finally {
            if (identity != null) {
                identity.dispose();
            }
        }
    }
    return authenticationInfo;
}

From source file:waffle.shiro.negotiate.NegotiateAuthenticationRealm.java

License:Open Source License

@Override
protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken t) {

    final NegotiateToken token = (NegotiateToken) t;
    final byte[] inToken = token.getIn();

    if (token.isNtlmPost()) {
        // type 2 NTLM authentication message received
        this.windowsAuthProvider.resetSecurityToken(token.getConnectionId());
    }/*ww w  . j  av  a  2  s .  co  m*/

    final IWindowsSecurityContext securityContext;
    try {
        securityContext = this.windowsAuthProvider.acceptSecurityToken(token.getConnectionId(), inToken,
                token.getSecurityPackage());
    } catch (final Exception e) {
        NegotiateAuthenticationRealm.LOGGER.warn("error logging in user: {}", e.getMessage());
        throw new AuthenticationException(e);
    }

    final byte[] continueTokenBytes = securityContext.getToken();
    token.setOut(continueTokenBytes);
    if (continueTokenBytes != null) {
        NegotiateAuthenticationRealm.LOGGER.debug("continue token bytes: {}",
                Integer.valueOf(continueTokenBytes.length));
    } else {
        NegotiateAuthenticationRealm.LOGGER.debug("no continue token bytes");
    }

    if (securityContext.isContinue() || token.isNtlmPost()) {
        throw new AuthenticationInProgressException();
    }

    final IWindowsIdentity windowsIdentity = securityContext.getIdentity();
    securityContext.dispose();

    NegotiateAuthenticationRealm.LOGGER.debug("logged in user: {} ({})", windowsIdentity.getFqn(),
            windowsIdentity.getSidString());

    final Principal principal = new WindowsPrincipal(windowsIdentity);
    token.setPrincipal(principal);

    final Subject subject = new Subject();
    subject.getPrincipals().add(principal);
    token.setSubject(subject);

    return token.createInfo();
}

From source file:zi.helper.ZShiroJdbcRealm.java

License:Apache License

private PasswdSalt getPasswordForUser(String username) {
    PreparedStatement statement = null;
    ResultSet resultSet = null;//from  w w  w  .  j  ava  2s.c om
    Connection conn = null;
    try {
        conn = dataSource.getConnection();
        statement = conn.prepareStatement(authenticationQuery);
        statement.setString(1, username);

        resultSet = statement.executeQuery();

        boolean hasAccount = resultSet.next();
        if (!hasAccount)
            return null;

        String salt = null;
        String password = resultSet.getString(1);

        salt = "OTransmedia.2.0";

        if (resultSet.getMetaData().getColumnCount() > 1)
            salt = "OTransmedia.2.0";//resultSet.getString(2);

        if (resultSet.next()) {
            throw new AuthenticationException(
                    "More than one user row found for user [" + username + "]. Usernames must be unique.");
        }

        return new PasswdSalt(password, salt);
    } catch (SQLException e) {
        final String message = "There was a SQL error while authenticating user [" + username + "]";
        if (log.isErrorEnabled()) {
            log.error(message, e);
        }
        throw new AuthenticationException(message, e);

    } finally {
        JdbcUtils.closeResultSet(resultSet);
        JdbcUtils.closeStatement(statement);
        JdbcUtils.closeConnection(conn);
    }
}