List of usage examples for org.apache.shiro.authc AuthenticationException AuthenticationException
public AuthenticationException(Throwable cause)
From source file:com.github.ibole.infrastructure.web.security.spring.shiro.filter.StatelessAuthFilter.java
License:Apache License
public StatelessToken createStatelessToken(String token) { try {// www . jav a 2s . co m JwtObject jwtObj = tokenMgr.parseTokenWithoutValidation(token); StatelessToken statelessToken = new StatelessToken(token, jwtObj.getLoginId(), jwtObj.getClientId()); return statelessToken; } catch (TokenHandlingException ex) { throw new AuthenticationException(ex); } }
From source file:com.github.neunkasulle.chronocommand.security.Realm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; User user = UserDAO.getInstance().findUser(token.getUsername()); if (user == null) { user = UserDAO.getInstance().findUserByEmail(token.getUsername()); }/*from w ww . j ava 2s. c o m*/ if (user != null) { if (user.isDisabled()) { throw new AuthenticationException(new ChronoCommandException(Reason.USERDISABLED)); } else { return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), user.getSalt(), getName()); } } else { throw new AuthenticationException(); } }
From source file:com.github.pires.example.shiro.SMRealm.java
License:Apache License
private String[] getPasswordForUser(Connection conn, String email) throws SQLException { String[] result;//from ww w.j ava 2 s. co m boolean returningSeparatedSalt = false; switch (saltStyle) { case NO_SALT: case CRYPT: case EXTERNAL: result = new String[1]; break; default: result = new String[2]; returningSeparatedSalt = true; } PreparedStatement ps = null; ResultSet rs = null; try { ps = conn.prepareStatement(authenticationQuery); ps.setString(1, email); // set email address // Loop over results - although we are only expecting one result, // since usernames should be unique rs = ps.executeQuery(); boolean foundResult = false; while (rs.next()) { // Check to ensure only one row is processed if (foundResult) { throw new AuthenticationException( "More than one user row found for user [" + email + "]. Emails must be unique."); } result[0] = rs.getString(1); if (returningSeparatedSalt) { result[1] = rs.getString(2); } foundResult = true; } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return result; }
From source file:com.github.richardwilly98.esdms.shiro.EsRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { log.trace("*** doGetAuthenticationInfo ***"); UsernamePasswordToken upToken = (UsernamePasswordToken) token; if (log.isTraceEnabled()) { log.trace(String.format("authenticate - %s", upToken.getUsername())); }//from w w w . j a v a 2 s . c o m User user = getPrincipal(upToken.getUsername()); if (user == null) { throw new AuthenticationException(String.format("Login name [%s] not found!", upToken.getUsername())); } String hash = computeBase64Hash(upToken.getPassword()); if (log.isTraceEnabled()) { log.trace("hash: " + hash); } if (hash.equals(user.getHash())) { SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, upToken.getPassword(), getName()); return info; } else { throw new AuthenticationException( String.format("Password not matching for login name [%s]", upToken.getUsername())); } }
From source file:com.huang.rp.web.sys.rbac.authentication.ShiroDbRealm.java
License:Apache License
/** * ?,??? MyFormAuthenticationFilter/executeLogin *///ww w. j a v a 2s .c o m @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { MyAuthenticationToken myToken = (MyAuthenticationToken) token; String loginName = myToken.getUsername();// ??? ? SysUserExample userExample = new SysUserExample(); if (PatternUtils.matches(loginName, PatternUtils.emailRegex)) userExample.createCriteria().andEmailEqualTo(loginName); else if (PatternUtils.matches(loginName, PatternUtils.telephoneRegex)) userExample.createCriteria().andMobilePhoneNumberEqualTo(loginName); else throw new AuthenticationException("unknown login name"); SysUser user = null; try { user = susUserMapper.selectByExample(userExample).get(0); } catch (Exception e) { throw new UnknownAccountException(); } String password = user.getPassword(); if (!String.valueOf(myToken.getPassword()).equals(password)) { throw new IncorrectCredentialsException(); } boolean isAdmin = user.getAdmin(); // ? SysUserRoleExample userRoleExample = new SysUserRoleExample(); if (isAdmin)// admin? userRoleExample.createCriteria(); else userRoleExample.createCriteria().andUserIdEqualTo(user.getId()); List<SysUserRole> susUserRoleList = sysUserRoleMapper.selectByExample(userRoleExample); List<Long> roleIdList = Lists.newArrayList(); for (SysUserRole sur : susUserRoleList) { roleIdList.add(sur.getRoleId()); } ShiroUser shiroUser = new ShiroUser(user.getId(), user.getUsername(), user.getAdmin(), myToken.getHost(), roleIdList); SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(shiroUser, myToken.getPassword(), getName()); return info; }
From source file:com.josue.kingdom.security.application.ApplicationlRealm.java
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken) throws AuthenticationException { ApplicationToken appToken = (ApplicationToken) authToken; if (appToken.getPrincipal() == null || appToken.getCredentials() == null) { throw new AuthenticationException("No credential provided"); }/*from w w w . j a va 2s. c o m*/ char[] appSecret = (char[]) appToken.getCredentials(); Application foundApp = persistence.getApplication((String) appToken.getPrincipal(), new String(appSecret)); //TODO this and down here KingdomSecurity security; ManagerStatus managerStatus = ManagerStatus.EMPTY; if (foundApp != null) { Manager foundManager = null; if (appToken.getManagerToken() != null) { //can be username or email //TODO search for email or username String manLogin = appToken.getManagerToken().getPrincipal().toString(); char[] manPsw = (char[]) appToken.getManagerToken().getCredentials(); if (manPsw.length != 0 || manLogin.length() != 0) { if (appToken.getManagerToken().getType().equals(ManagerToken.CredentialType.EMAIL)) { foundManager = persistence.getManagerByEmail(foundApp.getUuid(), manLogin, new String(manPsw)); } else { foundManager = persistence.getManagerByUsername(foundApp.getUuid(), manLogin, new String(manPsw)); } if (foundManager != null) { managerStatus = ManagerStatus.AUTHENTICATED; } else { managerStatus = ManagerStatus.UNAUTHENTICATED; } } } security = new KingdomSecurity(foundApp, foundManager, managerStatus); //Here we put the entire APICredential class, so we can fetch it using Subject subject = SecurityUtils.getSubject(); return new SimpleAuthenticationInfo(security, foundApp.getSecret(), getName()); } throw new AuthenticationException("Invalid username or password, APP: " + appToken.getPrincipal()); }
From source file:com.josue.kingdom.security.manager.ManagerRealm.java
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken) throws AuthenticationException { ManagerToken managerToken = (ManagerToken) authToken; if (managerToken.getAppUuid() == null) { throw new AuthenticationException("Application uuid is needed to authenticate user"); }//w w w. j a v a 2 s . com Manager foundManager; String login = managerToken.getPrincipal().toString(); String password = new String((char[]) managerToken.getCredentials()); if (managerToken.getType().equals(ManagerToken.CredentialType.EMAIL)) {//email.... TODO improve? foundManager = persistence.getManagerByEmail(managerToken.getAppUuid(), login, password); } else { foundManager = persistence.getManagerByUsername(managerToken.getAppUuid(), login, password); } if (foundManager == null) { throw new AuthenticationException( "Invalid username or password, login: " + managerToken.getPrincipal()); } if (!foundManager.getStatus().equals(AccountStatus.ACTIVE)) { throw new AuthenticationException("Inactive user: " + managerToken.getPrincipal()); } //Here we put the entire APICredential class, so we can fetch it using Subject subject = SecurityUtils.getSubject(); return new SimpleAuthenticationInfo(foundManager, managerToken.getCredentials(), getName()); }
From source file:com.josue.shiro.authorization.custom.CustomRealm.java
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { Authorizer aut;/* ww w . java 2 s. co m*/ JdbcRealm realm; WildcardPermission wilcard; UsernamePasswordToken upToken = (UsernamePasswordToken) token; String foundPassword = Arrays.toString(upToken.getPassword()); if (foundPassword == null) { throw new AuthenticationException("No account found for username " + upToken.getUsername()); } SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(upToken.getPrincipal(), foundPassword, getName()); return info; }
From source file:com.jythonui.server.objectauth.ObjectAuthRealm.java
License:Apache License
private void throwNotExist(String errMess, String logMess, String person) { String mess = iRes.getLogMess().getMess(errMess, logMess, person); throw new AuthenticationException(mess); }
From source file:com.jythonui.server.objectauth.ObjectAuthRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken at) throws AuthenticationException { PasswordSecurityToken token = (PasswordSecurityToken) at; ObjectCustom ho = (ObjectCustom) token.getiCustom(); String instanceId = ho.getInstanceId(); String person = token.getUsername(); String password = getI().getPassword(getG().getInstance(instanceId, person), token.getUsername()); if (CUtil.EmptyS(password)) throwNotExist(IErrorCode.ERRORCODE99, ILogMess.AUTHUSERDOESNOTEXIST, person); String hotel = ho.getObjectName(); if (hotel == null) { // TODO: not expected, more verbose throwNotExist(IErrorCode.ERRORCODE100, ILogMess.AUTHHOTELISNULL, person); }//w ww . j a va 2s. c om List<OObjectRoles> roles = getI().getListOfRolesForObject(getG().getInstance(instanceId, person), hotel); if (roles == null) { String mess = iRes.getLogMess().getMess(IErrorCode.ERRORCODE101, ILogMess.AUTHCANNOTGETROLES, hotel, person); throw new AuthenticationException(mess); } List<String> hotelroles = null; for (OObjectRoles ro : roles) { if (ro.getObject().getName().equals(person)) { hotelroles = ro.getRoles(); break; } } if (hotelroles == null) { String mess = iRes.getLogMess().getMess(IErrorCode.ERRORCODE102, ILogMess.AUTHUSERDOESNOTHAVEROLEINHOTEL, person, hotel); throw new AuthenticationException(mess); } User user = new User(); user.roles = hotelroles; user.userName = person; return new SimpleAuthenticationInfo(user, password, getName()); }