List of usage examples for org.apache.shiro.authc AuthenticationException AuthenticationException
public AuthenticationException(Throwable cause)
From source file:com.streamreduce.core.service.SecurityServiceImpl.java
License:Apache License
/** * Sort of a fragile wrapper to get the User from the User Realm or the Gateway Realm * TODO: we need a better way to store these * * @return - The User who is logged in, or the User who is owns the IMG connection request. *//*from w ww . jav a 2s .c om*/ private User getShiroUser() { try { final Object id = SecurityUtils.getSubject().getPrincipal(); if (id != null) { if (id instanceof ObjectId) { return userDAO.get((ObjectId) id); } else if (id instanceof String) { // must be IMG Connection connection = connectionDAO.getByAPIKey((String) id, GatewayProvider.TYPE); return connection.getUser(); } } } catch (UnavailableSecurityManagerException e) { throw new AuthenticationException(e.getMessage()); } throw new AuthenticationException(ErrorMessages.INVALID_CREDENTIAL); }
From source file:com.streamreduce.security.filter.GatewayTokenAuthenticatingFilter.java
License:Apache License
@Override protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception { String token = getHeaderParameter(request); if (token == null) { logger.debug("Header Authorization token is null, throw exception."); throw new AuthenticationException(ErrorMessages.INVALID_CREDENTIAL); }/* w ww .j a v a 2s . c o m*/ return new GatewayAuthenticaionToken(token); }
From source file:com.streamreduce.security.filter.UserTokenAuthenticatingFilter.java
License:Apache License
@Override protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception { String token = getHeaderParameter(request); if (token == null) { logger.debug("Header Authorization token is null, throw exception "); throw new AuthenticationException(ErrorMessages.INVALID_CREDENTIAL); }//from w w w . j av a 2 s.co m return new UserAuthenticationToken(token); }
From source file:com.streamreduce.security.realm.GatewayTokenAuthorizingRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { NodeableAuthenticationToken token = (GatewayAuthenticaionToken) authcToken; logger.debug("Attempting to get gateway api authentication info for" + ((GatewayAuthenticaionToken) authcToken).getToken()); Connection connection = securityService.getByApiKey(token.getToken(), GatewayProvider.TYPE); if (connection == null) { throw new AuthenticationException(ErrorMessages.INVALID_CREDENTIAL); }//from w w w.j ava2 s . co m logger.debug("ConnectionId is set to " + connection.getId()); // all is well so far... return new SimpleAuthenticationInfo(connection.getCredentials().getIdentity(), "", getName()); }
From source file:com.streamreduce.security.realm.UsernamePasswordAuthorizingRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; User user = userDAO.findUser(token.getUsername()); // can find this username in the db. if (user == null) { logger.debug("User is null from the Basic DAO lookup: " + token.getUsername()); throw new AuthenticationException(ErrorMessages.USER_NOT_FOUND); }//from www . j a v a2s. com // account is locked! if (user.isUserLocked() || user.getAccount().getConfigValue(Account.ConfigKey.ACCOUNT_LOCKED)) { logger.debug("User is locked or account is locked: " + token.getUsername() + " in account: " + user.getAccount().getName()); throw new AuthenticationException(ErrorMessages.INACTIVE_ACCOUNT); } return new SimpleAuthenticationInfo(user.getId(), user.getPassword(), getName()); }
From source file:com.streamreduce.security.realm.UserTokenAuthorizingRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { NodeableAuthenticationToken token = (UserAuthenticationToken) authcToken; logger.debug(// w w w. java 2s . c o m "Attempting to get authentication info for" + ((UserAuthenticationToken) authcToken).getToken()); User theUser = securityService.getUserFromAuthenticationToken(token.getToken()); if (theUser == null) { throw new AuthenticationException(ErrorMessages.INVALID_CREDENTIAL); } logger.debug("UserId is set to " + theUser.getUser().getId()); // token is expired // if (userToken.getExpirationDate() < System.currentTimeMillis()) { // throw new AuthenticationException(ErrorMessages.EXPIRED_CREDENTIAL); // } // all is well so far... return new SimpleAuthenticationInfo(theUser.getId(), "", getName()); }
From source file:com.tensorwrench.shiro.realm.MongoUserPasswordRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken) throws AuthenticationException { if (!(authToken instanceof UsernamePasswordToken)) { throw new AuthenticationException("This realm only supports UsernamePasswordTokens"); }//from w w w. jav a2s .c o m UsernamePasswordToken token = (UsernamePasswordToken) authToken; if (token.getUsername() == null) { throw new AuthenticationException("Cannot log in null user"); } return findPasswordForUsername(token.getUsername()); }
From source file:com.thjug.bgile.security.JpaRealm.java
License:Creative Commons License
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) { if (token instanceof UsernamePasswordToken) { final UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; final Account account = facade.findByUsername(usernamePasswordToken.getUsername()); if (account == null) { throw new UnknownAccountException(); }/* w w w. jav a 2 s . c o m*/ if (account.getEnableid() != Enable.T) { throw new LockedAccountException(); } return new SimpleAuthenticationInfo(account, account.getPasswd(), JpaRealm.class.getSimpleName()); } else { throw new AuthenticationException("Invalid Token Type"); } }
From source file:com.wegas.core.security.facebook.FacebookRealm.java
License:MIT License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { FacebookToken facebookToken = (FacebookToken) token; // do all the facebook gubbins if (facebookToken.getCode() != null && facebookToken.getCode().trim().length() > 0) { URL authUrl;//from w w w.jav a2 s . c o m try { authUrl = new URL("https://graph.facebook.com/oauth/access_token?" + "client_id=" + APP_ID + "&redirect_uri=" + REDIRECT_URL + "&client_secret=" + APP_SECRET + "&code=" + facebookToken.getCode()); String authResponse = readURL(authUrl); System.out.println(authResponse); String accessToken = getPropsMap(authResponse).get("access_token"); URL url = new URL("https://graph.facebook.com/me?access_token=" + accessToken); String fbResponse = readURL(url); FacebookUserDetails fud = new FacebookUserDetails(fbResponse); return new FacebookAuthenticationInfo(fud, this.getName()); } catch (MalformedURLException e1) { e1.printStackTrace(); throw new AuthenticationException(e1); } catch (IOException ioe) { ioe.printStackTrace(); throw new AuthenticationException(ioe); } catch (Throwable e) { e.printStackTrace(); } } return null; }
From source file:com.whale.eos.service.org.ShiroDbRealm.java
License:Apache License
public void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws AuthenticationException { if (PropertyUtil.getBoolean("encrypt")) { super.assertCredentialsMatch(token, info); } else {//from w w w. j a va2 s . co m if (token != null && info != null) { CaptchaUsernamePasswordToken tk = (CaptchaUsernamePasswordToken) token; if (!(String.valueOf(tk.getPassword())).equals((String) info.getCredentials())) { // not successful - throw an exception to indicate this: String msg = "Submitted credentials for token [" + tk + "] did not match the expected credentials."; throw new IncorrectCredentialsException(msg); } } else { throw new AuthenticationException("A CredentialsMatcher must be configured in order to verify " + "credentials during authentication. If you do not wish for credentials to be examined, you " + "can configure an " + AllowAllCredentialsMatcher.class.getName() + " instance."); } } }