List of usage examples for org.apache.shiro.authc AuthenticationException AuthenticationException
public AuthenticationException(Throwable cause)
From source file:org.isisaddons.module.security.shiro.ShiroUtils.java
License:Apache License
public static synchronized RealmSecurityManager getSecurityManager() { org.apache.shiro.mgt.SecurityManager securityManager; try {/* www.j av a 2s . c om*/ securityManager = SecurityUtils.getSecurityManager(); } catch (UnavailableSecurityManagerException ex) { throw new AuthenticationException(ex); } if (!(securityManager instanceof RealmSecurityManager)) { throw new AuthenticationException(); } return (RealmSecurityManager) securityManager; }
From source file:org.killbill.billing.util.security.shiro.realm.KillBillOktaRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { final UsernamePasswordToken upToken = (UsernamePasswordToken) token; if (doAuthenticate(upToken)) { // Credentials are valid return new SimpleAuthenticationInfo(token.getPrincipal(), token.getCredentials(), getName()); } else {/*from w w w .j a v a 2 s. c o m*/ throw new AuthenticationException("Okta authentication failed"); } }
From source file:org.killbill.billing.util.security.shiro.realm.KillBillOktaRealm.java
License:Apache License
private boolean doAuthenticate(final UsernamePasswordToken upToken) { final BoundRequestBuilder builder = httpClient .preparePost(securityConfig.getShiroOktaUrl() + "/api/v1/authn"); try {// w w w . ja va 2 s . c om final ImmutableMap<String, String> body = ImmutableMap.<String, String>of("username", upToken.getUsername(), "password", String.valueOf(upToken.getPassword())); builder.setBody(mapper.writeValueAsString(body)); } catch (final JsonProcessingException e) { log.warn("Error while generating Okta payload"); throw new AuthenticationException(e); } builder.addHeader("Authorization", "SSWS " + securityConfig.getShiroOktaAPIToken()); builder.addHeader("Content-Type", "application/json; charset=UTF-8"); final Response response; try { final ListenableFuture<Response> futureStatus = builder.execute(new AsyncCompletionHandler<Response>() { @Override public Response onCompleted(final Response response) throws Exception { return response; } }); response = futureStatus.get(DEFAULT_TIMEOUT_SECS, TimeUnit.SECONDS); } catch (final TimeoutException toe) { log.warn("Timeout while connecting to Okta"); throw new AuthenticationException(toe); } catch (final Exception e) { log.warn("Error while connecting to Okta"); throw new AuthenticationException(e); } return isAuthenticated(response); }
From source file:org.killbill.billing.util.security.shiro.realm.KillBillOktaRealm.java
License:Apache License
private boolean isAuthenticated(final Response oktaRawResponse) { try {/*from ww w . j a va2s. c o m*/ final Map oktaResponse = mapper.readValue(oktaRawResponse.getResponseBodyAsStream(), Map.class); if ("SUCCESS".equals(oktaResponse.get("status"))) { return true; } else { log.warn("Okta authentication failed: " + oktaResponse); return false; } } catch (final IOException e) { log.warn("Unable to read response from Okta"); throw new AuthenticationException(e); } }
From source file:org.obiba.onyx.webapp.authentication.OnyxRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { AuthenticationInfo info = super.doGetAuthenticationInfo(token); Connection conn = null;/*from ww w.jav a 2 s . co m*/ try { conn = dataSource.getConnection(); UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); String[] result = getPropertiesForUser(conn, username); if (Status.INACTIVE.toString().equals(result[0])) { throw new DisabledAccountException(); } if (result[1] != null) { OnyxAuthenticatedSession.get().setLocale(new Locale(result[1])); } } catch (SQLException e) { throw new AuthenticationException(e); } finally { JdbcUtils.closeConnection(conn); } return info; }
From source file:org.obiba.onyx.webapp.authentication.OnyxRealm.java
License:Open Source License
/** * /*from www . ja v a2s .c o m*/ * @param conn * @param username * @return status,language * @throws SQLException */ private String[] getPropertiesForUser(Connection conn, String username) throws SQLException { String[] result = new String[] { Status.INACTIVE.toString(), null }; PreparedStatement ps = null; ResultSet rs = null; try { ps = conn.prepareStatement(USER_PROPERTIES_QUERY); ps.setString(1, username); // Execute query rs = ps.executeQuery(); // Loop over results - although we are only expecting one result, since usernames should be unique boolean foundResult = false; while (rs.next()) { // Check to ensure only one row is processed if (foundResult) { throw new AuthenticationException( "More than one user row found for user [" + username + "]. Usernames must be unique."); } result[0] = rs.getString(1); result[1] = rs.getString(2); foundResult = true; } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return result; }
From source file:org.obiba.opal.core.service.SubjectProfileServiceImpl.java
License:Open Source License
@Override public void ensureProfile(@NotNull String principal, @NotNull String realm) { log.debug("ensure profile of user {} from realm: {}", principal, realm); try {//from w w w .ja v a 2 s . c om SubjectProfile profile = getProfile(principal); if (!profile.getRealm().equals(realm)) { throw new AuthenticationException( "Wrong realm for subject '" + principal + "': " + realm + " (" + profile.getRealm() + " expected). Make sure the same subject is not defined in several realms."); } } catch (SubjectProfileNotFoundException e) { HasUniqueProperties newProfile = new SubjectProfile(principal, realm); orientDbService.save(newProfile, newProfile); } }
From source file:org.ohdsi.webapi.shiro.AbstractLdapAuthFilter.java
License:Apache License
@Override protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception { final String name = request.getParameter("login"); final String password = request.getParameter("password"); T token;// ww w . jav a 2 s. c om if (name != null && password != null) { token = getToken(); token.setUsername(name); token.setPassword(password.toCharArray()); } else { throw new AuthenticationException("Empty credentials"); } return token; }
From source file:org.ohdsi.webapi.shiro.JdbcAuthFilter.java
License:Apache License
@Override protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception { final String name = servletRequest.getParameter("login"); final String password = servletRequest.getParameter("password"); UsernamePasswordToken token;/* w w w .ja v a2 s . com*/ if (name != null && password != null) { token = new UsernamePasswordToken(name, password); } else { throw new AuthenticationException("Empty credentials"); } return token; }
From source file:org.ohdsi.webapi.shiro.JdbcAuthRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { SimpleAuthenticationInfo info;/*ww w . ja va 2s. c o m*/ UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); if (username == null) { throw new AccountException("Null usernames are not allowed by this realm."); } else { String password = this.getPasswordForUser(username); if (password == null || !bCryptPasswordEncoder.matches(new String(upToken.getPassword()), password)) { throw new AuthenticationException("Incorrect username or password"); } else { info = new SimpleAuthenticationInfo(username, upToken.getPassword(), this.getName()); } } return info; }