List of usage examples for org.apache.shiro.authc CredentialsException CredentialsException
public CredentialsException(Throwable cause)
From source file:com.bennavetta.appsite.security.ObjectifyRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { log.trace("Loading authentication info for {}", token); UsernamePasswordToken login = (UsernamePasswordToken) token; User user = ofy().load().type(User.class).id(login.getUsername()).get(); log.trace("Loaded user {}", user); if (user != null) { return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), REALM_NAME); } else {/*from www . j a va 2 s .c o m*/ throw new CredentialsException("No such user: " + login.getUsername()); } }
From source file:eu.eubrazilcc.lvl.storage.security.shiro.LinkedInRealm.java
License:EUPL
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { // validate token if (token == null) { throw new CredentialsException("Uninitialized token"); }//from w w w . j a v a2s.c om if (!(token instanceof AccessTokenToken)) { throw new UnsupportedTokenException("Unsuported token type: " + token.getClass().getCanonicalName()); } // get access token final AccessTokenToken accessToken = (AccessTokenToken) token; final String secret = trimToNull(accessToken.getToken()); if (isEmpty(secret)) { throw new AccountException("Empty tokens are not allowed in this realm"); } // find token in the LVL OAuth2 database String ownerid = null; final AtomicReference<String> ownerIdRef = new AtomicReference<String>(); if (TOKEN_DAO.isValid(secret, ownerIdRef)) { ownerid = ownerIdRef.get(); } if (isEmpty(ownerid)) { throw new IncorrectCredentialsException("Incorrect credentials found"); } // find resource owner in the LVL IdP database final ResourceOwner owner = RESOURCE_OWNER_DAO.useGravatar(false).find(ownerid); if (owner == null || owner.getUser() == null) { throw new UnknownAccountException("No account found for user [" + ownerid + "]"); } return new SimpleAuthenticationInfo(ownerid, secret, getName()); }
From source file:eu.eubrazilcc.lvl.storage.security.shiro.LvlBasicRealm.java
License:EUPL
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { // validate token if (token == null) { throw new CredentialsException("Uninitialized token"); }//from w ww . j a v a 2s.co m if (!(token instanceof UsernamePasswordToken)) { throw new UnsupportedTokenException("Unsuported token type: " + token.getClass().getCanonicalName()); } // get user name final UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; final String username = trimToNull(usernamePasswordToken.getUsername()); if (isEmpty(username)) { throw new AccountException("Empty usernames are not allowed in this realm"); } // find resource owner in the LVL IdP database final String ownerid = toResourceOwnerId(LVL_IDENTITY_PROVIDER, username); final ResourceOwner owner = RESOURCE_OWNER_DAO.useGravatar(false).find(ownerid); if (owner == null || owner.getUser() == null) { throw new UnknownAccountException("No account found for user [" + username + "]"); } return new SimpleAuthenticationInfo(ownerid, owner.getUser().getPassword().toCharArray(), decodeHex(owner.getUser().getSalt()), getName()); }
From source file:org.apache.usergrid.security.shiro.Realm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { PrincipalCredentialsToken pcToken = (PrincipalCredentialsToken) token; if (pcToken.getCredentials() == null) { throw new CredentialsException("Missing credentials"); }// ww w . ja va 2s . com boolean authenticated = false; PrincipalIdentifier principal = pcToken.getPrincipal(); PrincipalCredentials credentials = pcToken.getCredentials(); if (credentials instanceof ClientCredentials) { authenticated = true; } else if ((principal instanceof AdminUserPrincipal) && (credentials instanceof AdminUserPassword)) { authenticated = true; } else if ((principal instanceof AdminUserPrincipal) && (credentials instanceof AdminUserAccessToken)) { authenticated = true; } else if ((principal instanceof ApplicationUserPrincipal) && (credentials instanceof ApplicationUserAccessToken)) { authenticated = true; } else if ((principal instanceof ApplicationPrincipal) && (credentials instanceof ApplicationAccessToken)) { authenticated = true; } else if ((principal instanceof OrganizationPrincipal) && (credentials instanceof OrganizationAccessToken)) { authenticated = true; } if (principal != null) { if (!principal.isActivated()) { throw new AuthenticationException("Unactivated identity"); } if (principal.isDisabled()) { throw new AuthenticationException("Disabled identity"); } } if (!authenticated) { throw new AuthenticationException("Unable to authenticate"); } if (logger.isTraceEnabled()) { logger.trace("Authenticated: {}", principal); } return new SimpleAuthenticationInfo(pcToken.getPrincipal(), pcToken.getCredentials(), getName()); }
From source file:org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.java
License:Apache License
/** * In order to provide an attacker with additional information, the exceptions thrown here deliberately have * few (or no) details in their exception message. Similarly, the generic * {@link org.apache.shiro.authc.CredentialsException} is thrown for both a non-existent user and also an * invalid password.//from www . j av a 2s . c o m */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { if (!(token instanceof UsernamePasswordToken)) { throw new AuthenticationException(); } final UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; String username = usernamePasswordToken.getUsername(); char[] password = usernamePasswordToken.getPassword(); // lookup from database, for roles/perms, but also // determine how to authenticate (delegate or local), whether disabled final PrincipalForApplicationUser principal = lookupPrincipal(username, (hasDelegateAuthenticationRealm() && getAutoCreateUser())); if (principal == null) { // if no delegate authentication throw new CredentialsException("Unknown user/password combination"); } if (principal.isDisabled()) { // this is the default if delegated account and automatically created throw new DisabledAccountException(); } if (principal.getAccountType() == AccountType.DELEGATED) { AuthenticationInfo delegateAccount = null; if (hasDelegateAuthenticationRealm()) { try { delegateAccount = delegateAuthenticationRealm.getAuthenticationInfo(token); } catch (AuthenticationException ex) { // fall through } } if (delegateAccount == null) { throw new CredentialsException("Unknown user/password combination"); } } else { final CheckPasswordResult result = checkPassword(password, principal.getEncryptedPassword()); switch (result) { case OK: break; case BAD_PASSWORD: throw new CredentialsException("Unknown user/password combination"); case NO_PASSWORD_ENCRYPTION_SERVICE_CONFIGURED: throw new AuthenticationException("No password encryption service is installed"); default: throw new AuthenticationException(); } } final Object credentials = token.getCredentials(); final String realmName = getName(); return new AuthInfoForApplicationUser(principal, realmName, credentials); }
From source file:org.usergrid.security.shiro.Realm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { PrincipalCredentialsToken pcToken = (PrincipalCredentialsToken) token; if (pcToken.getCredentials() == null) { throw new CredentialsException("Missing credentials"); }/*from ww w .j a va2 s.c o m*/ boolean authenticated = false; PrincipalIdentifier principal = pcToken.getPrincipal(); PrincipalCredentials credentials = pcToken.getCredentials(); if (credentials instanceof ClientCredentials) { authenticated = true; } else if ((principal instanceof AdminUserPrincipal) && (credentials instanceof AdminUserPassword)) { authenticated = true; } else if ((principal instanceof AdminUserPrincipal) && (credentials instanceof AdminUserAccessToken)) { authenticated = true; } else if ((principal instanceof ApplicationUserPrincipal) && (credentials instanceof ApplicationUserAccessToken)) { authenticated = true; } else if ((principal instanceof ApplicationPrincipal) && (credentials instanceof ApplicationAccessToken)) { authenticated = true; } else if ((principal instanceof OrganizationPrincipal) && (credentials instanceof OrganizationAccessToken)) { authenticated = true; } if (principal != null) { if (!principal.isActivated()) { throw new AuthenticationException("Unactivated identity"); } if (principal.isDisabled()) { throw new AuthenticationException("Disabled identity"); } } if (!authenticated) { throw new AuthenticationException("Unable to authenticate"); } logger.debug("Authenticated: {}", principal); SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(pcToken.getPrincipal(), pcToken.getCredentials(), getName()); return info; }
From source file:org.xaloon.core.security.shiro.AbstractRealm.java
License:Apache License
protected AuthenticationInfo doGetAuthenticationInfoInternal(String username) { org.xaloon.core.api.security.model.UserDetails userDetailPrincipal = getLoginService() .loadUserDetails(username);/*from www . j a v a 2s .c o m*/ if (userDetailPrincipal == null) { throw new CredentialsException(SecurityFacade.INVALID_USERNAME_PASSWORD); } if (!userDetailPrincipal.isEnabled()) { throw new DisabledAccountException(SecurityFacade.ACCOUNT_DISABLED); } if (!userDetailPrincipal.isAccountNonExpired()) { throw new ExpiredCredentialsException(SecurityFacade.ACCOUNT_EXPIRED); } if (!userDetailPrincipal.isAccountNonLocked()) { throw new LockedAccountException(SecurityFacade.ACCOUNT_LOCKED); } if (!userDetailPrincipal.isCredentialsNonExpired()) { throw new ExpiredCredentialsException(SecurityFacade.CREDENTIALS_EXPIRED); } //Everything should be fine now. User userPrincipal = getUserDao().getUserByUsername(username); Collection<Object> principalCollection = new ArrayList<Object>(); principalCollection.add(userDetailPrincipal); principalCollection.add(userPrincipal); return new SimpleAuthenticationInfo(new SimplePrincipalCollection(principalCollection, getName()), userDetailPrincipal.getPassword(), getName()); }