List of usage examples for org.apache.shiro.authc ExpiredCredentialsException ExpiredCredentialsException
public ExpiredCredentialsException(Throwable cause)
From source file:com.caricah.iotracah.bootstrap.security.realm.IOTAbstractRealm.java
License:Apache License
/** * Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given * authentication token.//w ww . j a v a 2s. c o m * <p> * For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing * more and letting Shiro do the rest. But in some systems, this method could actually perform EIS specific * log-in logic in addition to just retrieving data - it is up to the Realm implementation. * <p> * A {@code null} return value means that no account could be associated with the specified token. * * @param token the authentication token containing the user's principal and credentials. * @return an {@link AuthenticationInfo} object containing account data resulting from the * authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.) * @throws AuthenticationException if there is an error acquiring data or performing * realm-specific authentication logic for the specified <tt>token</tt> */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { IdConstruct idConstruct = ((IdPassToken) token).getIdConstruct(); IOTAccount account = getIOTAccount(idConstruct.getPartition(), idConstruct.getUsername()); if (account != null) { if (account.getIsLocked()) { throw new LockedAccountException("Account [" + account + "] is locked."); } if (account.getIsCredentialExpired()) { String msg = "The credentials for account [" + account + "] are expired"; throw new ExpiredCredentialsException(msg); } } return account; }
From source file:graphene.security.tomcat.preaa.PreAASecurityRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken authToken) throws AuthenticationException { logger.debug("doGetAuthenticationInfo " + authToken.getPrincipal()); // return null; final UsernamePasswordToken upToken = (UsernamePasswordToken) authToken; G_User g_User = null;// w w w . jav a2 s .com SimpleAccount account = null; try { g_User = userDataAccess.getByUsername(upToken.getUsername()); final Set<String> roleNames = CollectionUtils.asSet((String[]) null); account = new SimpleAccount(g_User.getUsername(), "password", getName(), roleNames, null); } catch (final AvroRemoteException e) { // TODO Auto-generated catch block e.printStackTrace(); } if (account != null) { if (account.isLocked()) { throw new LockedAccountException("Account [" + account + "] is locked."); } if (account.isCredentialsExpired()) { final String msg = "The credentials for account [" + account + "] are expired"; throw new ExpiredCredentialsException(msg); } } else { logger.error("user was null"); } return account; }
From source file:org.ms123.common.permission.MyRealm.java
License:Open Source License
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; SimpleAccount account = getUser(upToken.getUsername()); if (account != null) { if (account.isLocked()) { throw new LockedAccountException("Account [" + account + "] is locked."); }/*from w ww. j a v a2 s. c o m*/ if (account.isCredentialsExpired()) { String msg = "The credentials for account [" + account + "] are expired"; throw new ExpiredCredentialsException(msg); } } return account; }
From source file:org.obiba.agate.security.AgateTokenRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username;// www.j a va 2 s . com TicketAuthenticationToken ticketAuthenticationToken = (TicketAuthenticationToken) token; String ticketId = ticketAuthenticationToken.getTicketId(); try { Ticket ticket = ticketService.getTicket(ticketAuthenticationToken.getTicketId()); ticket.addEvent("agate", "validate"); ticketService.save(ticket); username = ticket.getUsername(); } catch (NoSuchTicketException e) { throw new ExpiredCredentialsException("Ticket cannot be found."); } // Null username is invalid if (username == null) { throw new AccountException("Null usernames are not allowed by this realm."); } User user = userService.findActiveUser(username); if (user == null) { user = userService.findActiveUserByEmail(username); username = user.getName(); } if (user == null || !user.isEnabled() || !user.getRealm().equals(AgateRealm.AGATE_USER_REALM)) { throw new UnknownAccountException("No account found for user [" + username + "]"); } UserCredentials userCredentials = userService.findUserCredentials(username); if (userCredentials == null) throw new UnknownAccountException("No account found for user [" + username + "]"); List<String> principals = Lists.newArrayList(username); if (!Strings.isNullOrEmpty(ticketId)) principals.add(ticketId); return new SimpleAuthenticationInfo(new SimplePrincipalCollection(principals, getName()), token.getCredentials()); }
From source file:org.panifex.security.persistence.PersistenceRealm.java
License:Open Source License
/** * Asserts that the persisted account is not expired, and if not, throws an ExpiredCredentialsException. * * @param account the persisted {@link AccountEntity} * @throws ExpiredCredentialsException it the account is expired *//*from ww w.j a va2 s. c om*/ private void assertCredentialsNotExpired(AccountEntity account) throws ExpiredCredentialsException { if (account.getIsCredentialsExpired()) { // the account is expired. Throw ExpiredCredentialsException StringBuilder sb = new StringBuilder(); sb.append("Credentials is expired for user "); sb.append(account.getUsername()); throw new ExpiredCredentialsException(sb.toString()); } }
From source file:org.xaloon.core.security.shiro.AbstractRealm.java
License:Apache License
protected AuthenticationInfo doGetAuthenticationInfoInternal(String username) { org.xaloon.core.api.security.model.UserDetails userDetailPrincipal = getLoginService() .loadUserDetails(username);/*ww w. ja va 2 s. c o m*/ if (userDetailPrincipal == null) { throw new CredentialsException(SecurityFacade.INVALID_USERNAME_PASSWORD); } if (!userDetailPrincipal.isEnabled()) { throw new DisabledAccountException(SecurityFacade.ACCOUNT_DISABLED); } if (!userDetailPrincipal.isAccountNonExpired()) { throw new ExpiredCredentialsException(SecurityFacade.ACCOUNT_EXPIRED); } if (!userDetailPrincipal.isAccountNonLocked()) { throw new LockedAccountException(SecurityFacade.ACCOUNT_LOCKED); } if (!userDetailPrincipal.isCredentialsNonExpired()) { throw new ExpiredCredentialsException(SecurityFacade.CREDENTIALS_EXPIRED); } //Everything should be fine now. User userPrincipal = getUserDao().getUserByUsername(username); Collection<Object> principalCollection = new ArrayList<Object>(); principalCollection.add(userDetailPrincipal); principalCollection.add(userPrincipal); return new SimpleAuthenticationInfo(new SimplePrincipalCollection(principalCollection, getName()), userDetailPrincipal.getPassword(), getName()); }