List of usage examples for org.apache.shiro.authc IncorrectCredentialsException IncorrectCredentialsException
public IncorrectCredentialsException()
From source file:cn.com.qiqi.order.web.system.security.ShiroDbRealm.java
License:Apache License
/** * ?,./*from w w w . j a va 2 s . c o m*/ */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; User user = userService.findUserByUserName(token.getUsername()); if (user != null) { if (user.getStatus() != 1) { Subject subject = SecurityUtils.getSubject(); subject.getSession().setAttribute(Constants.CURRENT_USER_NAME, user.getUserName()); throw new DisabledAccountException(); } String md5 = Encodes.encodeHex( Digests.md5(String.valueOf(token.getPassword()).getBytes(), user.getUserName().getBytes(), 1)); if (!user.getPassword().equals(md5)) { throw new IncorrectCredentialsException(); } sysLogService.log("", "", user.getUserName(), SysLog.INFO, token.getHost(), SysLog.USER); Subject subject = SecurityUtils.getSubject(); subject.getSession().setAttribute(Constants.CURRENT_USER_NAME, user.getUserName()); return new SimpleAuthenticationInfo(new ShiroUser(user.getId(), user.getUserName(), user.getRealName()), user.getPassword(), ByteSource.Util.bytes(user.getUserName()), getName()); } else { throw new UnknownAccountException(); } }
From source file:cn.mario256.blog.AuthenticationRealm.java
License:Open Source License
/** * ???//from ww w .j ava 2 s . c o m * * @param token * * @return ?? */ @Override protected AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) { AuthenticationToken authenticationToken = (AuthenticationToken) token; String username = authenticationToken.getUsername(); String password = new String(authenticationToken.getPassword()); String captchaId = authenticationToken.getCaptchaId(); String captcha = authenticationToken.getCaptcha(); String ip = authenticationToken.getHost(); if (!captchaService.isValid(Setting.CaptchaType.adminLogin, captchaId, captcha)) { throw new IncorrectCaptchaException(); } if (username != null && password != null) { Admin admin = adminService.findByUsername(username); if (admin == null) { throw new UnknownAccountException(); } if (!admin.getIsEnabled()) { throw new DisabledAccountException(); } Setting setting = SystemUtils.getSetting(); if (admin.getIsLocked()) { if (ArrayUtils.contains(setting.getAccountLockTypes(), Setting.AccountLockType.admin)) { int loginFailureLockTime = setting.getAccountLockTime(); if (loginFailureLockTime == 0) { throw new LockedAccountException(); } Date lockedDate = admin.getLockedDate(); Date unlockDate = DateUtils.addMinutes(lockedDate, loginFailureLockTime); if (new Date().after(unlockDate)) { admin.setLoginFailureCount(0); admin.setIsLocked(false); admin.setLockedDate(null); adminService.update(admin); } else { throw new LockedAccountException(); } } else { admin.setLoginFailureCount(0); admin.setIsLocked(false); admin.setLockedDate(null); adminService.update(admin); } } if (!DigestUtils.md5Hex(password).equals(admin.getPassword())) { int loginFailureCount = admin.getLoginFailureCount() + 1; if (loginFailureCount >= setting.getAccountLockCount()) { admin.setIsLocked(true); admin.setLockedDate(new Date()); } admin.setLoginFailureCount(loginFailureCount); adminService.update(admin); throw new IncorrectCredentialsException(); } admin.setLoginIp(ip); admin.setLoginDate(new Date()); admin.setLoginFailureCount(0); adminService.update(admin); return new SimpleAuthenticationInfo(new Principal(admin.getId(), username), password, getName()); } throw new UnknownAccountException(); }
From source file:com.app.AuthenticationRealm.java
License:Open Source License
/** * ???/*from ww w . ja v a 2 s . c om*/ * * @param token * * @return ?? */ @Override protected AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) { AuthenticationToken authenticationToken = (AuthenticationToken) token; String username = authenticationToken.getUsername(); String password = new String(authenticationToken.getPassword()); String captchaId = authenticationToken.getCaptchaId(); String captcha = authenticationToken.getCaptcha(); String ip = authenticationToken.getHost(); if (!captchaService.isValid(CaptchaType.adminLogin, captchaId, captcha)) { throw new UnsupportedTokenException(); } if (username != null && password != null) { Admin admin = adminService.findByUsername(username); if (admin == null) { throw new UnknownAccountException(); } if (!admin.getIsEnabled()) { throw new DisabledAccountException(); } Setting setting = SettingUtils.get(); if (admin.getIsLocked()) { if (ArrayUtils.contains(setting.getAccountLockTypes(), AccountLockType.admin)) { int loginFailureLockTime = setting.getAccountLockTime(); if (loginFailureLockTime == 0) { throw new LockedAccountException(); } Date lockedDate = admin.getLockedDate(); Date unlockDate = DateUtils.addMinutes(lockedDate, loginFailureLockTime); if (new Date().after(unlockDate)) { admin.setLoginFailureCount(0); admin.setIsLocked(false); admin.setLockedDate(null); adminService.update(admin); } else { throw new LockedAccountException(); } } else { admin.setLoginFailureCount(0); admin.setIsLocked(false); admin.setLockedDate(null); adminService.update(admin); } } if (!DigestUtils.md5Hex(password).equals(admin.getPassword())) { int loginFailureCount = admin.getLoginFailureCount() + 1; if (loginFailureCount >= setting.getAccountLockCount()) { admin.setIsLocked(true); admin.setLockedDate(new Date()); } admin.setLoginFailureCount(loginFailureCount); adminService.update(admin); throw new IncorrectCredentialsException(); } admin.setLoginIp(ip); admin.setLoginDate(new Date()); admin.setLoginFailureCount(0); adminService.update(admin); return new SimpleAuthenticationInfo(new Principal(admin.getId(), username), password, getName()); } throw new UnknownAccountException(); }
From source file:com.app.test.controller.UserControllerTest.java
License:Open Source License
@Test public void testPostLogInWithIncorrectCredentialsException() throws Exception { PowerMockito.spy(SecurityUtils.class); Session session = new SimpleSession(); Subject mockSubject = Mockito.mock(Subject.class); PowerMockito.doReturn(mockSubject).when(SecurityUtils.class, "getSubject"); PowerMockito.doReturn(session).when(mockSubject).getSession(); Mockito.doThrow(new IncorrectCredentialsException()).when(mockSubject) .login(Mockito.any(AuthenticationToken.class)); MockHttpServletRequestBuilder request = post("/log_in"); request.param("emailAddress", "test@test.com"); request.param("password", "password"); this.mockMvc.perform(request).andExpect(status().is3xxRedirection()) .andExpect(view().name("redirect:log_in")).andExpect(redirectedUrl("log_in")) .andExpect(flash().attributeExists("error")) .andExpect(flash().attribute("error", LanguageUtil.getMessage("log-in-failure"))); }
From source file:com.attendance.manage.security.AuthenticationRealm.java
License:Open Source License
/** * ???//from w w w . j a v a2 s .c o m * * @param token * * @return ?? */ @Override protected AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) { System.out.println("in aut"); UsernamePasswordToken authenticationToken = (UsernamePasswordToken) token; String username = authenticationToken.getUsername(); String password = new String(authenticationToken.getPassword()); if (username != null && password != null) { Stuff admin = stuffServiceImpl.findByUsername(username); if (admin == null) { throw new UnknownAccountException(); } if (!password.equals(admin.getPassword())) { int loginFailureCount = admin.getLoginFailureCount() + 1; admin.setLoginFailureCount(loginFailureCount); stuffServiceImpl.updateByPrimaryKey(admin); throw new IncorrectCredentialsException(); } // md5 // if (!DigestUtils.md5Hex(password).equals(admin.getPassword())) { // int loginFailureCount = admin.getLoginFailureCount() + 1; // admin.setLoginFailureCount(loginFailureCount); // adminService.updateByPrimaryKey(admin); // throw new IncorrectCredentialsException(); // } admin.setLoginDate(new Date()); admin.setLoginFailureCount(0); stuffServiceImpl.updateByPrimaryKey(admin); return new SimpleAuthenticationInfo(username, password, getName()); } throw new UnknownAccountException(); }
From source file:com.cc.framework.security.AuthenticationRealm.java
License:Open Source License
/** * ???//from ww w . j av a 2 s .c o m * * @param token * * @return ?? */ @Override protected AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) { AuthenticationToken authenticationToken = (AuthenticationToken) token; String username = authenticationToken.getUsername(); String password = new String(authenticationToken.getPassword()); String captchaId = authenticationToken.getCaptchaId(); String captcha = authenticationToken.getCaptcha(); String ip = authenticationToken.getHost(); if (!captchaService.isValid(CaptchaType.adminLogin, captchaId, captcha)) { throw new UnsupportedTokenException(); } if (username != null && password != null) { SysAdmin admin = sysAdminService.findByUsername(username); if (admin == null) { throw new UnknownAccountException(); } if (!admin.getIsEnabled()) { throw new DisabledAccountException(); } com.cc.framework.util.Setting setting = SettingUtils.get(); if (admin.getIsLocked()) { if (ArrayUtils.contains(setting.getAccountLockTypes(), AccountLockType.admin)) { int loginFailureLockTime = setting.getAccountLockTime(); if (loginFailureLockTime == 0) { throw new LockedAccountException(); } Date lockedDate = admin.getLockedDate(); Date unlockDate = DateUtils.addMinutes(lockedDate, loginFailureLockTime); if (new Date().after(unlockDate)) { admin.setLoginFailureCount(0); admin.setIsLocked(false); admin.setLockedDate(null); sysAdminService.updateAll(admin); } else { throw new LockedAccountException(); } } else { admin.setLoginFailureCount(0); admin.setIsLocked(false); admin.setLockedDate(null); sysAdminService.updateAll(admin); } } if (!DigestUtils.md5Hex(password).equals(admin.getPassword())) { int loginFailureCount = admin.getLoginFailureCount() + 1; if (loginFailureCount >= setting.getAccountLockCount()) { admin.setIsLocked(true); admin.setLockedDate(new Date()); } admin.setLoginFailureCount(loginFailureCount); sysAdminService.updateAll(admin); throw new IncorrectCredentialsException(); } admin.setLoginIp(ip); admin.setLoginDate(new Date()); admin.setLoginFailureCount(0); sysAdminService.updateAll(admin); return new SimpleAuthenticationInfo(new Principal(admin.getId(), username), password, getName()); } throw new UnknownAccountException(); }
From source file:com.epimorphics.registry.security.RegRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { RegToken rtoken = null;/*from w w w . java 2 s . c om*/ if (token instanceof UsernamePasswordToken) { UsernamePasswordToken uptoken = (UsernamePasswordToken) token; rtoken = new RegToken(uptoken.getUsername(), new String(uptoken.getPassword())); } else if (token instanceof RegToken) { rtoken = (RegToken) token; } else { throw new IncorrectCredentialsException(); } String id = (String) rtoken.getPrincipal(); SaltedAuthenticationInfo info = getUserStore().checkUser(id); return info; }
From source file:com.huang.rp.web.sys.rbac.authentication.ShiroDbRealm.java
License:Apache License
/** * ?,??? MyFormAuthenticationFilter/executeLogin *//*ww w. j a v a2 s.com*/ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { MyAuthenticationToken myToken = (MyAuthenticationToken) token; String loginName = myToken.getUsername();// ??? ? SysUserExample userExample = new SysUserExample(); if (PatternUtils.matches(loginName, PatternUtils.emailRegex)) userExample.createCriteria().andEmailEqualTo(loginName); else if (PatternUtils.matches(loginName, PatternUtils.telephoneRegex)) userExample.createCriteria().andMobilePhoneNumberEqualTo(loginName); else throw new AuthenticationException("unknown login name"); SysUser user = null; try { user = susUserMapper.selectByExample(userExample).get(0); } catch (Exception e) { throw new UnknownAccountException(); } String password = user.getPassword(); if (!String.valueOf(myToken.getPassword()).equals(password)) { throw new IncorrectCredentialsException(); } boolean isAdmin = user.getAdmin(); // ? SysUserRoleExample userRoleExample = new SysUserRoleExample(); if (isAdmin)// admin? userRoleExample.createCriteria(); else userRoleExample.createCriteria().andUserIdEqualTo(user.getId()); List<SysUserRole> susUserRoleList = sysUserRoleMapper.selectByExample(userRoleExample); List<Long> roleIdList = Lists.newArrayList(); for (SysUserRole sur : susUserRoleList) { roleIdList.add(sur.getRoleId()); } ShiroUser shiroUser = new ShiroUser(user.getId(), user.getUsername(), user.getAdmin(), myToken.getHost(), roleIdList); SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(shiroUser, myToken.getPassword(), getName()); return info; }
From source file:com.hyeb.back.authenticate.AuthenticationRealm.java
License:Open Source License
/** * ???//from w ww.ja va2 s .c o m * * @param token * * @return ?? */ @Override protected AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) { SysUserService sysUserService = (SysUserService) SpringUtils.getBean("sysUserServiceImpl"); AuthenticationToken authenticationToken = (AuthenticationToken) token; String username = authenticationToken.getUsername(); String password = new String(authenticationToken.getPassword()); String captchaId = authenticationToken.getCaptchaId(); String captcha = authenticationToken.getCaptcha(); String ip = authenticationToken.getHost(); if (!captchaService.isValid(CaptchaType.adminLogin, captchaId, captcha)) { throw new UnsupportedTokenException(); } if (username != null && password != null) { SysUser sysUser = sysUserService.findByUsername(username); if (sysUser == null) { throw new UnknownAccountException(); } if (!sysUser.getIsEnabled()) { throw new DisabledAccountException(); } Setting setting = SettingUtils.get(); if (sysUser.getIsLocked()) { if (ArrayUtils.contains(setting.getAccountLockTypes(), AccountLockType.admin)) { int loginFailureLockTime = setting.getAccountLockTime(); if (loginFailureLockTime == 0) { throw new LockedAccountException(); } Date lockedDate = sysUser.getLockedDate(); Date unlockDate = DateUtils.addMinutes(lockedDate, loginFailureLockTime); if (new Date().after(unlockDate)) { sysUser.setLoginFailureCount(0); sysUser.setIsLocked(false); sysUser.setLockedDate(null); sysUserService.update(sysUser); } else { throw new LockedAccountException(); } } else { sysUser.setLoginFailureCount(0); sysUser.setIsLocked(false); sysUser.setLockedDate(null); sysUserService.update(sysUser); } } if (!DigestUtils.md5Hex(password).equals(sysUser.getPassword())) { int loginFailureCount = sysUser.getLoginFailureCount() + 1; if (loginFailureCount >= setting.getAccountLockCount()) { sysUser.setIsLocked(true); sysUser.setLockedDate(new Date()); } sysUser.setLoginFailureCount(loginFailureCount); sysUserService.update(sysUser); throw new IncorrectCredentialsException(); } sysUser.setLoginIp(ip); sysUser.setLoginDate(new Date()); sysUser.setLoginFailureCount(0); sysUserService.update(sysUser); SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo( new Principal(sysUser.getId(), username), password, getName()); return simpleAuthenticationInfo; } throw new UnknownAccountException(); }
From source file:com.metropolitan.methotels727.services.UserRealm.java
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); String password = new String(upToken.getPassword()); System.out.println(getMD5Hash(new String(upToken.getPassword()))); // Null username is invalid Korisnik korisnik = checkKorisnik(username, getMD5Hash(new String(upToken.getPassword()))); if (korisnik == null) { System.out.println("korisnik je null "); throw new IncorrectCredentialsException(); }/*www .j a v a 2 s . com*/ Set<String> roles = new HashSet<String>(1); roles.add(korisnik.getUloga().name()); return new SimpleAuthenticationInfo(korisnik.getEmail(), new String(korisnik.getSifra()), getName()); }