Example usage for org.springframework.security.authentication AccountStatusException getMessage

List of usage examples for org.springframework.security.authentication AccountStatusException getMessage

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.authentication.*
  5. AccountStatusException
  6. getMessage

Introduction

In this page you can find the example usage for org.springframework.security.authentication AccountStatusException getMessage.

Prototype

public String getMessage()

Source Link

Document

Returns the detail message string of this throwable.

Usage

From source file:org.osiam.auth.login.oauth.OsiamResourceOwnerPasswordTokenGranter.java

@Override
protected OAuth2Authentication getOAuth2Authentication(AuthorizationRequest clientToken) {

    Map<String, String> parameters = clientToken.getAuthorizationParameters();
    String username = parameters.get("username");
    String password = parameters.get("password");

    Authentication userAuth = new InternalAuthentication(username, password, new ArrayList<GrantedAuthority>());
    try {/*from  w  w w .  jav  a 2s  . com*/
        userAuth = authenticationManager.authenticate(userAuth);
    } catch (AccountStatusException ase) {
        // covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
        throw new InvalidGrantException(ase.getMessage(), ase);
    } catch (BadCredentialsException e) {
        // If the username/password are wrong the spec says we should send 400/bad grant
        throw new InvalidGrantException(e.getMessage(), e);
    }

    if (userAuth == null || !userAuth.isAuthenticated()) {
        throw new InvalidGrantException("Could not authenticate user: " + username);
    }

    DefaultAuthorizationRequest request = new DefaultAuthorizationRequest(clientToken);
    request.remove(Arrays.asList("password"));

    return new OAuth2Authentication(request, userAuth);
}

From source file:org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices.java

/**
 * Template implementation which locates the Spring Security cookie, decodes it into a
 * delimited array of tokens and submits it to subclasses for processing via the
 * <tt>processAutoLoginCookie</tt> method.
 * <p>/*w  w  w  .  ja v a  2s.  co  m*/
 * The returned username is then used to load the UserDetails object for the user,
 * which in turn is used to create a valid authentication token.
 */
@Override
public final Authentication autoLogin(HttpServletRequest request, HttpServletResponse response) {
    String rememberMeCookie = extractRememberMeCookie(request);

    if (rememberMeCookie == null) {
        return null;
    }

    logger.debug("Remember-me cookie detected");

    if (rememberMeCookie.length() == 0) {
        logger.debug("Cookie was empty");
        cancelCookie(request, response);
        return null;
    }

    UserDetails user = null;

    try {
        String[] cookieTokens = decodeCookie(rememberMeCookie);
        user = processAutoLoginCookie(cookieTokens, request, response);
        userDetailsChecker.check(user);

        logger.debug("Remember-me cookie accepted");

        return createSuccessfulAuthentication(request, user);
    } catch (CookieTheftException cte) {
        cancelCookie(request, response);
        throw cte;
    } catch (UsernameNotFoundException noUser) {
        logger.debug("Remember-me login was valid but corresponding user not found.", noUser);
    } catch (InvalidCookieException invalidCookie) {
        logger.debug("Invalid remember-me cookie: " + invalidCookie.getMessage());
    } catch (AccountStatusException statusInvalid) {
        logger.debug("Invalid UserDetails: " + statusInvalid.getMessage());
    } catch (RememberMeAuthenticationException e) {
        logger.debug(e.getMessage());
    }

    cancelCookie(request, response);
    return null;
}