Example usage for org.springframework.security.authentication AuthenticationServiceException getMessage

List of usage examples for org.springframework.security.authentication AuthenticationServiceException getMessage

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.authentication.*
  5. AuthenticationServiceException
  6. getMessage

Introduction

In this page you can find the example usage for org.springframework.security.authentication AuthenticationServiceException getMessage.

Prototype

public String getMessage()

Source Link

Document

Returns the detail message string of this throwable.

Usage

From source file:org.apache.nifi.web.api.AccessResource.java

/**
 * Gets the status the client's access./*from   w  w  w  . j  a v  a2s.co  m*/
 *
 * @param httpServletRequest the servlet request
 * @return A accessStatusEntity
 */
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("")
@ApiOperation(value = "Gets the status the client's access", notes = NON_GUARANTEED_ENDPOINT, response = AccessStatusEntity.class)
@ApiResponses(value = {
        @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."),
        @ApiResponse(code = 401, message = "Unable to determine access status because the client could not be authenticated."),
        @ApiResponse(code = 403, message = "Unable to determine access status because the client is not authorized to make this request."),
        @ApiResponse(code = 409, message = "Unable to determine access status because NiFi is not in the appropriate state."),
        @ApiResponse(code = 500, message = "Unable to determine access status because an unexpected error occurred.") })
public Response getAccessStatus(@Context HttpServletRequest httpServletRequest) {

    // only consider user specific access over https
    if (!httpServletRequest.isSecure()) {
        throw new IllegalStateException(
                "User authentication/authorization is only supported when running over HTTPS.");
    }

    final AccessStatusDTO accessStatus = new AccessStatusDTO();

    try {
        final X509Certificate[] certificates = certificateExtractor
                .extractClientCertificate(httpServletRequest);

        // if there is not certificate, consider a token
        if (certificates == null) {
            // look for an authorization token
            final String authorization = httpServletRequest.getHeader(JwtAuthenticationFilter.AUTHORIZATION);

            // if there is no authorization header, we don't know the user
            if (authorization == null) {
                accessStatus.setStatus(AccessStatusDTO.Status.UNKNOWN.name());
                accessStatus.setMessage("No credentials supplied, unknown user.");
            } else {
                try {
                    // Extract the Base64 encoded token from the Authorization header
                    final String token = StringUtils.substringAfterLast(authorization, " ");

                    final JwtAuthenticationRequestToken jwtRequest = new JwtAuthenticationRequestToken(token,
                            httpServletRequest.getRemoteAddr());
                    final NiFiAuthenticationToken authenticationResponse = (NiFiAuthenticationToken) jwtAuthenticationProvider
                            .authenticate(jwtRequest);
                    final NiFiUser nifiUser = ((NiFiUserDetails) authenticationResponse.getDetails())
                            .getNiFiUser();

                    // set the user identity
                    accessStatus.setIdentity(nifiUser.getIdentity());

                    // attempt authorize to /flow
                    accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
                    accessStatus.setMessage("You are already logged in.");
                } catch (JwtException e) {
                    throw new InvalidAuthenticationException(e.getMessage(), e);
                }
            }
        } else {
            try {
                final X509AuthenticationRequestToken x509Request = new X509AuthenticationRequestToken(
                        httpServletRequest.getHeader(ProxiedEntitiesUtils.PROXY_ENTITIES_CHAIN),
                        principalExtractor, certificates, httpServletRequest.getRemoteAddr());

                final NiFiAuthenticationToken authenticationResponse = (NiFiAuthenticationToken) x509AuthenticationProvider
                        .authenticate(x509Request);
                final NiFiUser nifiUser = ((NiFiUserDetails) authenticationResponse.getDetails()).getNiFiUser();

                // set the user identity
                accessStatus.setIdentity(nifiUser.getIdentity());

                // attempt authorize to /flow
                accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
                accessStatus.setMessage("You are already logged in.");
            } catch (final IllegalArgumentException iae) {
                throw new InvalidAuthenticationException(iae.getMessage(), iae);
            }
        }
    } catch (final UntrustedProxyException upe) {
        throw new AccessDeniedException(upe.getMessage(), upe);
    } catch (final AuthenticationServiceException ase) {
        throw new AdministrationException(ase.getMessage(), ase);
    }

    // create the entity
    final AccessStatusEntity entity = new AccessStatusEntity();
    entity.setAccessStatus(accessStatus);

    return generateOkResponse(entity).build();
}