List of usage examples for org.springframework.security.authentication BadCredentialsException BadCredentialsException
public BadCredentialsException(String msg)
BadCredentialsException with the specified message. From source file:org.brekka.pegasus.core.security.UnlockAuthenticationProvider.java
@Override protected UserDetails retrieveUser(final String token, final UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { Object credentials = authentication.getCredentials(); String password = credentials.toString(); if (StringUtils.isBlank(password)) { throw new BadCredentialsException("A code is required"); }//from www . ja v a2s . c om AnonymousTransferUser anonymousTransferUser = new AnonymousTransferUser(token); SecurityContext context = SecurityContextHolder.getContext(); // Temporarily bind the authentication user to the security context so that we can do the unlock // this is primarily for the EventService to capture the IP/remote user. UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(anonymousTransferUser, anonymousTransferUser); auth.setDetails(authentication.getDetails()); try { context.setAuthentication(auth); anonymousService.unlock(token, password, true); context.setAuthentication(null); return anonymousTransferUser; } catch (PhalanxException e) { if (e.getErrorCode() == PhalanxErrorCode.CP302) { throw new BadCredentialsException("Code appears to be incorrect"); } throw e; } }
From source file:com.hp.autonomy.frontend.find.idol.authentication.IdolPreAuthenticatedAuthenticationProvider.java
@Override public Authentication authenticate(final Authentication authentication) throws AuthenticationException { final Object principal = authentication.getPrincipal(); if (principal == null) { throw new BadCredentialsException("Principal not supplied"); }//from ww w. ja v a 2 s . c o m final String username = principal.toString().toLowerCase(); UserRoles user; try { user = userService.getUser(username); } catch (final AciErrorException e) { log.debug("Failed to fetch the user", e); if (USER_NOT_FOUND_ERROR_ID.equals(e.getErrorId())) { // use empty password so that auto created users cannot be authenticated against this.userService.addUser(username, "", UserConfiguration.IDOL_USER_ROLE); user = userService.getUser(username); } else { throw e; } } final Collection<SimpleGrantedAuthority> grantedAuthorities = new HashSet<>(); for (final String role : user.getRoles()) { grantedAuthorities.add(new SimpleGrantedAuthority(role)); } return new UsernamePasswordAuthenticationToken( new CommunityPrincipal(user.getUid(), username, user.getSecurityInfo()), null, authoritiesMapper.mapAuthorities(grantedAuthorities)); }
From source file:eu.freme.broker.security.DatabaseAuthenticationProvider.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = (String) authentication.getPrincipal(); String password = (String) authentication.getCredentials(); User user = userRepository.findOneByName(username); if (user == null) { throw new BadCredentialsException("authentication failed"); }//from w ww . ja v a2 s . c om try { if (!PasswordHasher.check(password, user.getPassword())) { throw new BadCredentialsException("authentication failed"); } } catch (BadCredentialsException e) { throw e; } catch (Exception e) { logger.error(e); throw new InternalServerErrorException(); } Token token = tokenService.generateNewToken(user); AuthenticationWithToken auth = new AuthenticationWithToken(user, null, AuthorityUtils.commaSeparatedStringToAuthorityList(user.getRole()), token); return auth; }
From source file:no.dusken.momus.authentication.TokenAuthenticationProvider.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { Token token = (Token) authentication; LdapUserPwd ldapUserPwd = token.getLdapUserPwd(); if (validateLogin(ldapUserPwd)) { Person loggedInUser = getLoggedInUser(ldapUserPwd.getUsername()); AuthUserDetails authUserDetails = new AuthUserDetails(loggedInUser); // Return an updated token with the right user details return new Token(ldapUserPwd, authUserDetails); }//from w ww. j av a 2 s. co m throw new BadCredentialsException("Invalid username or password"); }
From source file:com.jaspersoft.jasperserver.ps.OAuth.OAuthAccessTokenValidator.java
@Override public String validate(Object ssoToken) throws AuthenticationServiceException, BadCredentialsException { //check for sso token and throw exception if not present to fall through to next provider String accessToken = checkAuthenticationToken(ssoToken); if (accessToken != null) { OAuthResourceResponse resourceResponse = validateAccessToken(accessToken); if (resourceResponse.getResponseCode() != 200) { throw new BadCredentialsException("Bad Credentials from oauth endpoint"); }//from w ww . j a va 2 s. c o m return resourceResponse.getBody(); } return null; }
From source file:org.cloudfoundry.identity.uaa.error.JsonAwareAuthenticationEntryPointTests.java
@Test public void testCommenceWithEmptyAccept() throws Exception { entryPoint.commence(request, response, new BadCredentialsException("Bad")); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getStatus()); assertEquals("Bad", response.getErrorMessage()); }
From source file:com.isalnikov.config.auth.UserAuthorizationFilter.java
@Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { String terminalId = request.getHeader("Authorization"); terminalId = "1"; // if (request.getHeader("Authorization") == null) { // return null; // no header found, continue on to other security filters // }//from ww w . ja v a2s . co m String userName = obtainUsername(request); String password = obtainPassword(request); if (terminalId != null) { UserAuthorizationToken token = new UserAuthorizationToken(userName, password, terminalId, Arrays.asList(UserAuthority.ROLE_USER)); return super.getAuthenticationManager().authenticate(token); } throw new BadCredentialsException("Invalid username or password"); }
From source file:net.thewaffleshop.nimbus.service.AccountService.java
@Transactional(readOnly = true) public Account authenticateUser(String userName, String password) throws AuthenticationException { Account account = accountRepository.findByUserName(userName); if (account == null) { // checking password takes a significant amount of time, so perform the check anyways to make this request // about as long as if an account did exist; this prevents timing attacks Account tmp = new Account(); tmp.setPasswordHash(FOO_BCRYPT); accountAPI.checkPassword(tmp, "BAR"); throw new UsernameNotFoundException("Authentication failed; check your username and password"); }//from ww w . j a va2s . c o m if (!accountAPI.checkPassword(account, password)) { throw new BadCredentialsException("Authentication failed; check your username and password"); } return account; }
From source file:abid.password.springmvc.MutablePasswordAuthenticationProvider.java
@Override protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { if (StringUtils.isEmpty(username)) { throw new BadCredentialsException(getLocalisedMessage("authentication.username.required")); }/* w ww . j a va 2 s . co m*/ String password = String.valueOf(authentication.getCredentials()); if (StringUtils.isEmpty(password)) { throw new BadCredentialsException(getLocalisedMessage("authentication.password.required")); } try { User authenticatedUser = userService.authenticate(username, password); if (authenticatedUser != null) { return new CustomUserDetails(authenticatedUser); } } catch (UserException e) { log.error("Error occurred authentication user", e); } throw new BadCredentialsException(getLocalisedMessage("authentication.failed")); }
From source file:com.github.cherimojava.orchidae.security.MongoAuthenticationProvider.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { LOG.info(AUTH, "login attempt for user {}", authentication.getName()); UserDetails details = userDetailsService.loadUserByUsername((String) authentication.getPrincipal()); if (details == null || !pwEncoder.matches((String) authentication.getCredentials(), details.getPassword())) { LOG.info(AUTH, "failed to authenticate user {}", authentication.getName()); throw new BadCredentialsException(ERROR_MSG); }// w w w . j a v a 2s . com LOG.info(AUTH, "login attempt for user {}", authentication.getName()); return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), details.getAuthorities()); }