List of usage examples for org.springframework.security.authentication InternalAuthenticationServiceException getMessage
public String getMessage()
From source file:org.verinice.rest.security.VeriniceAuthenticationProvider.java
@Override public Authentication authenticate(Authentication authentication) { Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported")); // Determine username String username = (authentication.getPrincipal() == null) ? "NONE_PROVIDED" : authentication.getName(); boolean cacheWasUsed = true; UserDetails user = this.getUserCache().getUserFromCache(username); if (user == null) { cacheWasUsed = false;/*ww w . j ava 2 s . c o m*/ try { user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication); } catch (UsernameNotFoundException notFound) { logger.debug("User '" + username + "' not found"); if (hideUserNotFoundExceptions) { throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials")); } else { throw notFound; } } catch (InternalAuthenticationServiceException e) { throw new BadCredentialsException(e.getMessage(), e); } Assert.notNull(user, "retrieveUser returned null - a violation of the interface contract"); } try { getPreAuthenticationChecks().check(user); additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication); } catch (AuthenticationException exception) { if (cacheWasUsed) { // There was a problem, so try again after checking // we're using latest data (i.e. not from the cache) cacheWasUsed = false; user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication); getPreAuthenticationChecks().check(user); additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication); } else { throw exception; } } getPostAuthenticationChecks().check(user); if (!cacheWasUsed) { this.getUserCache().putUserInCache(user); } Object principalToReturn = user; if (isForcePrincipalAsString()) { principalToReturn = user.getUsername(); } return createSuccessAuthentication(principalToReturn, authentication, user); }
From source file:com.devicehive.auth.rest.HttpAuthenticationFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; Optional<String> authHeader = Optional.ofNullable(httpRequest.getHeader(HttpHeaders.AUTHORIZATION)); String resourcePath = new UrlPathHelper().getPathWithinApplication(httpRequest); logger.debug("Security intercepted request to {}", resourcePath); try {//from w ww .j a v a 2s. co m if (authHeader.isPresent()) { String header = authHeader.get(); if (header.startsWith(Constants.BASIC_AUTH_SCHEME)) { processBasicAuth(header); } else if (header.startsWith(Constants.TOKEN_SCHEME)) { processJwtAuth(authHeader.get().substring(6).trim()); } } else { processAnonymousAuth(); } Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication instanceof AbstractAuthenticationToken) { MDC.put("usrinf", authentication.getName()); HiveAuthentication.HiveAuthDetails details = createUserDetails(httpRequest); ((AbstractAuthenticationToken) authentication).setDetails(details); } chain.doFilter(request, response); } catch (InternalAuthenticationServiceException e) { SecurityContextHolder.clearContext(); logger.error("Internal authentication service exception", e); httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } catch (AuthenticationException e) { SecurityContextHolder.clearContext(); httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, e.getMessage()); } finally { MDC.remove("usrinf"); } }