List of usage examples for org.springframework.security.core AuthenticationException getClass
@HotSpotIntrinsicCandidate public final native Class<?> getClass();
From source file:org.jwebsocket.plugins.system.SystemPlugIn.java
/** * Logon a user given the username and password by using the Spring Security module * * @param aConnector/* w w w .j av a2 s. c o m*/ * @param aToken The token with the username and password */ void logon(WebSocketConnector aConnector, Token aToken) { TokenServer lServer = getServer(); if (aConnector.getSession().isAuthenticated()) { lServer.sendToken(aConnector, lServer.createErrorToken(aToken, -1, "is authenticated")); return; } String lUsername = aToken.getString("username"); String lPassword = aToken.getString("password"); if (mLog.isDebugEnabled()) { mLog.debug("Starting authentication ..."); } Authentication lAuthRequest = new UsernamePasswordAuthenticationToken(lUsername, lPassword); Authentication lAuthResult; try { lAuthResult = getAuthProvMgr().authenticate(lAuthRequest); } catch (AuthenticationException ex) { String lMsg = ex.getClass().getSimpleName() + ": " + ex.getMessage(); Token lResponse = getServer().createErrorToken(aToken, -1, lMsg); lResponse.setString("username", lUsername); sendToken(aConnector, aConnector, lResponse); if (mLog.isDebugEnabled()) { mLog.debug(lMsg); } return; // stop the execution flow } if (mLog.isDebugEnabled()) { mLog.debug("Authentication successful. Updating the user session (id: " + (null != aConnector.getSession() ? aConnector.getSession().getSessionId() : "[null]") + ", storage: " + (null != aConnector.getSession() ? aConnector.getSession().getStorage() : "[null]") + ")..."); } // getting the session Map<String, Object> lSession = aConnector.getSession().getStorage(); // setting the is_authenticated flag lSession.put(IS_AUTHENTICATED, lAuthResult.isAuthenticated()); // setting the connector username aConnector.setUsername(lUsername); // setting the uuid String lUUID; Object lDetails = lAuthResult.getDetails(); if (null != lDetails && lDetails instanceof IUserUniqueIdentifierContainer) { lUUID = ((IUserUniqueIdentifierContainer) lDetails).getUUID(); } else { lUUID = lUsername; } lSession.put(UUID, lUUID); // setting the authorities String lAuthorities = ""; for (GrantedAuthority lGA : lAuthResult.getAuthorities()) { lAuthorities = lAuthorities.concat(lGA.getAuthority() + " "); } // storing the user authorities as a string to avoid serialization problems lSession.put(AUTHORITIES, lAuthorities); // creating the response Token lResponse = createResponse(aToken); lResponse.setString("uuid", lUUID); lResponse.setString("username", lUsername); lResponse.setList("authorities", Tools.parseStringArrayToList(lAuthorities.split(" "))); // sending the response to requester sendToken(aConnector, lResponse); // sending response to clients that share the requester session getServer().broadcastToSharedSession(aConnector.getId(), aConnector.getSession().getSessionId(), lResponse, false); if (mLog.isDebugEnabled()) { mLog.debug("Logon process finished successfully!"); } // if successfully logged in... if (lUsername != null) { // broadcast "login event" to other clients broadcastLoginEvent(aConnector); } }
From source file:org.springframework.flex.security3.FlexAuthenticationEntryPoint.java
/** * If the incoming message is an {@link ActionMessage}, indicating a standard Flex Remoting or Messaging * request, invokes Spring BlazeDS's {@link ExceptionTranslator}s with the {@link AuthenticationException} and * sends the resulting {@link MessageException} as an AMF response to the client. * /*from www. j a v a 2 s . c om*/ * <p>If the request is unabled to be deserialized to AMF, if the resulting deserialized object is not an * <code>ActionMessage</code>, or if no appropriate <code>ExceptionTranslator</code> is found, will simply * delegate to the parent class to return a 403 response. */ public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { if (CollectionUtils.isEmpty(this.exceptionTranslators)) { exceptionTranslators = Collections.singleton(DEFAULT_TRANSLATOR); } HttpInputMessage inputMessage = new ServletServerHttpRequest(request); HttpOutputMessage outputMessage = new ServletServerHttpResponse(response); if (!converter.canRead(Object.class, inputMessage.getHeaders().getContentType())) { super.commence(request, response, authException); return; } ActionMessage deserializedInput = null; try { deserializedInput = (ActionMessage) this.converter.read(ActionMessage.class, inputMessage); } catch (HttpMessageNotReadableException ex) { log.info("Authentication failure detected, but request could not be read as AMF.", ex); super.commence(request, response, authException); return; } if (deserializedInput instanceof ActionMessage) { for (ExceptionTranslator translator : this.exceptionTranslators) { if (translator.handles(authException.getClass())) { MessageException result = translator.translate(authException); ErrorMessage err = result.createErrorMessage(); MessageBody body = (MessageBody) ((ActionMessage) deserializedInput).getBody(0); Message amfInputMessage = body.getDataAsMessage(); err.setCorrelationId(amfInputMessage.getMessageId()); err.setDestination(amfInputMessage.getDestination()); err.setClientId(amfInputMessage.getClientId()); ActionMessage responseMessage = new ActionMessage(); responseMessage.setVersion(((ActionMessage) deserializedInput).getVersion()); MessageBody responseBody = new MessageBody(); responseMessage.addBody(responseBody); responseBody.setData(err); responseBody.setTargetURI(body.getResponseURI()); responseBody.setReplyMethod(MessageIOConstants.STATUS_METHOD); converter.write(responseMessage, amfMediaType, outputMessage); response.flushBuffer(); return; } } } super.commence(request, response, authException); }
From source file:org.springframework.security.authentication.DefaultAuthenticationEventPublisher.java
public void publishAuthenticationFailure(AuthenticationException exception, Authentication authentication) { Constructor<? extends AbstractAuthenticationEvent> constructor = exceptionMappings .get(exception.getClass().getName()); AbstractAuthenticationEvent event = null; if (constructor != null) { try {/* w w w .ja v a2s. c o m*/ event = constructor.newInstance(authentication, exception); } catch (IllegalAccessException ignored) { } catch (InstantiationException ignored) { } catch (InvocationTargetException ignored) { } } if (event != null) { if (applicationEventPublisher != null) { applicationEventPublisher.publishEvent(event); } } else { if (logger.isDebugEnabled()) { logger.debug("No event was found for the exception " + exception.getClass().getName()); } } }