List of usage examples for org.springframework.security.core AuthenticationException getMessage
public String getMessage()
From source file:com.github.iexel.fontus.web.security.RestAuthenticationEntryPoint.java
@Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); }
From source file:eu.trentorise.smartcampus.permissionprovider.controller.ResourceAccessController.java
/** * Check the access to the specified resource using the client app token header * @param token/* w ww . jav a 2s . co m*/ * @param resourceUri * @param request * @return */ @RequestMapping("/resources/access") public @ResponseBody Boolean canAccessResource(@RequestHeader("Authorization") String token, @RequestParam String scope, HttpServletRequest request) { try { String parsedToken = resourceFilterHelper.parseTokenFromRequest(request); OAuth2Authentication auth = resourceServerTokenServices.loadAuthentication(parsedToken); Collection<String> actualScope = auth.getAuthorizationRequest().getScope(); Collection<String> scopeSet = StringUtils.commaDelimitedListToSet(scope); if (actualScope != null && !actualScope.isEmpty() && actualScope.containsAll(scopeSet)) { return true; } } catch (AuthenticationException e) { logger.error("Error validating token: " + e.getMessage()); } return false; }
From source file:com.qpark.eip.core.spring.security.EipDaoAuthenticationProvider.java
/** * @see org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider#authenticate(org.springframework.security.core.Authentication) */// ww w . ja v a 2 s . c o m @Override public Authentication authenticate(final Authentication authentication) throws AuthenticationException { this.logger.debug("+authenticate {}", authentication.getName()); Authentication auth = null; try { auth = super.authenticate(authentication); } catch (AuthenticationException e) { this.logger.warn(" authenticate {} failed: {}", authentication.getName(), e.getMessage()); throw e; } finally { this.logger.debug("-authenticate {}", authentication.getName()); } return auth; }
From source file:net.thewaffleshop.passwd.security.AuthenticationHandler.java
/** * Unsuccessful login; send error/*from ww w . jav a 2 s. co m*/ * * @param request * @param response * @param exception * @throws IOException * @throws ServletException */ @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { String msg = exception.getMessage(); response.setStatus(HttpServletResponse.SC_OK); response.setContentType("application/json"); response.getWriter().write("{\"success\": false, \"msg\": \"" + StringEscapeUtils.escapeJson(msg) + "\"}"); }
From source file:org.chtijbug.drools.platform.web.security.Http403AuthenticationFailureHandler.java
@Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { response.setStatus(SC_FORBIDDEN);/*w ww. j a v a 2 s . c o m*/ response.getWriter().write(exception.getMessage()); }
From source file:org.apigw.authserver.web.controller.RevocationController.java
@RequestMapping(method = RequestMethod.GET, params = { "clientId" })
public @ResponseBody String revoke(@RequestParam("clientId") String clientId) {
log.debug("revoke(clientId: {})", clientId);
Collection<OAuth2AccessToken> tokens = tokenServices.findTokensByClientId(clientId);
for (OAuth2AccessToken token : tokens) {
try {/*from w w w . j a v a2 s. c o m*/
OAuth2Authentication auth = tokenServices.loadAuthentication(token.getValue());
tokenServices.revokeToken(token.getValue());
User user = (User) auth.getUserAuthentication().getPrincipal();
monitoringService.logRevokeAccessToken(System.currentTimeMillis(), token.getValue(), clientId,
token.getScope(), "SUCCESS", "Appen r inte lngre godknd fr anvndning",
user.getUsername());
} catch (AuthenticationException e) {
log.debug("Access token is already invalid (" + e.getMessage() + ")");
} catch (Throwable e) {
log.error("Error while trying to revoke access token", e);
}
}
return "Revoked all authorizations (" + tokens.size() + ") for client: " + clientId;
}
From source file:opensnap.security.NoOpAuthenticationFailureHandler.java
@Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authentication Failed: " + exception.getMessage()); }
From source file:grails.plugin.springsecurity.openid.OpenIdAuthenticationFailureHandler.java
@Override public void onAuthenticationFailure(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException exception) throws IOException, ServletException { if (exception.getMessage().contains("Unable to process claimed identity")) { //TODO Not the best way super.onAuthenticationFailure(request, response, new InvalidOpenidEndpoint(exception)); return;//from w w w. j a v a2 s .c o m } boolean createMissingUsers = Boolean.TRUE .equals(ReflectionUtils.getConfigProperty("openid.registration.autocreate")); if (!createMissingUsers || !isSuccessfulLoginUnknownUser(exception)) { super.onAuthenticationFailure(request, response, exception); return; } OpenIDAuthenticationToken authentication = (OpenIDAuthenticationToken) exception.getAuthentication(); request.getSession().setAttribute(LAST_OPENID_USERNAME, authentication.getPrincipal().toString()); request.getSession().setAttribute(LAST_OPENID_ATTRIBUTES, extractAttrsWithValues(authentication)); String createAccountUri = (String) ReflectionUtils .getConfigProperty("openid.registration.createAccountUri"); getRedirectStrategy().sendRedirect(request, response, createAccountUri); }
From source file:com.isalnikov.config.UsernamePasswordAuthenticationTokenTest.java
/** * Test of beanHendlerFactoryPostProcessor method, of class AppConfig. *///from w w w . ja v a 2s .c o m @Test @WithMockUser(username = "admin", authorities = { "ADMIN", "USER" }) public void testAuthentication() { String name = "name"; String password = "name"; try { Authentication request = new UserAuthorizationToken(name, password, null); Authentication result = manager.authenticate(request); SecurityContextHolder.getContext().setAuthentication(result); } catch (AuthenticationException e) { System.out.println("Authentication failed: " + e.getMessage()); } System.out.println("Successfully authenticated. Security context contains: " + SecurityContextHolder.getContext().getAuthentication()); }
From source file:sk.lazyman.gizmo.security.GizmoAuthWebSession.java
@Override public boolean authenticate(String username, String password) { LOGGER.debug("Authenticating '{}' {} password in web session.", new Object[] { username, (StringUtils.isEmpty(password) ? "without" : "with") }); boolean authenticated; try {//from w w w. java 2s . co m Authentication authentication = authenticationProvider .authenticate(new UsernamePasswordAuthenticationToken(username, password)); SecurityContextHolder.getContext().setAuthentication(authentication); authenticated = authentication.isAuthenticated(); } catch (AuthenticationException ex) { LOGGER.error("Couldn't authenticate user, reason: {}", ex.getMessage()); LOGGER.debug("Couldn't authenticate user.", ex); authenticated = false; String msg = new StringResourceModel(ex.getMessage(), null, ex.getMessage()).getString(); error(msg); } return authenticated; }