List of usage examples for org.springframework.security.core AuthenticationException getMessage
public String getMessage()
From source file:org.springframework.security.ui.ntlm.NtlmAuthenticationFilterEntryPoint.java
/** * Sends an NTLM challenge to the browser requiring authentication. The * WWW-Authenticate header is populated with the appropriate information * during the negotiation lifecycle by calling the getMessage() method * from an NTLM-specific subclass of {@link NtlmBaseException}: * <p>//w ww .j a v a 2 s . c o m * <ul> * <li>{@link NtlmBeginHandshakeException}: NTLM * <li>{@link NtlmType2MessageException}: NTLM <base64-encoded type-2-message> * </ul> * * If the {@link AuthenticationException} is not a subclass of * {@link NtlmBaseException}, then redirect the user to the authentication * failure URL. * * @param request The {@link HttpServletRequest} object. * @param response Then {@link HttpServletResponse} object. * @param authException Either {@link NtlmBeginHandshakeException}, * {@link NtlmType2MessageException}, or * {@link AuthenticationException} */ public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException, ServletException { final HttpServletResponse resp = response; if (authException instanceof NtlmBaseException) { if (authException instanceof NtlmType2MessageException) { ((NtlmType2MessageException) authException).preserveAuthentication(); } resp.setHeader("WWW-Authenticate", authException.getMessage()); resp.setHeader("Connection", "Keep-Alive"); resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED); resp.setContentLength(0); resp.flushBuffer(); LOGGER.debug("NTLM auth exception: ", authException); return; } if (authenticationFailureUrl == null) { if (!response.isCommitted()) { (response).sendError(HttpServletResponse.SC_FORBIDDEN, authException.getMessage()); } } else { String url = authenticationFailureUrl; if (!url.startsWith("http://") && !url.startsWith("https://")) { url = (request).getContextPath() + url; } resp.sendRedirect(resp.encodeRedirectURL(url)); } }
From source file:ro.nextreports.server.security.ExternalAuthenticationProvider.java
public Authentication authenticate(Authentication authentication) throws AuthenticationException { if (!canResolve(authentication)) { return null; // it's ok to return null to ignore/skip the provider (see ProviderManager javadocs) }/* ww w.ja va 2s . com*/ String username = authentication.getName(); if (LOG.isDebugEnabled()) { LOG.debug("Trying to authenticate user '{}' via {}", username, realm); } try { authentication = doAuthenticate(authentication); } catch (AuthenticationException e) { if (LOG.isDebugEnabled()) { LOG.debug("Failed to authenticate user {} via {}: {}", new Object[] { username, realm, e.getMessage() }); } throw e; } catch (Exception e) { String message = "Unexpected exception in " + realm + " authentication:"; LOG.error(message, e); throw new AuthenticationServiceException(message, e); } if (!authentication.isAuthenticated()) { return authentication; } // user authenticated if (LOG.isDebugEnabled()) { LOG.debug("'{}' authenticated successfully by {}.", username, realm); } User user = (User) authentication.getPrincipal(); applyPatch(user); createOrUpdateUser(user); /* // create new authentication response containing the user and it's authorities NextServerAuthentication authenticationToken = new NextServerAuthentication(user, authentication.getCredentials()); return authenticationToken; */ return authentication; }
From source file:ubic.gemma.security.authentication.ManualAuthenticationServiceImpl.java
@Override public boolean validateRequest(String username, String password) { Authentication authResult = null;/*from www . j a v a 2 s . c o m*/ try { authResult = attemptAuthentication(username, password); SecurityContextHolder.getContext().setAuthentication(authResult); } catch (AuthenticationException failed) { // Authentication failed log.info("** Authentication failed for user " + username + ": " + failed.getMessage() + " **"); log.debug(failed); unsuccessfulAuthentication(failed); return false; } log.debug("Updated SecurityContextHolder to contain the following Authentication: '" + authResult + "'"); successfulAuthentication(authResult); return true; }