List of usage examples for org.springframework.security.ldap.userdetails LdapUserDetails getDn
String getDn();
From source file:org.apache.nifi.ldap.LdapProvider.java
@Override public final AuthenticationResponse authenticate(final LoginCredentials credentials) throws InvalidLoginCredentialsException, IdentityAccessException { if (provider == null) { throw new IdentityAccessException("The LDAP authentication provider is not initialized."); }/*w w w.j ava 2 s . c om*/ try { // perform the authentication final UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( credentials.getUsername(), credentials.getPassword()); final Authentication authentication = provider.authenticate(token); // use dn if configured if (IdentityStrategy.USE_DN.equals(identityStrategy)) { // attempt to get the ldap user details to get the DN if (authentication.getPrincipal() instanceof LdapUserDetails) { final LdapUserDetails userDetails = (LdapUserDetails) authentication.getPrincipal(); return new AuthenticationResponse(userDetails.getDn(), credentials.getUsername(), expiration, issuer); } else { logger.warn(String.format("Unable to determine user DN for %s, using username.", authentication.getName())); return new AuthenticationResponse(authentication.getName(), credentials.getUsername(), expiration, issuer); } } else { return new AuthenticationResponse(authentication.getName(), credentials.getUsername(), expiration, issuer); } } catch (final BadCredentialsException | UsernameNotFoundException | AuthenticationException e) { throw new InvalidLoginCredentialsException(e.getMessage(), e); } catch (final Exception e) { // there appears to be a bug that generates a InternalAuthenticationServiceException wrapped around an AuthenticationException. this // shouldn't be the case as they the service exception suggestions that something was wrong with the service. while the authentication // exception suggests that username and/or credentials were incorrect. checking the cause seems to address this scenario. final Throwable cause = e.getCause(); if (cause instanceof AuthenticationException) { throw new InvalidLoginCredentialsException(e.getMessage(), e); } logger.error(e.getMessage()); if (logger.isDebugEnabled()) { logger.debug(StringUtils.EMPTY, e); } throw new IdentityAccessException( "Unable to validate the supplied credentials. Please contact the system administrator.", e); } }
From source file:org.apache.nifi.registry.security.ldap.LdapIdentityProvider.java
@Override public AuthenticationResponse authenticate(AuthenticationRequest authenticationRequest) throws InvalidCredentialsException, IdentityAccessException { if (authenticationRequest == null || StringUtils.isEmpty(authenticationRequest.getUsername())) { logger.debug(/*from w ww.j a v a 2 s . c o m*/ "Call to authenticate method with null or empty authenticationRequest, returning null without attempting to authenticate"); return null; } if (ldapAuthenticationProvider == null) { throw new IdentityAccessException("The LDAP authentication provider is not initialized."); } try { final String username = authenticationRequest.getUsername(); final Object credentials = authenticationRequest.getCredentials(); final String password = credentials != null && credentials instanceof String ? (String) credentials : null; // perform the authentication final UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, credentials); final Authentication authentication = ldapAuthenticationProvider.authenticate(token); logger.debug("Created authentication token: {}", token.toString()); // use dn if configured if (IdentityStrategy.USE_DN.equals(identityStrategy)) { // attempt to get the ldap user details to get the DN if (authentication.getPrincipal() instanceof LdapUserDetails) { final LdapUserDetails userDetails = (LdapUserDetails) authentication.getPrincipal(); return new AuthenticationResponse(userDetails.getDn(), username, expiration, issuer); } else { logger.warn(String.format("Unable to determine user DN for %s, using username.", authentication.getName())); return new AuthenticationResponse(authentication.getName(), username, expiration, issuer); } } else { return new AuthenticationResponse(authentication.getName(), username, expiration, issuer); } } catch (final BadCredentialsException | UsernameNotFoundException | AuthenticationException e) { throw new InvalidCredentialsException(e.getMessage(), e); } catch (final Exception e) { // there appears to be a bug that generates a InternalAuthenticationServiceException wrapped around an AuthenticationException. this // shouldn't be the case as they the service exception suggestions that something was wrong with the service. while the authentication // exception suggests that username and/or credentials were incorrect. checking the cause seems to address this scenario. final Throwable cause = e.getCause(); if (cause instanceof AuthenticationException) { throw new InvalidCredentialsException(e.getMessage(), e); } logger.error(e.getMessage()); if (logger.isDebugEnabled()) { logger.debug(StringUtils.EMPTY, e); } throw new IdentityAccessException( "Unable to validate the supplied credentials. Please contact the system administrator.", e); } }
From source file:org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource.java
/** * Get the principals of the logged in user, in this case the distinguished name. * * @return the distinguished name of the logged in user. *///from www .j ava 2 s .c om public String getPrincipal() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { log.warn("No Authentication object set in SecurityContext - returning empty String as Principal"); return ""; } Object principal = authentication.getPrincipal(); if (principal instanceof LdapUserDetails) { LdapUserDetails details = (LdapUserDetails) principal; return details.getDn(); } else if (authentication instanceof AnonymousAuthenticationToken) { if (log.isDebugEnabled()) { log.debug("Anonymous Authentication, returning empty String as Principal"); } return ""; } else { throw new IllegalArgumentException( "The principal property of the authentication object" + "needs to be an LdapUserDetails."); } }
From source file:piecework.security.CustomAuthenticationSource.java
public String getPrincipal() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { log.warn("No Authentication object set in SecurityContext - returning empty String as Principal"); return ""; }/*from ww w . j a v a 2 s. com*/ Object principal = authentication.getPrincipal(); if (principal instanceof LdapUserDetails) { LdapUserDetails details = (LdapUserDetails) principal; return details.getDn(); } else if (authentication.getCredentials() != null && authentication.getCredentials() instanceof X509Certificate) { if (log.isDebugEnabled()) { log.debug("Authenticated by certificate, returning certificate subject name as Principal"); } return principal.toString(); } else if (authentication instanceof AnonymousAuthenticationToken) { if (log.isDebugEnabled()) { log.debug("Anonymous Authentication, returning empty String as Principal"); } return ""; } else { throw new IllegalArgumentException( "The principal property of the authentication object" + "needs to be an LdapUserDetails."); } }