Examples with BadCredentialsException org.springframework.security.authentication.BadCredentialsException used on opensource projects

Example 16 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security-oauth by spring-projects.

the class ResourceOwnerPasswordTokenGranterTests method testBadCredentials.

@Test(expected = InvalidGrantException.class)
public void testBadCredentials() {
    ResourceOwnerPasswordTokenGranter granter = new ResourceOwnerPasswordTokenGranter(new AuthenticationManager() {

        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            throw new BadCredentialsException("test");
        }
    }, providerTokenServices, clientDetailsService, requestFactory);
    granter.grant("password", tokenRequest);
}

Example 17 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class DaoAuthenticationProviderTests method testAuthenticateFailsIfCredentialsExpired.

@Test
public void testAuthenticateFailsIfCredentialsExpired() {
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("peter", "opal");
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setUserDetailsService(new MockAuthenticationDaoUserPeterCredentialsExpired());
    provider.setUserCache(new MockUserCache());
    try {
        provider.authenticate(token);
        fail("Should have thrown CredentialsExpiredException");
    } catch (CredentialsExpiredException expected) {
    }
    // Check that wrong password causes BadCredentialsException, rather than
    // CredentialsExpiredException
    token = new UsernamePasswordAuthenticationToken("peter", "wrong_password");
    try {
        provider.authenticate(token);
        fail("Should have thrown BadCredentialsException");
    } catch (BadCredentialsException expected) {
    }
}

Example 18 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class BasicAuthenticationFilter method extractAndDecodeHeader.

/**
	 * Decodes the header into a username and password.
	 *
	 * @throws BadCredentialsException if the Basic header is not present or is not valid
	 * Base64
	 */
private String[] extractAndDecodeHeader(String header, HttpServletRequest request) throws IOException {
    byte[] base64Token = header.substring(6).getBytes("UTF-8");
    byte[] decoded;
    try {
        decoded = Base64.decode(base64Token);
    } catch (IllegalArgumentException e) {
        throw new BadCredentialsException("Failed to decode basic authentication token");
    }
    String token = new String(decoded, getCredentialsCharset(request));
    int delim = token.indexOf(":");
    if (delim == -1) {
        throw new BadCredentialsException("Invalid basic authentication token");
    }
    return new String[] { token.substring(0, delim), token.substring(delim + 1) };
}

Example 19 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class CasAuthenticationFilterTests method testNullServiceTicketHandledGracefully.

@Test(expected = AuthenticationException.class)
public void testNullServiceTicketHandledGracefully() throws Exception {
    CasAuthenticationFilter filter = new CasAuthenticationFilter();
    filter.setAuthenticationManager(new AuthenticationManager() {

        public Authentication authenticate(Authentication a) {
            throw new BadCredentialsException("Rejected");
        }
    });
    filter.attemptAuthentication(new MockHttpServletRequest(), new MockHttpServletResponse());
}

Example 20 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class BindAuthenticatorTests method testAuthenticationWithWrongPasswordFails.

/*
	 * @Test public void messingWithEscapedChars() throws Exception {
	 * Hashtable<String,String> env = new Hashtable<String,String>();
	 * env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
	 * env.put(Context.PROVIDER_URL, "ldap://127.0.0.1:22389/dc=springsource,dc=com");
	 * env.put(Context.SECURITY_AUTHENTICATION, "simple");
	 * env.put(Context.SECURITY_PRINCIPAL, "cn=admin,dc=springsource,dc=com");
	 * env.put(Context.SECURITY_CREDENTIALS, "password");
	 *
	 * InitialDirContext idc = new InitialDirContext(env); SearchControls searchControls =
	 * new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
	 * DistinguishedName baseDn = new DistinguishedName("ou=\\\"quoted people\\\"");
	 * NamingEnumeration<SearchResult> matches = idc.search(baseDn, "(cn=*)", new Object[]
	 * {"quoteguy"}, searchControls);
	 *
	 * while(matches.hasMore()) { SearchResult match = matches.next(); DistinguishedName
	 * dn = new DistinguishedName(match.getName()); System.out.println("**** Match: " +
	 * match.getName() + " ***** " + dn);
	 *
	 * } }
	 */
@Test
public void testAuthenticationWithWrongPasswordFails() {
    this.authenticator.setUserDnPatterns(new String[] { "uid={0},ou=people" });
    try {
        this.authenticator.authenticate(new UsernamePasswordAuthenticationToken("bob", "wrongpassword"));
        fail("Shouldn't be able to bind with wrong password");
    } catch (BadCredentialsException expected) {
    }
}