Example 1 with LdapAuthenticationToken
use of com.evolveum.midpoint.authentication.impl.module.authentication.token.LdapAuthenticationToken in project midpoint by Evolveum.
the class MidPointLdapAuthenticationProvider method internalAuthentication.
@Override
protected Authentication internalAuthentication(Authentication authentication, List requireAssignment, AuthenticationChannel channel, Class focusType) throws AuthenticationException {
if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof GuiProfiledPrincipal) {
return authentication;
}
String enteredUsername = (String) authentication.getPrincipal();
LOGGER.trace("Authenticating username '{}'", enteredUsername);
try {
Authentication token;
if (authentication instanceof LdapAuthenticationToken) {
token = this.authenticatorProvider.authenticate(authentication);
} else {
LOGGER.error("Unsupported authentication {}", authentication);
recordPasswordAuthenticationFailure(authentication.getName(), "unavailable provider");
throw new AuthenticationServiceException("web.security.provider.unavailable");
}
MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
return token;
} catch (InternalAuthenticationServiceException e) {
// This sometimes happens ... for unknown reasons the underlying libraries cannot
// figure out correct exception. Which results to wrong error message (MID-4518)
// So, be smart here and try to figure out correct error.
recordPasswordAuthenticationFailure(authentication.getName(), e.getMessage());
throw processInternalAuthenticationException(e, e);
} catch (IncorrectResultSizeDataAccessException e) {
LOGGER.error("Failed to authenticate user {}. Error: {}", authentication.getName(), e.getMessage(), e);
recordPasswordAuthenticationFailure(authentication.getName(), "bad user");
throw new BadCredentialsException("LdapAuthentication.bad.user", e);
} catch (RuntimeException e) {
LOGGER.error("Failed to authenticate user {}. Error: {}", authentication.getName(), e.getMessage(), e);
recordPasswordAuthenticationFailure(authentication.getName(), "bad credentials");
throw e;
}
}
Also used :
LdapAuthenticationToken(com.evolveum.midpoint.authentication.impl.module.authentication.token.LdapAuthenticationToken)
IncorrectResultSizeDataAccessException(org.springframework.dao.IncorrectResultSizeDataAccessException)
LdapModuleAuthentication(com.evolveum.midpoint.authentication.impl.module.authentication.LdapModuleAuthentication)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
Authentication(org.springframework.security.core.Authentication)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
Aggregations
MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)1
LdapModuleAuthentication (com.evolveum.midpoint.authentication.impl.module.authentication.LdapModuleAuthentication)1
LdapAuthenticationToken (com.evolveum.midpoint.authentication.impl.module.authentication.token.LdapAuthenticationToken)1
IncorrectResultSizeDataAccessException (org.springframework.dao.IncorrectResultSizeDataAccessException)1
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
InternalAuthenticationServiceException (org.springframework.security.authentication.InternalAuthenticationServiceException)1
Authentication (org.springframework.security.core.Authentication)1
