Example 1 with SecurityQuestionsAuthenticationToken
use of com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken in project midpoint by Evolveum.
the class SecurityQuestionsAuthenticationFilter method attemptAuthentication.
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
if (isPostOnly() && !request.getMethod().equals("POST")) {
throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
}
setUsernameParameter(SPRING_SECURITY_FORM_USER_KEY);
String username = obtainUsername(request);
Map<String, String> answers = obtainAnswers(request);
if (username == null) {
username = "";
}
if (answers == null) {
answers = new HashMap<>();
}
username = username.trim();
UsernamePasswordAuthenticationToken authRequest = new SecurityQuestionsAuthenticationToken(username, answers);
// Allow subclasses to set the "details" property
setDetails(request, authRequest);
return this.getAuthenticationManager().authenticate(authRequest);
}
Also used :
SecurityQuestionsAuthenticationToken(com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
Example 2 with SecurityQuestionsAuthenticationToken
use of com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken in project midpoint by Evolveum.
the class SecurityQuestionProvider method internalAuthentication.
@Override
protected Authentication internalAuthentication(Authentication authentication, List<ObjectReferenceType> requireAssignment, AuthenticationChannel channel, Class<? extends FocusType> focusType) throws AuthenticationException {
if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof GuiProfiledPrincipal) {
return authentication;
}
String enteredUsername = (String) authentication.getPrincipal();
LOGGER.trace("Authenticating username '{}'", enteredUsername);
ConnectionEnvironment connEnv = createEnvironment(channel);
try {
Authentication token;
if (authentication instanceof SecurityQuestionsAuthenticationToken) {
Map<String, String> answers = (Map<String, String>) authentication.getCredentials();
SecurityQuestionsAuthenticationContext authContext = new SecurityQuestionsAuthenticationContext(enteredUsername, focusType, answers, requireAssignment);
if (channel != null) {
authContext.setSupportActivationByChannel(channel.isSupportActivationByChannel());
}
token = getEvaluator().authenticate(connEnv, authContext);
} else {
LOGGER.error("Unsupported authentication {}", authentication);
throw new AuthenticationServiceException("web.security.provider.unavailable");
}
MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
return token;
} catch (AuthenticationException e) {
LOGGER.info("Authentication failed for {}: {}", enteredUsername, e.getMessage());
throw e;
}
}
Also used :
SecurityQuestionsAuthenticationToken(com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken)
SecurityQuestionsAuthenticationContext(com.evolveum.midpoint.model.api.context.SecurityQuestionsAuthenticationContext)
GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)
AuthenticationException(org.springframework.security.core.AuthenticationException)
Authentication(org.springframework.security.core.Authentication)
Map(java.util.Map)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
ConnectionEnvironment(com.evolveum.midpoint.security.api.ConnectionEnvironment)
MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)
Aggregations
SecurityQuestionsAuthenticationToken (com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken)2
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)2
GuiProfiledPrincipal (com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)1
SecurityQuestionsAuthenticationContext (com.evolveum.midpoint.model.api.context.SecurityQuestionsAuthenticationContext)1
ConnectionEnvironment (com.evolveum.midpoint.security.api.ConnectionEnvironment)1
MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)1
Map (java.util.Map)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
Authentication (org.springframework.security.core.Authentication)1
AuthenticationException (org.springframework.security.core.AuthenticationException)1
