Search in sources :

Example 16 with GuiProfiledPrincipal

use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.

the class SecurityQuestionProvider method internalAuthentication.

@Override
protected Authentication internalAuthentication(Authentication authentication, List<ObjectReferenceType> requireAssignment, AuthenticationChannel channel, Class<? extends FocusType> focusType) throws AuthenticationException {
    if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof GuiProfiledPrincipal) {
        return authentication;
    }
    String enteredUsername = (String) authentication.getPrincipal();
    LOGGER.trace("Authenticating username '{}'", enteredUsername);
    ConnectionEnvironment connEnv = createEnvironment(channel);
    try {
        Authentication token;
        if (authentication instanceof SecurityQuestionsAuthenticationToken) {
            Map<String, String> answers = (Map<String, String>) authentication.getCredentials();
            SecurityQuestionsAuthenticationContext authContext = new SecurityQuestionsAuthenticationContext(enteredUsername, focusType, answers, requireAssignment);
            if (channel != null) {
                authContext.setSupportActivationByChannel(channel.isSupportActivationByChannel());
            }
            token = getEvaluator().authenticate(connEnv, authContext);
        } else {
            LOGGER.error("Unsupported authentication {}", authentication);
            throw new AuthenticationServiceException("web.security.provider.unavailable");
        }
        MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
        LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
        return token;
    } catch (AuthenticationException e) {
        LOGGER.info("Authentication failed for {}: {}", enteredUsername, e.getMessage());
        throw e;
    }
}
Also used : SecurityQuestionsAuthenticationToken(com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken) SecurityQuestionsAuthenticationContext(com.evolveum.midpoint.model.api.context.SecurityQuestionsAuthenticationContext) GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal) AuthenticationException(org.springframework.security.core.AuthenticationException) Authentication(org.springframework.security.core.Authentication) Map(java.util.Map) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) ConnectionEnvironment(com.evolveum.midpoint.security.api.ConnectionEnvironment) MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)

Example 17 with GuiProfiledPrincipal

use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.

the class PasswordProvider method internalAuthentication.

@Override
protected Authentication internalAuthentication(Authentication authentication, List<ObjectReferenceType> requireAssignment, AuthenticationChannel channel, Class<? extends FocusType> focusType) throws AuthenticationException {
    if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof GuiProfiledPrincipal) {
        return authentication;
    }
    String enteredUsername = (String) authentication.getPrincipal();
    LOGGER.trace("Authenticating username '{}'", enteredUsername);
    ConnectionEnvironment connEnv = createEnvironment(channel);
    try {
        Authentication token;
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            String enteredPassword = (String) authentication.getCredentials();
            PasswordAuthenticationContext authContext = new PasswordAuthenticationContext(enteredUsername, enteredPassword, focusType, requireAssignment);
            if (channel != null) {
                authContext.setSupportActivationByChannel(channel.isSupportActivationByChannel());
            }
            token = getEvaluator().authenticate(connEnv, authContext);
        } else if (authentication instanceof PreAuthenticatedAuthenticationToken) {
            token = getEvaluator().authenticateUserPreAuthenticated(connEnv, new PreAuthenticationContext(enteredUsername, focusType, requireAssignment));
        } else {
            LOGGER.error("Unsupported authentication {}", authentication);
            throw new AuthenticationServiceException("web.security.provider.unavailable");
        }
        MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
        LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
        return token;
    } catch (AuthenticationException e) {
        LOGGER.info("Authentication failed for {}: {}", enteredUsername, e.getMessage());
        throw e;
    }
}
Also used : PasswordAuthenticationContext(com.evolveum.midpoint.model.api.context.PasswordAuthenticationContext) GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal) AuthenticationException(org.springframework.security.core.AuthenticationException) Authentication(org.springframework.security.core.Authentication) PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) PreAuthenticationContext(com.evolveum.midpoint.model.api.context.PreAuthenticationContext) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) ConnectionEnvironment(com.evolveum.midpoint.security.api.ConnectionEnvironment) MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)

Aggregations

GuiProfiledPrincipal (com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)17 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)4 MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)4 PrismObject (com.evolveum.midpoint.prism.PrismObject)3 ConnectionEnvironment (com.evolveum.midpoint.security.api.ConnectionEnvironment)3 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)3 Authentication (org.springframework.security.core.Authentication)3 AuthenticationException (org.springframework.security.core.AuthenticationException)3 CompiledGuiProfile (com.evolveum.midpoint.model.api.authentication.CompiledGuiProfile)2 EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)2 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)2 ArrayList (java.util.ArrayList)2 SessionInformation (org.springframework.security.core.session.SessionInformation)2 TerminateSessionEvent (com.evolveum.midpoint.TerminateSessionEvent)1 MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)1 ModuleAuthentication (com.evolveum.midpoint.authentication.api.config.ModuleAuthentication)1 AuthenticationEvaluatorImpl (com.evolveum.midpoint.authentication.impl.evaluator.AuthenticationEvaluatorImpl)1 MailNonceAuthenticationToken (com.evolveum.midpoint.authentication.impl.module.authentication.token.MailNonceAuthenticationToken)1 SecurityQuestionsAuthenticationToken (com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken)1 ReadOnlyModel (com.evolveum.midpoint.gui.api.model.ReadOnlyModel)1