Examples with AuthenticationFailedException com.google.gerrit.server.account.AuthenticationFailedException used on opensource projects

Search in sources :

Example 1 with AuthenticationFailedException

use of com.google.gerrit.server.account.AuthenticationFailedException in project gerrit by GerritCodeReview.

the class ProjectBasicAuthFilter method verify.

private boolean verify(HttpServletRequest req, Response rsp) throws IOException {
    final String hdr = req.getHeader(AUTHORIZATION);
    if (hdr == null || !hdr.startsWith(LIT_BASIC)) {
        // session cookie instead of basic authentication.
        return true;
    }
    final byte[] decoded = Base64.decodeBase64(hdr.substring(LIT_BASIC.length()));
    String usernamePassword = new String(decoded, encoding(req));
    int splitPos = usernamePassword.indexOf(':');
    if (splitPos < 1) {
        rsp.sendError(SC_UNAUTHORIZED);
        return false;
    }
    String username = usernamePassword.substring(0, splitPos);
    String password = usernamePassword.substring(splitPos + 1);
    if (Strings.isNullOrEmpty(password)) {
        rsp.sendError(SC_UNAUTHORIZED);
        return false;
    }
    if (authConfig.isUserNameToLowerCase()) {
        username = username.toLowerCase(Locale.US);
    }
    final AccountState who = accountCache.getByUsername(username);
    if (who == null || !who.getAccount().isActive()) {
        log.warn("Authentication failed for " + username + ": account inactive or not provisioned in Gerrit");
        rsp.sendError(SC_UNAUTHORIZED);
        return false;
    }
    GitBasicAuthPolicy gitBasicAuthPolicy = authConfig.getGitBasicAuthPolicy();
    if (gitBasicAuthPolicy == GitBasicAuthPolicy.HTTP || gitBasicAuthPolicy == GitBasicAuthPolicy.HTTP_LDAP) {
        if (who.checkPassword(password, username)) {
            return succeedAuthentication(who);
        }
    }
    if (gitBasicAuthPolicy == GitBasicAuthPolicy.HTTP) {
        return failAuthentication(rsp, username);
    }
    AuthRequest whoAuth = AuthRequest.forUser(username);
    whoAuth.setPassword(password);
    try {
        AuthResult whoAuthResult = accountManager.authenticate(whoAuth);
        setUserIdentified(whoAuthResult.getAccountId());
        return true;
    } catch (NoSuchUserException e) {
        if (who.checkPassword(password, who.getUserName())) {
            return succeedAuthentication(who);
        }
        log.warn("Authentication failed for " + username, e);
        rsp.sendError(SC_UNAUTHORIZED);
        return false;
    } catch (AuthenticationFailedException e) {
        log.warn("Authentication failed for " + username + ": " + e.getMessage());
        rsp.sendError(SC_UNAUTHORIZED);
        return false;
    } catch (AccountException e) {
        log.warn("Authentication failed for " + username, e);
        rsp.sendError(SC_UNAUTHORIZED);
        return false;
    }
}
Also used : AuthRequest(com.google.gerrit.server.account.AuthRequest) AccountException(com.google.gerrit.server.account.AccountException) AuthenticationFailedException(com.google.gerrit.server.account.AuthenticationFailedException) NoSuchUserException(com.google.gerrit.server.auth.NoSuchUserException) GitBasicAuthPolicy(com.google.gerrit.extensions.client.GitBasicAuthPolicy) AuthResult(com.google.gerrit.server.account.AuthResult) AccountState(com.google.gerrit.server.account.AccountState)

Example 2 with AuthenticationFailedException

use of com.google.gerrit.server.account.AuthenticationFailedException in project gerrit by GerritCodeReview.

the class Helper method authenticate.

DirContext authenticate(String dn, String password) throws AccountException {
    final Properties env = createContextProperties();
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, dn);
    env.put(Context.SECURITY_CREDENTIALS, password);
    env.put(Context.REFERRAL, referral);
    try {
        return new InitialDirContext(env);
    } catch (NamingException e) {
        throw new AuthenticationFailedException("Incorrect username or password", e);
    }
}
Also used : AuthenticationFailedException(com.google.gerrit.server.account.AuthenticationFailedException) NamingException(javax.naming.NamingException) InitialDirContext(javax.naming.directory.InitialDirContext) Properties(java.util.Properties)

Aggregations

AuthenticationFailedException (com.google.gerrit.server.account.AuthenticationFailedException)2 GitBasicAuthPolicy (com.google.gerrit.extensions.client.GitBasicAuthPolicy)1 AccountException (com.google.gerrit.server.account.AccountException)1 AccountState (com.google.gerrit.server.account.AccountState)1 AuthRequest (com.google.gerrit.server.account.AuthRequest)1 AuthResult (com.google.gerrit.server.account.AuthResult)1 NoSuchUserException (com.google.gerrit.server.auth.NoSuchUserException)1 Properties (java.util.Properties)1 NamingException (javax.naming.NamingException)1 InitialDirContext (javax.naming.directory.InitialDirContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial