Example 51 with AuthLoginException
use of com.sun.identity.authentication.spi.AuthLoginException in project OpenAM by OpenRock.
the class DefaultAccountProvider method provisionUser.
/**
* {@inheritDoc}
*/
public AMIdentity provisionUser(AMIdentityRepository idrepo, Map<String, Set<String>> attributes) throws AuthLoginException {
AMIdentity identity = null;
try {
String userId;
Set<String> idAttribute = attributes.get(idNameAttribute);
if (idAttribute != null && !idAttribute.isEmpty()) {
userId = idAttribute.iterator().next();
} else {
userId = UUID.randomUUID().toString();
}
identity = idrepo.createIdentity(IdType.USER, userId, attributes);
} catch (IdRepoException ire) {
debug.error("DefaultAccountMapper.getAccount: IRE ", ire);
debug.error("LDAPERROR Code = " + ire.getLDAPErrorCode());
if (ire.getLDAPErrorCode() != null && !ire.getLDAPErrorCode().equalsIgnoreCase("68")) {
throw new AuthLoginException("Failed to create user");
}
} catch (SSOException ex) {
debug.error("DefaultAccountMapper.getAttributes: Problem while creating the user. SSOExc", ex);
throw new AuthLoginException("Failed to create user");
}
return identity;
}
Also used :
AMIdentity(com.sun.identity.idm.AMIdentity)
IdRepoException(com.sun.identity.idm.IdRepoException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
Example 52 with AuthLoginException
use of com.sun.identity.authentication.spi.AuthLoginException in project OpenAM by OpenRock.
the class JsonAttributeMapper method getAttributes.
/**
* {@inheritDoc}
*/
public Map<String, Set<String>> getAttributes(Map<String, String> attributeMapConfiguration, String jsonText) throws AuthLoginException {
if (debug.messageEnabled()) {
debug.message("defaultAttributeMapper.getAttributes: " + attributeMapConfiguration);
}
JSONObject json;
try {
json = new JSONObject(jsonText);
} catch (JSONException ex) {
debug.error("OAuth.process(): JSONException: " + ex.getMessage());
throw new AuthLoginException(bundleName, ex.getMessage(), null);
}
Map<String, Set<String>> attr = new HashMap<String, Set<String>>();
String responseName = "";
String localName;
for (Map.Entry<String, String> entry : attributeMapConfiguration.entrySet()) {
try {
responseName = entry.getKey();
localName = entry.getValue();
if (debug.messageEnabled()) {
debug.message("defaultAttributeMapper.getAttributes: " + responseName + ":" + localName);
}
String data;
if (responseName != null && responseName.indexOf(".") != -1) {
StringTokenizer parts = new StringTokenizer(responseName, ".");
data = json.getJSONObject(parts.nextToken()).getString(parts.nextToken());
} else {
data = json.getString(responseName);
}
if (prefix != null && (prefixedAttributes.contains(localName) || prefixedAttributes.contains("*"))) {
data = prefix + data;
}
attr.put(localName, CollectionUtils.asSet(data));
} catch (JSONException ex) {
debug.error("defaultAttributeMapper.getAttributes: Could not get the attribute" + responseName, ex);
}
}
return attr;
}
Also used :
StringTokenizer(java.util.StringTokenizer)
Set(java.util.Set)
JSONObject(org.json.JSONObject)
HashMap(java.util.HashMap)
JSONException(org.json.JSONException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
Map(java.util.Map)
HashMap(java.util.HashMap)
Example 53 with AuthLoginException
use of com.sun.identity.authentication.spi.AuthLoginException in project OpenAM by OpenRock.
the class Anonymous method process.
public int process(Callback[] callbacks, int state) throws AuthLoginException {
if (errorMsg != null) {
throw new AuthLoginException(amAuthAnonymous, errorMsg, null);
}
useSharedstate = isSharedStateEnabled();
try {
if (useSharedstate) {
usernameParam = (String) sharedState.get(getUserKey());
if (processAnonUser(usernameParam)) {
setAuthLevel(authLevel);
return ISAuthConstants.LOGIN_SUCCEED;
}
}
if (callbacks != null && callbacks.length > 0) {
if (callbacks[0] instanceof NameCallback) {
usernameParam = ((NameCallback) callbacks[0]).getName();
if (debug.messageEnabled()) {
debug.message("Anonymous:process received NameCallback " + usernameParam);
}
if (processAnonUser(usernameParam)) {
setAuthLevel(authLevel);
return ISAuthConstants.LOGIN_SUCCEED;
}
}
}
if (validAnonUsernames != null && !(validAnonUsernames.isEmpty())) {
usernameParam = sendCallback();
} else {
usernameParam = defaultAnonUser;
}
storeUsernamePasswd(usernameParam, null);
processAnonUser(usernameParam);
setAuthLevel(authLevel);
if (debug.messageEnabled()) {
debug.message("Set auth level: " + authLevel + "\nAnonymous userid: " + userTokenId);
}
} catch (Exception e) {
debug.error("login: User not found in valid Anon List");
setFailureID(usernameParam);
throw new AuthLoginException(amAuthAnonymous, "AnonValidateEx", null);
}
return ISAuthConstants.LOGIN_SUCCEED;
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
Example 54 with AuthLoginException
use of com.sun.identity.authentication.spi.AuthLoginException in project OpenAM by OpenRock.
the class Application method authenticateToLDAP.
private ModuleState authenticateToLDAP(String userName, String userPassword) throws AuthLoginException {
if (debug.messageEnabled()) {
debug.message("In authenticateToLDAP with User : " + userName);
}
try {
if (isSuperAdmin(userName)) {
String baseDN = CollectionHelper.getServerMapAttr(currentConfig, ISAuthConstants.LDAP_BASEDN);
ldapUtil = new LDAPAuthUtils(Collections.singleton(AuthD.directoryHostName + ":" + AuthD.directoryPort), Collections.<String>emptySet(), ldapSSL, AMResourceBundleCache.getInstance().getResBundle(amAuthApplication, getLoginLocale()), baseDN, debug);
ldapUtil.authenticateUser(userName, userPassword);
if (ldapUtil.getState() == ModuleState.SUCCESS) {
userTokenId = userName;
} else {
debug.message("Invalid adminID or admin Password");
setFailureID(ldapUtil.getUserId(userName));
throw new AuthLoginException(amAuthApplication, "InvalidUP", null);
}
} else {
if (initLDAPAttributes(ISAuthConstants.LDAP_SERVICE_NAME)) {
ldapUtil.authenticateUser(userName, userPassword);
} else {
debug.message("Invalid userID or user Password");
setFailureID(userName);
throw new AuthLoginException(amAuthApplication, "basicLDAPex", null);
}
}
return ldapUtil.getState();
} catch (LDAPUtilException ex) {
setFailureID(userName);
if (ResultCode.NO_SUCH_OBJECT.equals(ex.getResultCode())) {
debug.message("The specified user does not exist.");
throw new AuthLoginException(amAuthApplication, "NoUser", null);
} else if (ResultCode.INVALID_CREDENTIALS.equals(ex.getResultCode())) {
debug.message("Invalid password.");
String failureUserID = ldapUtil.getUserId();
throw new InvalidPasswordException(amAuthApplication, "InvalidUP", null, failureUserID, ex);
} else {
throw new AuthLoginException(amAuthApplication, "basicLDAPex", null);
}
}
}
Also used :
LDAPAuthUtils(org.forgerock.openam.ldap.LDAPAuthUtils)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
InvalidPasswordException(com.sun.identity.authentication.spi.InvalidPasswordException)
LDAPUtilException(org.forgerock.openam.ldap.LDAPUtilException)
Example 55 with AuthLoginException
use of com.sun.identity.authentication.spi.AuthLoginException in project OpenAM by OpenRock.
the class Application method process.
/**
* Implementation of <code>AMLoginModule</code> abstract method.
* Refer to <code>AMLoginModule</code> for method syntax.
*/
public int process(Callback[] callbacks, int state) throws AuthLoginException {
// check if there is any error during initialize
if (errorMsg != null) {
throw new AuthLoginException(amAuthApplication, errorMsg, null);
}
HttpServletRequest req = getHttpServletRequest();
String userName = null;
String newUserName = null;
String secretParam = null;
if (req != null) {
userName = req.getParameter("IDToken0");
secretParam = req.getParameter("IDToken1");
if (userName == null && secretParam == null) {
userName = req.getParameter("Login.Token0");
secretParam = req.getParameter("Login.Token1");
}
}
if (secretParam == null && userName == null) {
Map map = sendCallback();
if (map == null || map.isEmpty()) {
throw new AuthLoginException(amAuthApplication, "wrongSecret", null);
}
secretParam = (String) map.get("secret");
userName = (String) map.get("uid");
}
if (secretParam == null || secretParam.length() == 0) {
throw new AuthLoginException(amAuthApplication, "noPassword", null);
}
if (secret != null && secret.length() != 0 && secretParam.equals(secret)) {
if (debug.messageEnabled()) {
debug.message("App.validate, secret matched for user : " + userName);
}
if (userName == null || userName.length() == 0) {
// backward compatible with the gateway for portal
newUserName = ISAuthConstants.APPLICATION_USER_PREFIX + "gateway";
} else {
newUserName = ISAuthConstants.APPLICATION_USER_PREFIX + userName;
}
String userDNString = ISAuthConstants.APPLICATION_USER_NAMING_ATTR + "=" + newUserName + "," + ISAuthConstants.SPECIAL_USERS_CONTAINER + "," + SMSEntry.getRootSuffix();
if (!isValidUserEntry(userDNString)) {
debug.message(userDNString + " is not a valid special user entry");
if (!doFallbackAuth(userName, secretParam)) {
debug.error("App validation failed, User not Valid: " + userName);
setFailureID(userName);
throw new AuthLoginException(amAuthApplication, "userInvalid", null);
}
} else {
userTokenId = userDNString;
}
} else if (!doFallbackAuth(userName, secretParam)) {
debug.error("App validation failed, User not Valid: " + userName);
setFailureID(userName);
throw new AuthLoginException(amAuthApplication, "userInvalid", null);
}
return ISAuthConstants.LOGIN_SUCCEED;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
HashMap(java.util.HashMap)
Map(java.util.Map)
Aggregations
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)118
SSOException (com.iplanet.sso.SSOException)39
Callback (javax.security.auth.callback.Callback)29
IdRepoException (com.sun.identity.idm.IdRepoException)27
InvalidPasswordException (com.sun.identity.authentication.spi.InvalidPasswordException)25
NameCallback (javax.security.auth.callback.NameCallback)24
PasswordCallback (javax.security.auth.callback.PasswordCallback)23
IOException (java.io.IOException)20
Set (java.util.Set)18
HttpServletRequest (javax.servlet.http.HttpServletRequest)15
SSOToken (com.iplanet.sso.SSOToken)14
HashMap (java.util.HashMap)14
AuthContext (com.sun.identity.authentication.AuthContext)13
Map (java.util.Map)12
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)12
Test (org.testng.annotations.Test)12
HashSet (java.util.HashSet)9
LoginException (javax.security.auth.login.LoginException)8
SSOTokenManager (com.iplanet.sso.SSOTokenManager)7
AuthException (com.sun.identity.authentication.service.AuthException)7
