Examples with AuthenticationException org.apache.cassandra.exceptions.AuthenticationException used on opensource projects

Example 1 with AuthenticationException

use of org.apache.cassandra.exceptions.AuthenticationException in project cassandra by apache.

the class PasswordAuthenticator method legacyAuthenticate.

public AuthenticatedUser legacyAuthenticate(Map<String, String> credentials) throws AuthenticationException {
    String username = credentials.get(USERNAME_KEY);
    if (username == null)
        throw new AuthenticationException(String.format("Required key '%s' is missing", USERNAME_KEY));
    String password = credentials.get(PASSWORD_KEY);
    if (password == null)
        throw new AuthenticationException(String.format("Required key '%s' is missing for provided username %s", PASSWORD_KEY, username));
    return authenticate(username, password);
}

Example 2 with AuthenticationException

use of org.apache.cassandra.exceptions.AuthenticationException in project cassandra by apache.

the class CassandraLoginModule method login.

/**
     * Authenticate the user, obtaining credentials from the CallbackHandler
     * supplied in {@code}initialize{@code}. As long as the configured
     * {@code}IAuthenticator{@code} supports the optional
     * {@code}legacyAuthenticate{@code} method, it can be used here.
     *
     * @return true in all cases since this {@code}LoginModule{@code}
     *         should not be ignored.
     * @exception FailedLoginException if the authentication fails.
     * @exception LoginException if this {@code}LoginModule{@code} is unable to
     * perform the authentication.
     */
@Override
public boolean login() throws LoginException {
    // prompt for a user name and password
    if (callbackHandler == null) {
        logger.info("No CallbackHandler available for authentication");
        throw new LoginException("Authentication failed");
    }
    NameCallback nc = new NameCallback("username: ");
    PasswordCallback pc = new PasswordCallback("password: ", false);
    try {
        callbackHandler.handle(new Callback[] { nc, pc });
        username = nc.getName();
        char[] tmpPassword = pc.getPassword();
        if (tmpPassword == null)
            tmpPassword = new char[0];
        password = new char[tmpPassword.length];
        System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length);
        pc.clearPassword();
    } catch (IOException | UnsupportedCallbackException e) {
        logger.info("Unexpected exception processing authentication callbacks", e);
        throw new LoginException("Authentication failed");
    }
    // verify the credentials
    try {
        authenticate();
    } catch (AuthenticationException e) {
        // authentication failed -- clean up
        succeeded = false;
        cleanUpInternalState();
        throw new FailedLoginException(e.getMessage());
    }
    succeeded = true;
    return true;
}

Example 3 with AuthenticationException

use of org.apache.cassandra.exceptions.AuthenticationException in project cassandra by apache.

the class CassandraLoginModule method authenticate.

private void authenticate() {
    if (!StorageService.instance.isAuthSetupComplete())
        throw new AuthenticationException("Cannot login as server authentication setup is not yet completed");
    IAuthenticator authenticator = DatabaseDescriptor.getAuthenticator();
    Map<String, String> credentials = new HashMap<>();
    credentials.put(PasswordAuthenticator.USERNAME_KEY, username);
    credentials.put(PasswordAuthenticator.PASSWORD_KEY, String.valueOf(password));
    AuthenticatedUser user = authenticator.legacyAuthenticate(credentials);
    // Only actual users should be allowed to authenticate for JMX
    if (user.isAnonymous() || user.isSystem())
        throw new AuthenticationException(String.format("Invalid user %s", user.getName()));
    // The LOGIN privilege is required to authenticate - c.f. ClientState::login
    if (!DatabaseDescriptor.getRoleManager().canLogin(user.getPrimaryRole()))
        throw new AuthenticationException(user.getName() + " is not permitted to log in");
}

Example 4 with AuthenticationException

use of org.apache.cassandra.exceptions.AuthenticationException in project cassandra by apache.

the class AuthResponse method execute.

@Override
public Response execute(QueryState queryState, long queryStartNanoTime) {
    try {
        IAuthenticator.SaslNegotiator negotiator = ((ServerConnection) connection).getSaslNegotiator(queryState);
        byte[] challenge = negotiator.evaluateResponse(token);
        if (negotiator.isComplete()) {
            AuthenticatedUser user = negotiator.getAuthenticatedUser();
            queryState.getClientState().login(user);
            AuthMetrics.instance.markSuccess();
            // authentication is complete, send a ready message to the client
            return new AuthSuccess(challenge);
        } else {
            return new AuthChallenge(challenge);
        }
    } catch (AuthenticationException e) {
        AuthMetrics.instance.markFailure();
        return ErrorMessage.fromException(e);
    }
}

Example 5 with AuthenticationException

use of org.apache.cassandra.exceptions.AuthenticationException in project cassandra by apache.

the class CredentialsMessage method execute.

public Message.Response execute(QueryState state, long queryStartNanoTime) {
    try {
        AuthenticatedUser user = DatabaseDescriptor.getAuthenticator().legacyAuthenticate(credentials);
        state.getClientState().login(user);
        AuthMetrics.instance.markSuccess();
    } catch (AuthenticationException e) {
        AuthMetrics.instance.markFailure();
        return ErrorMessage.fromException(e);
    }
    return new ReadyMessage();
}