Examples with AuthenticationFailedException org.apache.geode.security.AuthenticationFailedException used on opensource projects

Example 6 with AuthenticationFailedException

use of org.apache.geode.security.AuthenticationFailedException in project geode by apache.

the class PKCSAuthenticator method populateMap.

private void populateMap() {
    try {
        final KeyStore keyStore = KeyStore.getInstance("JKS");
        final char[] passPhrase = this.pubKeyPass != null ? this.pubKeyPass.toCharArray() : null;
        final FileInputStream keyStoreFile = new FileInputStream(this.pubKeyFilePath);
        try {
            keyStore.load(keyStoreFile, passPhrase);
        } finally {
            keyStoreFile.close();
        }
        for (Enumeration e = keyStore.aliases(); e.hasMoreElements(); ) {
            final Object alias = e.nextElement();
            final Certificate cert = keyStore.getCertificate((String) alias);
            if (cert instanceof X509Certificate) {
                this.aliasCertificateMap.put(alias, cert);
            }
        }
    } catch (Exception e) {
        throw new AuthenticationFailedException("Exception while getting public keys: " + e.getMessage(), e);
    }
}

Example 7 with AuthenticationFailedException

use of org.apache.geode.security.AuthenticationFailedException in project geode by apache.

the class UserPasswordAuthInit method getCredentials.

@Override
public Properties getCredentials(final Properties securityProperties, final DistributedMember server, final boolean isPeer) throws AuthenticationFailedException {
    String userName = securityProperties.getProperty(USER_NAME);
    if (userName == null) {
        throw new AuthenticationFailedException("UserPasswordAuthInit: user name property [" + USER_NAME + "] not set.");
    }
    String password = securityProperties.getProperty(PASSWORD);
    if (password == null) {
        password = "";
    }
    Properties securityPropertiesCopy = new Properties();
    securityPropertiesCopy.setProperty(USER_NAME, userName);
    securityPropertiesCopy.setProperty(PASSWORD, password);
    return securityPropertiesCopy;
}

Example 8 with AuthenticationFailedException

use of org.apache.geode.security.AuthenticationFailedException in project geode by apache.

the class LauncherLifecycleCommands method doAutoConnect.

private boolean doAutoConnect(final String locatorHostname, final int locatorPort, final String gemfirePropertiesPathname, final String gemfireSecurityPropertiesPathname, final InfoResultData infoResultData) {
    boolean connectSuccess = false;
    boolean jmxManagerAuthEnabled = false;
    boolean jmxManagerSslEnabled = false;
    Map<String, String> configurationProperties = loadConfigurationProperties(gemfireSecurityPropertiesPathname, loadConfigurationProperties(gemfirePropertiesPathname));
    Map<String, String> locatorConfigurationProperties = new HashMap<>(configurationProperties);
    String responseFailureMessage = null;
    for (int attempts = 0; (attempts < 10 && !connectSuccess); attempts++) {
        try {
            ConnectToLocatorResult connectToLocatorResult = ShellCommands.connectToLocator(locatorHostname, locatorPort, ShellCommands.getConnectLocatorTimeoutInMS() / 4, locatorConfigurationProperties);
            ConnectionEndpoint memberEndpoint = connectToLocatorResult.getMemberEndpoint();
            jmxManagerSslEnabled = connectToLocatorResult.isJmxManagerSslEnabled();
            if (!jmxManagerSslEnabled) {
                configurationProperties.clear();
            }
            getGfsh().setOperationInvoker(new JmxOperationInvoker(memberEndpoint.getHost(), memberEndpoint.getPort(), null, null, configurationProperties, null));
            String shellAndLogMessage = CliStrings.format(CliStrings.CONNECT__MSG__SUCCESS, "JMX Manager " + memberEndpoint.toString(false));
            infoResultData.addLine("\n");
            infoResultData.addLine(shellAndLogMessage);
            getGfsh().logToFile(shellAndLogMessage, null);
            connectSuccess = true;
            responseFailureMessage = null;
        } catch (IllegalStateException unexpected) {
            if (CauseFinder.indexOfCause(unexpected, ClassCastException.class, false) != -1) {
                responseFailureMessage = "The Locator might require SSL Configuration.";
            }
        } catch (SecurityException ignore) {
            getGfsh().logToFile(ignore.getMessage(), ignore);
            jmxManagerAuthEnabled = true;
            // no need to continue after SecurityException
            break;
        } catch (AuthenticationFailedException ignore) {
            getGfsh().logToFile(ignore.getMessage(), ignore);
            jmxManagerAuthEnabled = true;
            // no need to continue after AuthenticationFailedException
            break;
        } catch (SSLException ignore) {
            if (ignore instanceof SSLHandshakeException) {
                // try to connect again without SSL since the SSL handshake failed implying a plain text
                // connection...
                locatorConfigurationProperties.clear();
            } else {
                // another type of SSL error occurred (possibly a configuration issue); pass the buck...
                getGfsh().logToFile(ignore.getMessage(), ignore);
                responseFailureMessage = "Check your SSL configuration and try again.";
                break;
            }
        } catch (Exception ignore) {
            getGfsh().logToFile(ignore.getMessage(), ignore);
            responseFailureMessage = "Failed to connect; unknown cause: " + ignore.getMessage();
        }
    }
    if (!connectSuccess) {
        doOnConnectionFailure(locatorHostname, locatorPort, jmxManagerAuthEnabled, jmxManagerSslEnabled, infoResultData);
    }
    if (StringUtils.isNotBlank(responseFailureMessage)) {
        infoResultData.addLine("\n");
        infoResultData.addLine(responseFailureMessage);
    }
    return connectSuccess;
}

Example 9 with AuthenticationFailedException

use of org.apache.geode.security.AuthenticationFailedException in project geode by apache.

the class GMSJoinLeaveJUnitTest method testProcessJoinMessageWithAuthenticationButNullCredentials.

@Test
public void testProcessJoinMessageWithAuthenticationButNullCredentials() throws IOException {
    initMocks();
    when(services.getAuthenticator()).thenReturn(authenticator);
    when(authenticator.authenticate(mockMembers[0], null)).thenThrow(new AuthenticationFailedException("we want to fail auth here"));
    when(services.getMessenger()).thenReturn(messenger);
    gmsJoinLeave.processMessage(new JoinRequestMessage(mockMembers[0], mockMembers[0], null, -1, 0));
    assertTrue("JoinRequest should not have been added to view request", gmsJoinLeave.getViewRequests().size() == 0);
    verify(messenger).send(isA(JoinResponseMessage.class));
}

Example 10 with AuthenticationFailedException

use of org.apache.geode.security.AuthenticationFailedException in project geode by apache.

the class GMSJoinLeaveJUnitTest method testProcessJoinMessageWithBadAuthentication.

@Test
public void testProcessJoinMessageWithBadAuthentication() throws IOException {
    initMocks();
    when(services.getAuthenticator()).thenReturn(authenticator);
    when(authenticator.authenticate(mockMembers[0], credentials)).thenThrow(new AuthenticationFailedException("we want to fail auth here"));
    when(services.getMessenger()).thenReturn(messenger);
    gmsJoinLeave.processMessage(new JoinRequestMessage(mockMembers[0], mockMembers[0], credentials, -1, 0));
    assertTrue("JoinRequest should not have been added to view request", gmsJoinLeave.getViewRequests().size() == 0);
    verify(messenger).send(isA(JoinResponseMessage.class));
}