Search in sources :

Example 1 with InvalidCredentialsException

use of org.apache.http.auth.InvalidCredentialsException in project XobotOS by xamarin.

the class NTLMScheme method authenticate.

public Header authenticate(final Credentials credentials, final HttpRequest request) throws AuthenticationException {
    NTCredentials ntcredentials = null;
    try {
        ntcredentials = (NTCredentials) credentials;
    } catch (ClassCastException e) {
        throw new InvalidCredentialsException("Credentials cannot be used for NTLM authentication: " + credentials.getClass().getName());
    }
    String response = null;
    if (this.state == State.CHALLENGE_RECEIVED || this.state == State.FAILED) {
        response = this.engine.generateType1Msg(ntcredentials.getDomain(), ntcredentials.getWorkstation());
        this.state = State.MSG_TYPE1_GENERATED;
    } else if (this.state == State.MSG_TYPE2_RECEVIED) {
        response = this.engine.generateType3Msg(ntcredentials.getUserName(), ntcredentials.getPassword(), ntcredentials.getDomain(), ntcredentials.getWorkstation(), this.challenge);
        this.state = State.MSG_TYPE3_GENERATED;
    } else {
        throw new AuthenticationException("Unexpected state: " + this.state);
    }
    CharArrayBuffer buffer = new CharArrayBuffer(32);
    if (isProxy()) {
        buffer.append(AUTH.PROXY_AUTH_RESP);
    } else {
        buffer.append(AUTH.WWW_AUTH_RESP);
    }
    buffer.append(": NTLM ");
    buffer.append(response);
    return new BufferedHeader(buffer);
}
Also used : InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) AuthenticationException(org.apache.http.auth.AuthenticationException) BufferedHeader(org.apache.http.message.BufferedHeader) CharArrayBuffer(org.apache.http.util.CharArrayBuffer) NTCredentials(org.apache.http.auth.NTCredentials)

Example 2 with InvalidCredentialsException

use of org.apache.http.auth.InvalidCredentialsException in project ats-framework by Axway.

the class GGSSchemeBase method authenticate.

@Override
public Header authenticate(final Credentials credentials, final HttpRequest request, final HttpContext context) throws AuthenticationException {
    if (request == null) {
        throw new IllegalArgumentException("HTTP request may not be null");
    }
    switch(state) {
        case UNINITIATED:
            throw new AuthenticationException(getSchemeName() + " authentication has not been initiated");
        case FAILED:
            throw new AuthenticationException(getSchemeName() + " authentication has failed");
        case CHALLENGE_RECEIVED:
            try {
                token = generateToken(token);
                state = State.TOKEN_GENERATED;
            } catch (GSSException gsse) {
                state = State.FAILED;
                if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED)
                    throw new InvalidCredentialsException(gsse.getMessage(), gsse);
                if (gsse.getMajor() == GSSException.NO_CRED)
                    throw new InvalidCredentialsException(gsse.getMessage(), gsse);
                if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN)
                    throw new AuthenticationException(gsse.getMessage(), gsse);
                // other error
                throw new AuthenticationException(gsse.getMessage());
            }
        // continue to next case block
        case TOKEN_GENERATED:
            String tokenstr = new String(base64codec.encode(token));
            if (log.isDebugEnabled()) {
                log.debug("Sending response '" + tokenstr + "' back to the auth server");
            }
            return new BasicHeader("Authorization", "Negotiate " + tokenstr);
        default:
            throw new IllegalStateException("Illegal state: " + state);
    }
}
Also used : GSSException(org.ietf.jgss.GSSException) AuthenticationException(org.apache.http.auth.AuthenticationException) InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) BasicHeader(org.apache.http.message.BasicHeader)

Example 3 with InvalidCredentialsException

use of org.apache.http.auth.InvalidCredentialsException in project platform_external_apache-http by android.

the class NTLMScheme method authenticate.

public Header authenticate(final Credentials credentials, final HttpRequest request) throws AuthenticationException {
    NTCredentials ntcredentials = null;
    try {
        ntcredentials = (NTCredentials) credentials;
    } catch (ClassCastException e) {
        throw new InvalidCredentialsException("Credentials cannot be used for NTLM authentication: " + credentials.getClass().getName());
    }
    String response = null;
    if (this.state == State.CHALLENGE_RECEIVED || this.state == State.FAILED) {
        response = this.engine.generateType1Msg(ntcredentials.getDomain(), ntcredentials.getWorkstation());
        this.state = State.MSG_TYPE1_GENERATED;
    } else if (this.state == State.MSG_TYPE2_RECEVIED) {
        response = this.engine.generateType3Msg(ntcredentials.getUserName(), ntcredentials.getPassword(), ntcredentials.getDomain(), ntcredentials.getWorkstation(), this.challenge);
        this.state = State.MSG_TYPE3_GENERATED;
    } else {
        throw new AuthenticationException("Unexpected state: " + this.state);
    }
    CharArrayBuffer buffer = new CharArrayBuffer(32);
    if (isProxy()) {
        buffer.append(AUTH.PROXY_AUTH_RESP);
    } else {
        buffer.append(AUTH.WWW_AUTH_RESP);
    }
    buffer.append(": NTLM ");
    buffer.append(response);
    return new BufferedHeader(buffer);
}
Also used : InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) AuthenticationException(org.apache.http.auth.AuthenticationException) BufferedHeader(org.apache.http.message.BufferedHeader) CharArrayBuffer(org.apache.http.util.CharArrayBuffer) NTCredentials(org.apache.http.auth.NTCredentials)

Example 4 with InvalidCredentialsException

use of org.apache.http.auth.InvalidCredentialsException in project cloudstack by apache.

the class ElastistorUtil method getElastistorRestClient.

/**
     * This intializes a new jersey restclient for http call with elasticenter
     */
public static ElastiCenterClient getElastistorRestClient() {
    ElastiCenterClient restclient = null;
    try {
        String ip = getConfigurationDao().getValue("cloudbyte.management.ip");
        String apikey = getConfigurationDao().getValue("cloudbyte.management.apikey");
        if (ip == null) {
            throw new CloudRuntimeException("set the value of cloudbyte.management.ip in global settings");
        }
        if (apikey == null) {
            throw new CloudRuntimeException("set the value of cloudbyte.management.apikey in global settings");
        }
        restclient = new ElastiCenterClient(ip, apikey);
    } catch (InvalidCredentialsException e) {
        throw new CloudRuntimeException("InvalidCredentialsException:" + e.getMessage(), e);
    } catch (InvalidParameterException e) {
        throw new CloudRuntimeException("InvalidParameterException:" + e.getMessage(), e);
    } catch (SSLHandshakeException e) {
        throw new CloudRuntimeException("SSLHandshakeException:" + e.getMessage(), e);
    } catch (ServiceUnavailableException e) {
        throw new CloudRuntimeException("ServiceUnavailableException:" + e.getMessage(), e);
    }
    return restclient;
}
Also used : InvalidParameterException(java.security.InvalidParameterException) InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) ServiceUnavailableException(javax.naming.ServiceUnavailableException) SSLHandshakeException(javax.net.ssl.SSLHandshakeException)

Example 5 with InvalidCredentialsException

use of org.apache.http.auth.InvalidCredentialsException in project wildfly by wildfly.

the class JBossNegotiateScheme method authenticate.

/**
     * Produces Negotiate authorization Header based on token created by processChallenge.
     *
     * @param credentials Never used be the Negotiate scheme but must be provided to satisfy common-httpclient API. Credentials
     *        from JAAS will be used instead.
     * @param request The request being authenticated
     *
     * @throws AuthenticationException if authorization string cannot be generated due to an authentication failure
     *
     * @return an Negotiate authorization Header
     */
@Override
public Header authenticate(final Credentials credentials, final HttpRequest request, final HttpContext context) throws AuthenticationException {
    if (request == null) {
        throw new IllegalArgumentException("HTTP request may not be null");
    }
    if (state == State.TOKEN_GENERATED) {
        // hack for auto redirects
        return new BasicHeader("X-dummy", "Token already generated");
    }
    if (state != State.CHALLENGE_RECEIVED) {
        throw new IllegalStateException("Negotiation authentication process has not been initiated");
    }
    try {
        String key = null;
        if (isProxy()) {
            key = ExecutionContext.HTTP_PROXY_HOST;
        } else {
            key = HttpCoreContext.HTTP_TARGET_HOST;
        }
        HttpHost host = (HttpHost) context.getAttribute(key);
        if (host == null) {
            throw new AuthenticationException("Authentication host is not set " + "in the execution context");
        }
        String authServer;
        if (!this.stripPort && host.getPort() > 0) {
            authServer = host.toHostString();
        } else {
            authServer = host.getHostName();
        }
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("init " + authServer);
        }
        final Oid negotiationOid = new Oid(SPNEGO_OID);
        final GSSManager manager = GSSManager.getInstance();
        final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
        final GSSContext gssContext = manager.createContext(serverName.canonicalize(negotiationOid), negotiationOid, null, DEFAULT_LIFETIME);
        gssContext.requestMutualAuth(true);
        gssContext.requestCredDeleg(true);
        if (token == null) {
            token = new byte[0];
        }
        token = gssContext.initSecContext(token, 0, token.length);
        if (token == null) {
            state = State.FAILED;
            throw new AuthenticationException("GSS security context initialization failed");
        }
        state = State.TOKEN_GENERATED;
        String tokenstr = new String(base64codec.encode(token));
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Sending response '" + tokenstr + "' back to the auth server");
        }
        CharArrayBuffer buffer = new CharArrayBuffer(32);
        if (isProxy()) {
            buffer.append(AUTH.PROXY_AUTH_RESP);
        } else {
            buffer.append(AUTH.WWW_AUTH_RESP);
        }
        buffer.append(": Negotiate ");
        buffer.append(tokenstr);
        return new BufferedHeader(buffer);
    } catch (GSSException gsse) {
        state = State.FAILED;
        if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED)
            throw new InvalidCredentialsException(gsse.getMessage(), gsse);
        if (gsse.getMajor() == GSSException.NO_CRED)
            throw new InvalidCredentialsException(gsse.getMessage(), gsse);
        if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN)
            throw new AuthenticationException(gsse.getMessage(), gsse);
        // other error
        throw new AuthenticationException(gsse.getMessage());
    }
}
Also used : GSSName(org.ietf.jgss.GSSName) AuthenticationException(org.apache.http.auth.AuthenticationException) BufferedHeader(org.apache.http.message.BufferedHeader) CharArrayBuffer(org.apache.http.util.CharArrayBuffer) Oid(org.ietf.jgss.Oid) GSSException(org.ietf.jgss.GSSException) InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) HttpHost(org.apache.http.HttpHost) GSSManager(org.ietf.jgss.GSSManager) GSSContext(org.ietf.jgss.GSSContext) BasicHeader(org.apache.http.message.BasicHeader)

Aggregations

InvalidCredentialsException (org.apache.http.auth.InvalidCredentialsException)7 AuthenticationException (org.apache.http.auth.AuthenticationException)6 BufferedHeader (org.apache.http.message.BufferedHeader)5 CharArrayBuffer (org.apache.http.util.CharArrayBuffer)5 NTCredentials (org.apache.http.auth.NTCredentials)4 BasicHeader (org.apache.http.message.BasicHeader)2 GSSException (org.ietf.jgss.GSSException)2 CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)1 InvalidParameterException (java.security.InvalidParameterException)1 ServiceUnavailableException (javax.naming.ServiceUnavailableException)1 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)1 HttpHost (org.apache.http.HttpHost)1 GSSContext (org.ietf.jgss.GSSContext)1 GSSManager (org.ietf.jgss.GSSManager)1 GSSName (org.ietf.jgss.GSSName)1 Oid (org.ietf.jgss.Oid)1