use of org.apache.shiro.authc.IncorrectCredentialsException in project camel by apache.
the class ShiroSecurityProcessor method authenticateUser.
private void authenticateUser(Subject currentUser, ShiroSecurityToken securityToken) {
boolean authenticated = currentUser.isAuthenticated();
boolean sameUser = securityToken.getUsername().equals(currentUser.getPrincipal());
LOG.trace("Authenticated: {}, same Username: {}", authenticated, sameUser);
if (!authenticated || !sameUser) {
UsernamePasswordToken token = new UsernamePasswordToken(securityToken.getUsername(), securityToken.getPassword());
if (policy.isAlwaysReauthenticate()) {
token.setRememberMe(false);
} else {
token.setRememberMe(true);
}
try {
currentUser.login(token);
LOG.debug("Current user {} successfully authenticated", currentUser.getPrincipal());
} catch (UnknownAccountException uae) {
throw new UnknownAccountException("Authentication Failed. There is no user with username of " + token.getPrincipal(), uae.getCause());
} catch (IncorrectCredentialsException ice) {
throw new IncorrectCredentialsException("Authentication Failed. Password for account " + token.getPrincipal() + " was incorrect!", ice.getCause());
} catch (LockedAccountException lae) {
throw new LockedAccountException("Authentication Failed. The account for username " + token.getPrincipal() + " is locked." + "Please contact your administrator to unlock it.", lae.getCause());
} catch (AuthenticationException ae) {
throw new AuthenticationException("Authentication Failed.", ae.getCause());
}
}
}
use of org.apache.shiro.authc.IncorrectCredentialsException in project tesla by linking12.
the class TeslaUserRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
if (username == null) {
throw new AccountException("Null usernames are not allowed by this realm.");
}
Users user = userDao.findByUserNamed(username);
Long userId = user.userId();
String password = user.password();
int status = user.status();
if (password == null) {
throw new UnknownAccountException("No account found for " + username);
}
if (!password.equals(new String((char[]) token.getCredentials()))) {
throw new IncorrectCredentialsException("Password is not right for " + username);
}
if (status == 0) {
throw new LockedAccountException("account is locked for user " + username);
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userId, password.toCharArray(), username);
info.setCredentialsSalt(ByteSource.Util.bytes(username));
return info;
}
use of org.apache.shiro.authc.IncorrectCredentialsException in project shiro by apache.
the class JDBCRealmTest method testUnSaltedWrongPassword.
@Test
public void testUnSaltedWrongPassword() throws Exception {
String testMethodName = name.getMethodName();
JdbcRealm realm = realmMap.get(testMethodName);
createDefaultSchema(testMethodName, false);
realm.setSaltStyle(JdbcRealm.SaltStyle.NO_SALT);
Subject.Builder builder = new Subject.Builder(securityManager);
Subject currentUser = builder.buildSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, "passwrd");
try {
currentUser.login(token);
} catch (IncorrectCredentialsException ex) {
// Expected
}
}
use of org.apache.shiro.authc.IncorrectCredentialsException in project shiro by apache.
the class JDBCRealmTest method testExternalWrongPassword.
@Test
public void testExternalWrongPassword() throws Exception {
String testMethodName = name.getMethodName();
JdbcRealm realm = realmMap.get(testMethodName);
createDefaultSchema(testMethodName, true);
realm.setSaltStyle(JdbcRealm.SaltStyle.EXTERNAL);
Subject.Builder builder = new Subject.Builder(securityManager);
Subject currentUser = builder.buildSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, "passwrd");
try {
currentUser.login(token);
} catch (IncorrectCredentialsException ex) {
// Expected
}
}
use of org.apache.shiro.authc.IncorrectCredentialsException in project qi4j-sdk by Qi4j.
the class StandaloneShiroTest method test.
@Test
public void test() {
// get the currently executing user:
Subject currentUser = SecurityUtils.getSubject();
// Do some stuff with a Session (no need for a web or EJB container!!!)
Session session = currentUser.getSession();
session.setAttribute("someKey", "aValue");
String value = (String) session.getAttribute("someKey");
assertEquals("aValue", value);
LOG.info("Retrieved the correct value! [" + value + "]");
// let's login the current user so we can check against roles and permissions:
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
token.setRememberMe(true);
try {
currentUser.login(token);
} catch (UnknownAccountException uae) {
fail("There is no user with username of " + token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
fail("Password for account " + token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
fail("The account for username " + token.getPrincipal() + " is locked. " + "Please contact your administrator to unlock it.");
}// ... catch more exceptions here (maybe custom ones specific to your application?
catch (AuthenticationException ae) {
// unexpected condition? error?
throw ae;
}
}
// say who they are:
// print their identifying principal (in this case, a username):
assertNotNull(currentUser.getPrincipal());
LOG.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
// test a role:
if (currentUser.hasRole("schwartz")) {
LOG.info("May the Schwartz be with you!");
} else {
fail("Hello, mere mortal.");
}
// test a typed permission (not instance-level)
if (currentUser.isPermitted("lightsaber:weild")) {
LOG.info("You may use a lightsaber ring. Use it wisely.");
} else {
fail("Sorry, lightsaber rings are for schwartz masters only.");
}
// a (very powerful) Instance Level permission:
if (currentUser.isPermitted("winnebago:drive:eagle5")) {
LOG.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " + "Here are the keys - have fun!");
} else {
fail("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
}
// all done - log out!
currentUser.logout();
}
Aggregations