Search in sources :

Example 1 with IncorrectCredentialsException

use of org.apache.shiro.authc.IncorrectCredentialsException in project camel by apache.

the class ShiroSecurityProcessor method authenticateUser.

private void authenticateUser(Subject currentUser, ShiroSecurityToken securityToken) {
    boolean authenticated = currentUser.isAuthenticated();
    boolean sameUser = securityToken.getUsername().equals(currentUser.getPrincipal());
    LOG.trace("Authenticated: {}, same Username: {}", authenticated, sameUser);
    if (!authenticated || !sameUser) {
        UsernamePasswordToken token = new UsernamePasswordToken(securityToken.getUsername(), securityToken.getPassword());
        if (policy.isAlwaysReauthenticate()) {
            token.setRememberMe(false);
        } else {
            token.setRememberMe(true);
        }
        try {
            currentUser.login(token);
            LOG.debug("Current user {} successfully authenticated", currentUser.getPrincipal());
        } catch (UnknownAccountException uae) {
            throw new UnknownAccountException("Authentication Failed. There is no user with username of " + token.getPrincipal(), uae.getCause());
        } catch (IncorrectCredentialsException ice) {
            throw new IncorrectCredentialsException("Authentication Failed. Password for account " + token.getPrincipal() + " was incorrect!", ice.getCause());
        } catch (LockedAccountException lae) {
            throw new LockedAccountException("Authentication Failed. The account for username " + token.getPrincipal() + " is locked." + "Please contact your administrator to unlock it.", lae.getCause());
        } catch (AuthenticationException ae) {
            throw new AuthenticationException("Authentication Failed.", ae.getCause());
        }
    }
}
Also used : IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) LockedAccountException(org.apache.shiro.authc.LockedAccountException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 2 with IncorrectCredentialsException

use of org.apache.shiro.authc.IncorrectCredentialsException in project tesla by linking12.

the class TeslaUserRealm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) {
    UsernamePasswordToken upToken = (UsernamePasswordToken) token;
    String username = upToken.getUsername();
    if (username == null) {
        throw new AccountException("Null usernames are not allowed by this realm.");
    }
    Users user = userDao.findByUserNamed(username);
    Long userId = user.userId();
    String password = user.password();
    int status = user.status();
    if (password == null) {
        throw new UnknownAccountException("No account found for " + username);
    }
    if (!password.equals(new String((char[]) token.getCredentials()))) {
        throw new IncorrectCredentialsException("Password is not right for " + username);
    }
    if (status == 0) {
        throw new LockedAccountException("account is locked for user " + username);
    }
    SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userId, password.toCharArray(), username);
    info.setCredentialsSalt(ByteSource.Util.bytes(username));
    return info;
}
Also used : IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException) AccountException(org.apache.shiro.authc.AccountException) LockedAccountException(org.apache.shiro.authc.LockedAccountException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) Users(io.github.tesla.authz.domain.Users) LockedAccountException(org.apache.shiro.authc.LockedAccountException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 3 with IncorrectCredentialsException

use of org.apache.shiro.authc.IncorrectCredentialsException in project shiro by apache.

the class JDBCRealmTest method testUnSaltedWrongPassword.

@Test
public void testUnSaltedWrongPassword() throws Exception {
    String testMethodName = name.getMethodName();
    JdbcRealm realm = realmMap.get(testMethodName);
    createDefaultSchema(testMethodName, false);
    realm.setSaltStyle(JdbcRealm.SaltStyle.NO_SALT);
    Subject.Builder builder = new Subject.Builder(securityManager);
    Subject currentUser = builder.buildSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(username, "passwrd");
    try {
        currentUser.login(token);
    } catch (IncorrectCredentialsException ex) {
    // Expected
    }
}
Also used : IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException) Subject(org.apache.shiro.subject.Subject) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 4 with IncorrectCredentialsException

use of org.apache.shiro.authc.IncorrectCredentialsException in project shiro by apache.

the class JDBCRealmTest method testExternalWrongPassword.

@Test
public void testExternalWrongPassword() throws Exception {
    String testMethodName = name.getMethodName();
    JdbcRealm realm = realmMap.get(testMethodName);
    createDefaultSchema(testMethodName, true);
    realm.setSaltStyle(JdbcRealm.SaltStyle.EXTERNAL);
    Subject.Builder builder = new Subject.Builder(securityManager);
    Subject currentUser = builder.buildSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(username, "passwrd");
    try {
        currentUser.login(token);
    } catch (IncorrectCredentialsException ex) {
    // Expected
    }
}
Also used : IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException) Subject(org.apache.shiro.subject.Subject) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 5 with IncorrectCredentialsException

use of org.apache.shiro.authc.IncorrectCredentialsException in project qi4j-sdk by Qi4j.

the class StandaloneShiroTest method test.

@Test
public void test() {
    // get the currently executing user:
    Subject currentUser = SecurityUtils.getSubject();
    // Do some stuff with a Session (no need for a web or EJB container!!!)
    Session session = currentUser.getSession();
    session.setAttribute("someKey", "aValue");
    String value = (String) session.getAttribute("someKey");
    assertEquals("aValue", value);
    LOG.info("Retrieved the correct value! [" + value + "]");
    // let's login the current user so we can check against roles and permissions:
    if (!currentUser.isAuthenticated()) {
        UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
        token.setRememberMe(true);
        try {
            currentUser.login(token);
        } catch (UnknownAccountException uae) {
            fail("There is no user with username of " + token.getPrincipal());
        } catch (IncorrectCredentialsException ice) {
            fail("Password for account " + token.getPrincipal() + " was incorrect!");
        } catch (LockedAccountException lae) {
            fail("The account for username " + token.getPrincipal() + " is locked.  " + "Please contact your administrator to unlock it.");
        }// ... catch more exceptions here (maybe custom ones specific to your application?
         catch (AuthenticationException ae) {
            // unexpected condition?  error?
            throw ae;
        }
    }
    // say who they are:
    // print their identifying principal (in this case, a username):
    assertNotNull(currentUser.getPrincipal());
    LOG.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
    // test a role:
    if (currentUser.hasRole("schwartz")) {
        LOG.info("May the Schwartz be with you!");
    } else {
        fail("Hello, mere mortal.");
    }
    // test a typed permission (not instance-level)
    if (currentUser.isPermitted("lightsaber:weild")) {
        LOG.info("You may use a lightsaber ring.  Use it wisely.");
    } else {
        fail("Sorry, lightsaber rings are for schwartz masters only.");
    }
    // a (very powerful) Instance Level permission:
    if (currentUser.isPermitted("winnebago:drive:eagle5")) {
        LOG.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'.  " + "Here are the keys - have fun!");
    } else {
        fail("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
    }
    // all done - log out!
    currentUser.logout();
}
Also used : IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) Subject(org.apache.shiro.subject.Subject) LockedAccountException(org.apache.shiro.authc.LockedAccountException) Session(org.apache.shiro.session.Session) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) AbstractQi4jTest(org.qi4j.test.AbstractQi4jTest) Test(org.junit.Test)

Aggregations

IncorrectCredentialsException (org.apache.shiro.authc.IncorrectCredentialsException)11 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)9 UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)7 Subject (org.apache.shiro.subject.Subject)7 AuthenticationException (org.apache.shiro.authc.AuthenticationException)5 LockedAccountException (org.apache.shiro.authc.LockedAccountException)5 DisabledAccountException (org.apache.shiro.authc.DisabledAccountException)2 ExcessiveAttemptsException (org.apache.shiro.authc.ExcessiveAttemptsException)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2 JSONObject (com.alibaba.fastjson.JSONObject)1 AjaxJson (com.cdeledu.common.base.AjaxJson)1 Users (io.github.tesla.authz.domain.Users)1 AccountException (org.apache.shiro.authc.AccountException)1 ExpiredCredentialsException (org.apache.shiro.authc.ExpiredCredentialsException)1 SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)1 UnsupportedTokenException (org.apache.shiro.authc.pam.UnsupportedTokenException)1 UnauthorizedException (org.apache.shiro.authz.UnauthorizedException)1 Md5Hash (org.apache.shiro.crypto.hash.Md5Hash)1 Session (org.apache.shiro.session.Session)1