use of org.apache.shiro.authc.UnknownAccountException in project camel by apache.
the class ShiroSecurityProcessor method authenticateUser.
private void authenticateUser(Subject currentUser, ShiroSecurityToken securityToken) {
boolean authenticated = currentUser.isAuthenticated();
boolean sameUser = securityToken.getUsername().equals(currentUser.getPrincipal());
LOG.trace("Authenticated: {}, same Username: {}", authenticated, sameUser);
if (!authenticated || !sameUser) {
UsernamePasswordToken token = new UsernamePasswordToken(securityToken.getUsername(), securityToken.getPassword());
if (policy.isAlwaysReauthenticate()) {
token.setRememberMe(false);
} else {
token.setRememberMe(true);
}
try {
currentUser.login(token);
LOG.debug("Current user {} successfully authenticated", currentUser.getPrincipal());
} catch (UnknownAccountException uae) {
throw new UnknownAccountException("Authentication Failed. There is no user with username of " + token.getPrincipal(), uae.getCause());
} catch (IncorrectCredentialsException ice) {
throw new IncorrectCredentialsException("Authentication Failed. Password for account " + token.getPrincipal() + " was incorrect!", ice.getCause());
} catch (LockedAccountException lae) {
throw new LockedAccountException("Authentication Failed. The account for username " + token.getPrincipal() + " is locked." + "Please contact your administrator to unlock it.", lae.getCause());
} catch (AuthenticationException ae) {
throw new AuthenticationException("Authentication Failed.", ae.getCause());
}
}
}
use of org.apache.shiro.authc.UnknownAccountException in project tesla by linking12.
the class TeslaUserRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
if (username == null) {
throw new AccountException("Null usernames are not allowed by this realm.");
}
Users user = userDao.findByUserNamed(username);
Long userId = user.userId();
String password = user.password();
int status = user.status();
if (password == null) {
throw new UnknownAccountException("No account found for " + username);
}
if (!password.equals(new String((char[]) token.getCredentials()))) {
throw new IncorrectCredentialsException("Password is not right for " + username);
}
if (status == 0) {
throw new LockedAccountException("account is locked for user " + username);
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userId, password.toCharArray(), username);
info.setCredentialsSalt(ByteSource.Util.bytes(username));
return info;
}
use of org.apache.shiro.authc.UnknownAccountException in project shiro by apache.
the class JdbcRealm method doGetAuthenticationInfo.
/*--------------------------------------------
| M E T H O D S |
============================================*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
// Null username is invalid
if (username == null) {
throw new AccountException("Null usernames are not allowed by this realm.");
}
Connection conn = null;
SimpleAuthenticationInfo info = null;
try {
conn = dataSource.getConnection();
String password = null;
String salt = null;
switch(saltStyle) {
case NO_SALT:
password = getPasswordForUser(conn, username)[0];
break;
case CRYPT:
// TODO: separate password and hash from getPasswordForUser[0]
throw new ConfigurationException("Not implemented yet");
// break;
case COLUMN:
String[] queryResults = getPasswordForUser(conn, username);
password = queryResults[0];
salt = queryResults[1];
break;
case EXTERNAL:
password = getPasswordForUser(conn, username)[0];
salt = getSaltForUser(username);
}
if (password == null) {
throw new UnknownAccountException("No account found for user [" + username + "]");
}
info = new SimpleAuthenticationInfo(username, password.toCharArray(), getName());
if (salt != null) {
info.setCredentialsSalt(ByteSource.Util.bytes(salt));
}
} catch (SQLException e) {
final String message = "There was a SQL error while authenticating user [" + username + "]";
if (log.isErrorEnabled()) {
log.error(message, e);
}
// Rethrow any SQL errors as an authentication exception
throw new AuthenticationException(message, e);
} finally {
JdbcUtils.closeConnection(conn);
}
return info;
}
use of org.apache.shiro.authc.UnknownAccountException in project qi4j-sdk by Qi4j.
the class StandaloneShiroTest method test.
@Test
public void test() {
// get the currently executing user:
Subject currentUser = SecurityUtils.getSubject();
// Do some stuff with a Session (no need for a web or EJB container!!!)
Session session = currentUser.getSession();
session.setAttribute("someKey", "aValue");
String value = (String) session.getAttribute("someKey");
assertEquals("aValue", value);
LOG.info("Retrieved the correct value! [" + value + "]");
// let's login the current user so we can check against roles and permissions:
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
token.setRememberMe(true);
try {
currentUser.login(token);
} catch (UnknownAccountException uae) {
fail("There is no user with username of " + token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
fail("Password for account " + token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
fail("The account for username " + token.getPrincipal() + " is locked. " + "Please contact your administrator to unlock it.");
}// ... catch more exceptions here (maybe custom ones specific to your application?
catch (AuthenticationException ae) {
// unexpected condition? error?
throw ae;
}
}
// say who they are:
// print their identifying principal (in this case, a username):
assertNotNull(currentUser.getPrincipal());
LOG.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
// test a role:
if (currentUser.hasRole("schwartz")) {
LOG.info("May the Schwartz be with you!");
} else {
fail("Hello, mere mortal.");
}
// test a typed permission (not instance-level)
if (currentUser.isPermitted("lightsaber:weild")) {
LOG.info("You may use a lightsaber ring. Use it wisely.");
} else {
fail("Sorry, lightsaber rings are for schwartz masters only.");
}
// a (very powerful) Instance Level permission:
if (currentUser.isPermitted("winnebago:drive:eagle5")) {
LOG.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " + "Here are the keys - have fun!");
} else {
fail("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
}
// all done - log out!
currentUser.logout();
}
use of org.apache.shiro.authc.UnknownAccountException in project wechat by dllwh.
the class ShiroHelper method login.
/**
* ----------------------------------------------------- Fields end
*/
public static AjaxJson login(String userName, String passWord) {
// 用户名密码令牌
UsernamePasswordToken token = new UsernamePasswordToken(userName, passWord);
token.setRememberMe(false);
String logMsg = "", resultMsg = "";
AjaxJson ajaxJson = new AjaxJson();
boolean suc = false;
// 获得当前登录用户对象Subject,现在状态为 “未认证”
Subject subject = SecurityUtils.getSubject();
try {
subject.login(token);
} catch (UnknownAccountException uae) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过,未知账户";
resultMsg = MessageConstant.LOGIN_USER_UNKNOWN;
} catch (IncorrectCredentialsException ice) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过,错误的凭证";
resultMsg = MessageConstant.LOGIN_USER_REEOE;
} catch (LockedAccountException lae) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过,账户已锁定";
resultMsg = MessageConstant.LOGIN_USER_LOCK;
} catch (DisabledAccountException dae) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过,帐号已被禁用";
resultMsg = MessageConstant.LOGIN_USER_DISABLED;
} catch (ExpiredCredentialsException ece) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过,帐号已过期";
resultMsg = MessageConstant.LOGIN_USER_EXPIRED;
} catch (ExcessiveAttemptsException eae) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过,用户名或密码错误次数过多";
resultMsg = MessageConstant.LOGIN_USER_MORE;
} catch (UnauthorizedException e) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过,您没有得到相应的授权!";
resultMsg = MessageConstant.LOGIN_USER_UNAUTHORIZED;
} catch (AuthenticationException ae) {
logMsg = "对用户[" + userName + "]进行登录验证..验证未通过," + ae.getMessage();
resultMsg = MessageConstant.LOGIN_ERROR;
}
if (subject.isAuthenticated()) {
logMsg = "对用户[" + userName + "]进行登录验证..验证通过";
suc = true;
} else {
token.clear();
}
ajaxJson.setSuccess(suc);
ajaxJson.setMsg(resultMsg);
ajaxJson.setObj(logMsg);
return ajaxJson;
}
Aggregations