use of org.apereo.cas.authentication.credential.RememberMeUsernamePasswordCredential in project cas by apereo.
the class ShiroAuthenticationHandler method authenticateUsernamePasswordInternal.
@Override
protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential, final String originalPassword) throws GeneralSecurityException {
try {
val token = new UsernamePasswordToken(transformedCredential.getUsername(), transformedCredential.getPassword());
if (transformedCredential instanceof RememberMeUsernamePasswordCredential) {
token.setRememberMe(RememberMeUsernamePasswordCredential.class.cast(transformedCredential).isRememberMe());
}
val currentUser = getCurrentExecutingSubject();
currentUser.login(token);
checkSubjectRolesAndPermissions(currentUser);
val strategy = getPasswordPolicyHandlingStrategy();
val messageList = new ArrayList<MessageDescriptor>();
if (strategy != null) {
LOGGER.debug("Attempting to examine and handle password policy via [{}]", strategy.getClass().getSimpleName());
val principal = this.principalFactory.createPrincipal(token.getUsername());
messageList.addAll(strategy.handle(principal, getPasswordPolicyConfiguration()));
}
return createAuthenticatedSubjectResult(transformedCredential, currentUser, messageList);
} catch (final UnknownAccountException uae) {
throw new AccountNotFoundException(uae.getMessage());
} catch (final LockedAccountException | ExcessiveAttemptsException lae) {
throw new AccountLockedException(lae.getMessage());
} catch (final ExpiredCredentialsException eae) {
throw new CredentialExpiredException(eae.getMessage());
} catch (final DisabledAccountException eae) {
throw new AccountDisabledException(eae.getMessage());
} catch (final AuthenticationException ice) {
throw new FailedLoginException(ice.getMessage());
}
}
use of org.apereo.cas.authentication.credential.RememberMeUsernamePasswordCredential in project cas by apereo.
the class ShiroAuthenticationHandlerTests method checkAuthenticationSuccessfulRolesAndPermissions.
@Test
public void checkAuthenticationSuccessfulRolesAndPermissions() throws Exception {
val shiro = new ShiroAuthenticationHandler(StringUtils.EMPTY, null, PrincipalFactoryUtils.newPrincipalFactory(), Collections.singleton("admin"), Collections.singleton("superuser:deleteAll"));
shiro.loadShiroConfiguration(new ClassPathResource("shiro.ini"));
val creds = new RememberMeUsernamePasswordCredential();
creds.setRememberMe(true);
creds.setUsername("casuser");
creds.setPassword("Mellon");
assertNotNull(shiro.authenticate(creds));
}
Aggregations