Example 6 with ProfileException
use of org.craftercms.profile.api.exceptions.ProfileException in project profile by craftercms.
the class AuthenticationManagerImpl method authenticateUser.
@Override
public Authentication authenticateUser(String tenant, String username, String password) {
try {
Ticket ticket = authenticationService.authenticate(tenant, username, password);
Profile profile = profileService.getProfile(ticket.getProfileId());
if (profile == null) {
throw new AuthenticationSystemException("No profile found for ID '" + ticket.getProfileId() + "'");
}
String ticketId = ticket.getId();
DefaultAuthentication auth = new DefaultAuthentication(ticketId, profile);
authenticationCache.putAuthentication(auth);
logger.debug("Authentication successful for user '{}' (ticket ID = '{}')", ticket.getProfileId(), ticketId);
return auth;
} catch (ProfileRestServiceException e) {
switch(e.getErrorCode()) {
case DISABLED_PROFILE:
throw new DisabledUserException("User is disabled", e);
case BAD_CREDENTIALS:
throw new BadCredentialsException("Invalid username and/or password", e);
default:
throw new AuthenticationSystemException("An unexpected error occurred while authenticating", e);
}
} catch (ProfileException e) {
throw new AuthenticationSystemException("An unexpected error occurred while authenticating", e);
}
}
Also used :
Ticket(org.craftercms.profile.api.Ticket)
ProfileRestServiceException(org.craftercms.profile.exceptions.ProfileRestServiceException)
AuthenticationSystemException(org.craftercms.security.exception.AuthenticationSystemException)
ProfileException(org.craftercms.profile.api.exceptions.ProfileException)
BadCredentialsException(org.craftercms.security.exception.BadCredentialsException)
Profile(org.craftercms.profile.api.Profile)
DisabledUserException(org.craftercms.security.exception.DisabledUserException)
Example 7 with ProfileException
use of org.craftercms.profile.api.exceptions.ProfileException in project profile by craftercms.
the class RememberMeManagerImpl method autoLogin.
@Override
public Authentication autoLogin(RequestContext context) throws RememberMeException {
PersistentLogin login = getPersistentLoginFromCookie(context.getRequest());
if (login != null) {
PersistentLogin actualLogin;
try {
actualLogin = authenticationService.getPersistentLogin(login.getId());
} catch (ProfileException e) {
throw new RememberMeException("Error retrieving persistent login '" + login.getProfileId() + "'");
}
if (actualLogin != null) {
if (!login.getProfileId().equals(actualLogin.getProfileId())) {
throw new InvalidCookieException("Profile ID mismatch");
} else if (!login.getToken().equals(actualLogin.getToken())) {
throw new CookieTheftException("Token mismatch. Implies a cookie theft");
} else {
String loginId = actualLogin.getId();
String profileId = actualLogin.getProfileId();
logger.debug("Remember me cookie match for {}. Starting auto-login", actualLogin);
Authentication auth;
try {
auth = authenticate(profileId);
} catch (AuthenticationException e) {
// Delete remember me cookie so that we don't retry auto login in next request
disableRememberMe(loginId, context);
throw new RememberMeException("Unable to auto-login user '" + profileId + "'", e);
}
updateRememberMe(loginId, context);
return auth;
}
} else {
logger.debug("No persistent login found for ID '{}' (has possibly expired)", login.getId());
deleteRememberMeCookie(context.getResponse());
return null;
}
} else {
return null;
}
}
Also used :
InvalidCookieException(org.craftercms.security.exception.rememberme.InvalidCookieException)
CookieTheftException(org.craftercms.security.exception.rememberme.CookieTheftException)
AuthenticationException(org.craftercms.security.exception.AuthenticationException)
Authentication(org.craftercms.security.authentication.Authentication)
ProfileException(org.craftercms.profile.api.exceptions.ProfileException)
PersistentLogin(org.craftercms.profile.api.PersistentLogin)
RememberMeException(org.craftercms.security.exception.rememberme.RememberMeException)
Example 8 with ProfileException
use of org.craftercms.profile.api.exceptions.ProfileException in project profile by craftercms.
the class RememberMeManagerImpl method enableRememberMe.
@Override
public void enableRememberMe(Authentication authentication, RequestContext context) throws RememberMeException {
String profileId = authentication.getProfile().getId().toString();
PersistentLogin login;
try {
login = authenticationService.createPersistentLogin(profileId);
} catch (ProfileException e) {
throw new RememberMeException("Error creating persistent login for profile '" + profileId + "'", e);
}
logger.debug("Persistent login created: {}", login);
addRememberMeCookie(serializeLogin(login), context.getResponse());
}
Also used :
ProfileException(org.craftercms.profile.api.exceptions.ProfileException)
PersistentLogin(org.craftercms.profile.api.PersistentLogin)
RememberMeException(org.craftercms.security.exception.rememberme.RememberMeException)
Example 9 with ProfileException
use of org.craftercms.profile.api.exceptions.ProfileException in project engine by craftercms.
the class ProfileHeadersAuthenticationFilter method doGetPreAuthenticatedPrincipal.
@Override
protected Object doGetPreAuthenticatedPrincipal(final HttpServletRequest request) {
String username = request.getHeader(getUsernameHeaderName());
String email = request.getHeader(getEmailHeaderName());
if (isNoneEmpty(username, email)) {
try {
String[] tenantNames = tenantsResolver.getTenants();
Tenant tenant = getSsoEnabledTenant(tenantNames);
if (tenant != null) {
Profile profile = profileService.getProfileByUsername(tenant.getName(), username);
if (profile == null) {
profile = createProfileWithSsoInfo(username, tenant, request);
}
return new ProfileUser(profile);
} else {
logger.warn("A SSO login was attempted, but none of the tenants [{}] is enabled for SSO", (Object) tenantNames);
}
} catch (ProfileException e) {
logger.error("Error processing headers authentication for '{}'", username, e);
}
}
return null;
}
Also used :
Tenant(org.craftercms.profile.api.Tenant)
ProfileException(org.craftercms.profile.api.exceptions.ProfileException)
Profile(org.craftercms.profile.api.Profile)
Example 10 with ProfileException
use of org.craftercms.profile.api.exceptions.ProfileException in project engine by craftercms.
the class ProfileRememberMeServices method onLoginSuccess.
@Override
protected void onLoginSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication successfulAuthentication) {
ProfileUser profileUser = (ProfileUser) successfulAuthentication.getPrincipal();
try {
PersistentLogin persistentLogin = authenticationService.createPersistentLogin(profileUser.getProfile().getId().toHexString());
setCookie(new String[] { persistentLogin.getId(), persistentLogin.getToken() }, getTokenValiditySeconds(), request, response);
} catch (ProfileException e) {
throw new RememberMeAuthenticationException("Error creating persistent login for " + profileUser.getUsername(), e);
}
}
Also used :
RememberMeAuthenticationException(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException)
ProfileException(org.craftercms.profile.api.exceptions.ProfileException)
PersistentLogin(org.craftercms.profile.api.PersistentLogin)
Aggregations
ProfileException (org.craftercms.profile.api.exceptions.ProfileException)22
Tenant (org.craftercms.profile.api.Tenant)8
I10nProfileException (org.craftercms.profile.api.exceptions.I10nProfileException)8
TenantUpdater (org.craftercms.profile.utils.db.TenantUpdater)7
PersistentLogin (org.craftercms.profile.api.PersistentLogin)5
Profile (org.craftercms.profile.api.Profile)4
RememberMeException (org.craftercms.security.exception.rememberme.RememberMeException)4
ProfileRestServiceException (org.craftercms.profile.exceptions.ProfileRestServiceException)3
AuthenticationSystemException (org.craftercms.security.exception.AuthenticationSystemException)3
RememberMeAuthenticationException (org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException)3
AttributeDefinition (org.craftercms.profile.api.AttributeDefinition)2
Ticket (org.craftercms.profile.api.Ticket)2
NoSuchProfileException (org.craftercms.profile.exceptions.NoSuchProfileException)2
DisabledUserException (org.craftercms.security.exception.DisabledUserException)2
ApiOperation (com.wordnik.swagger.annotations.ApiOperation)1
FileNotFoundException (java.io.FileNotFoundException)1
InputStream (java.io.InputStream)1
Collection (java.util.Collection)1
FileExistsException (org.apache.commons.io.FileExistsException)1
ObjectId (org.bson.types.ObjectId)1
