Examples with BadCredentialsException org.craftercms.studio.api.v1.exception.security.BadCredentialsException used on opensource projects

Search in sources :

Example 1 with BadCredentialsException

use of org.craftercms.studio.api.v1.exception.security.BadCredentialsException in project studio by craftercms.

the class DbAuthenticationProvider method doAuthenticate.

@Override
public boolean doAuthenticate(HttpServletRequest request, HttpServletResponse response, AuthenticationChain authenticationChain, String username, String password) throws AuthenticationSystemException, BadCredentialsException {
    Map<String, Object> params = new HashMap<String, Object>();
    params.put(USER_ID, -1);
    params.put(USERNAME, username);
    User user = null;
    UserDAO userDao = authenticationChain.getUserDao();
    try {
        user = userDao.getUserByIdOrUsername(params);
    } catch (Exception e) {
        logger.debug("Unknown database error", e);
        throw new AuthenticationSystemException("Unknown database error", e);
    }
    if (user != null && !user.isDeleted() && user.isEnabled() && CryptoUtils.matchPassword(user.getPassword(), password)) {
        String token = createToken(user, authenticationChain);
        storeAuthentication(new Authentication(username, token, AuthenticationType.DB));
        return true;
    } else {
        throw new BadCredentialsException();
    }
}
Also used : User(org.craftercms.studio.api.v2.dal.User) UserDAO(org.craftercms.studio.api.v2.dal.UserDAO) HashMap(java.util.HashMap) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) BadCredentialsException(org.craftercms.studio.api.v1.exception.security.BadCredentialsException) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) BadCredentialsException(org.craftercms.studio.api.v1.exception.security.BadCredentialsException)

Example 2 with BadCredentialsException

use of org.craftercms.studio.api.v1.exception.security.BadCredentialsException in project studio by craftercms.

the class LdapAuthenticationProvider method doAuthenticate.

@Override
public boolean doAuthenticate(HttpServletRequest request, HttpServletResponse response, AuthenticationChain authenticationChain, String username, String password) throws AuthenticationSystemException, BadCredentialsException {
    LdapContextSource lcs = new LdapContextSource();
    lcs.setUrl(ldapUrl);
    lcs.setUserDn(ldapUsername);
    lcs.setPassword(ldapPassword);
    lcs.setBase(ldapBaseContext);
    lcs.setDirObjectFactory(DefaultDirObjectFactory.class);
    lcs.afterPropertiesSet();
    LdapTemplate ldapTemplate = new LdapTemplate(lcs);
    // Mapper for user data if user is successfully authenticated
    AuthenticatedLdapEntryContextMapper<User> mapper = (dirContext, ldapEntryIdentification) -> {
        try {
            // User entry - extract attributes
            DirContextOperations dirContextOperations = (DirContextOperations) dirContext.lookup(ldapEntryIdentification.getRelativeName());
            Attributes attributes = dirContextOperations.getAttributes();
            Attribute emailAttrib = attributes.get(emailLdapAttribute);
            Attribute firstNameAttrib = attributes.get(firstNameLdapAttribute);
            Attribute lastNameAttrib = attributes.get(lastNameLdapAttribute);
            Attribute groupNameAttrib = attributes.get(groupNameLdapAttribute);
            User user = new User();
            user.setEnabled(true);
            user.setExternallyManaged(true);
            user.setUsername(username);
            user.setPassword(UUID.randomUUID().toString());
            if (emailAttrib != null && emailAttrib.get() != null) {
                user.setEmail(emailAttrib.get().toString());
            } else {
                logger.warn("No LDAP attribute " + emailLdapAttribute + " found for username " + username + ". User will not be imported into DB.");
                return null;
            }
            if (firstNameAttrib != null && firstNameAttrib.get() != null) {
                user.setFirstName(firstNameAttrib.get().toString());
            } else {
                logger.warn("No LDAP attribute " + firstNameLdapAttribute + " found for username " + username);
            }
            if (lastNameAttrib != null && lastNameAttrib.get() != null) {
                user.setLastName(lastNameAttrib.get().toString());
            } else {
                logger.warn("No LDAP attribute " + lastNameLdapAttribute + " found for username " + username);
            }
            extractGroupsFromAttribute(user, groupNameLdapAttribute, groupNameAttrib);
            return user;
        } catch (NamingException e) {
            logger.debug("Error getting details from LDAP for username " + username, e);
            return null;
        }
    };
    // Create ldap query to authenticate user
    LdapQuery ldapQuery = query().where(usernameLdapAttribute).is(username);
    User user;
    try {
        user = ldapTemplate.authenticate(ldapQuery, password, mapper);
    } catch (EmptyResultDataAccessException e) {
        logger.debug("User " + username + " not found with external security provider.");
        return false;
    } catch (CommunicationException e) {
        logger.debug("Failed to connect with external security provider", e);
        return false;
    } catch (AuthenticationException e) {
        logger.debug("Authentication failed with the LDAP system (bad credentials)", e);
        throw new BadCredentialsException();
    } catch (Exception e) {
        logger.debug("Unexpected exception when authenticating with the LDAP system", e);
        return false;
    }
    if (user != null) {
        // When user authenticated against LDAP, upsert user data into studio database
        UserServiceInternal userServiceInternal = authenticationChain.getUserServiceInternal();
        AuditServiceInternal auditServiceInternal = authenticationChain.getAuditServiceInternal();
        StudioConfiguration studioConfiguration = authenticationChain.getStudioConfiguration();
        SiteService siteService = authenticationChain.getSiteService();
        try {
            SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
            if (userServiceInternal.userExists(-1, username)) {
                try {
                    userServiceInternal.updateUser(user);
                } catch (UserNotFoundException e) {
                    // Shouldn't happen
                    throw new IllegalStateException(e);
                }
                AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
                auditLog.setOperation(OPERATION_UPDATE);
                auditLog.setSiteId(siteFeed.getId());
                auditLog.setActorId(user.getUsername());
                auditLog.setPrimaryTargetId(user.getUsername());
                auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
                auditLog.setPrimaryTargetValue(user.getUsername());
                auditServiceInternal.insertAuditLog(auditLog);
            } else {
                try {
                    userServiceInternal.createUser(user);
                    AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
                    auditLog.setOperation(OPERATION_CREATE);
                    auditLog.setSiteId(siteFeed.getId());
                    auditLog.setActorId(user.getUsername());
                    auditLog.setPrimaryTargetId(user.getUsername());
                    auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
                    auditLog.setPrimaryTargetValue(user.getUsername());
                    auditServiceInternal.insertAuditLog(auditLog);
                } catch (UserAlreadyExistsException e) {
                    logger.debug("Error adding user " + username + " from external authentication provider", e);
                    throw new AuthenticationSystemException("Error adding user " + username + " from external authentication provider", e);
                }
            }
        } catch (ServiceLayerException e) {
            logger.debug("Unknown service error", e);
            throw new AuthenticationSystemException("Unknown service error", e);
        }
        for (UserGroup userGroup : user.getGroups()) {
            upsertUserGroup(userGroup.getGroup().getGroupName(), user.getUsername(), authenticationChain);
        }
        String token = createToken(user, authenticationChain);
        storeAuthentication(new Authentication(username, token, AuthenticationType.LDAP));
        return true;
    } else {
        logger.debug("Failed to retrieve LDAP user details");
        throw new AuthenticationSystemException("Failed to retrieve LDAP user details");
    }
}
Also used : DEFAULT_ORGANIZATION_ID(org.craftercms.studio.api.v1.constant.StudioConstants.DEFAULT_ORGANIZATION_ID) UserServiceInternal(org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal) GROUP_NAME(org.craftercms.studio.api.v2.dal.QueryParameterNames.GROUP_NAME) LdapTemplate(org.springframework.ldap.core.LdapTemplate) NamingException(javax.naming.NamingException) StringUtils(org.apache.commons.lang3.StringUtils) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) User(org.craftercms.studio.api.v2.dal.User) Attribute(javax.naming.directory.Attribute) Matcher(java.util.regex.Matcher) GROUP_DESCRIPTION(org.craftercms.studio.api.v2.dal.QueryParameterNames.GROUP_DESCRIPTION) AuditServiceInternal(org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal) Map(java.util.Map) BaseAuthenticationProvider(org.craftercms.studio.api.v2.service.security.BaseAuthenticationProvider) UserGroup(org.craftercms.studio.api.v2.dal.UserGroup) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException) USERNAME(org.craftercms.studio.api.v2.dal.QueryParameterNames.USERNAME) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) SiteService(org.craftercms.studio.api.v1.service.site.SiteService) CONFIGURATION_GLOBAL_SYSTEM_SITE(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE) UUID(java.util.UUID) List(java.util.List) StudioConfiguration(org.craftercms.studio.api.v2.utils.StudioConfiguration) GROUP_ID(org.craftercms.studio.api.v2.dal.QueryParameterNames.GROUP_ID) LdapQueryBuilder.query(org.springframework.ldap.query.LdapQueryBuilder.query) Attributes(javax.naming.directory.Attributes) NamingEnumeration(javax.naming.NamingEnumeration) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) OPERATION_CREATE(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_CREATE) Pattern(java.util.regex.Pattern) DirContextOperations(org.springframework.ldap.core.DirContextOperations) UserAlreadyExistsException(org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException) TARGET_TYPE_USER(org.craftercms.studio.api.v2.dal.AuditLogConstants.TARGET_TYPE_USER) USER_ID(org.craftercms.studio.api.v2.dal.QueryParameterNames.USER_ID) AuthenticationException(org.springframework.ldap.AuthenticationException) USER_IDS(org.craftercms.studio.api.v2.dal.QueryParameterNames.USER_IDS) Logger(org.craftercms.studio.api.v1.log.Logger) GroupDAO(org.craftercms.studio.api.v2.dal.GroupDAO) AuthenticationType(org.craftercms.studio.model.AuthenticationType) HashMap(java.util.HashMap) AuthenticationChain(org.craftercms.studio.api.v2.service.security.AuthenticationChain) ArrayList(java.util.ArrayList) HttpServletRequest(javax.servlet.http.HttpServletRequest) LoggerFactory(org.craftercms.studio.api.v1.log.LoggerFactory) CommunicationException(org.springframework.ldap.CommunicationException) OPERATION_ADD_MEMBERS(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_ADD_MEMBERS) OPERATION_UPDATE(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_UPDATE) LdapQuery(org.springframework.ldap.query.LdapQuery) DefaultDirObjectFactory(org.springframework.ldap.core.support.DefaultDirObjectFactory) UserDAO(org.craftercms.studio.api.v2.dal.UserDAO) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) HttpServletResponse(javax.servlet.http.HttpServletResponse) ORG_ID(org.craftercms.studio.api.v2.dal.QueryParameterNames.ORG_ID) Group(org.craftercms.studio.api.v2.dal.Group) BadCredentialsException(org.craftercms.studio.api.v1.exception.security.BadCredentialsException) AuthenticatedLdapEntryContextMapper(org.springframework.ldap.core.AuthenticatedLdapEntryContextMapper) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) User(org.craftercms.studio.api.v2.dal.User) Attribute(javax.naming.directory.Attribute) AuthenticationException(org.springframework.ldap.AuthenticationException) Attributes(javax.naming.directory.Attributes) UserAlreadyExistsException(org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException) LdapQuery(org.springframework.ldap.query.LdapQuery) BadCredentialsException(org.craftercms.studio.api.v1.exception.security.BadCredentialsException) LdapTemplate(org.springframework.ldap.core.LdapTemplate) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) UserGroup(org.craftercms.studio.api.v2.dal.UserGroup) StudioConfiguration(org.craftercms.studio.api.v2.utils.StudioConfiguration) SiteService(org.craftercms.studio.api.v1.service.site.SiteService) NamingException(javax.naming.NamingException) CommunicationException(org.springframework.ldap.CommunicationException) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) UserServiceInternal(org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) NamingException(javax.naming.NamingException) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) UserAlreadyExistsException(org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException) AuthenticationException(org.springframework.ldap.AuthenticationException) CommunicationException(org.springframework.ldap.CommunicationException) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) BadCredentialsException(org.craftercms.studio.api.v1.exception.security.BadCredentialsException) AuditServiceInternal(org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal) DirContextOperations(org.springframework.ldap.core.DirContextOperations) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)

Aggregations

HashMap (java.util.HashMap)2 AuthenticationSystemException (org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException)2 BadCredentialsException (org.craftercms.studio.api.v1.exception.security.BadCredentialsException)2 User (org.craftercms.studio.api.v2.dal.User)2 UserDAO (org.craftercms.studio.api.v2.dal.UserDAO)2 ArrayList (java.util.ArrayList)1 List (java.util.List)1 Map (java.util.Map)1 UUID (java.util.UUID)1 Matcher (java.util.regex.Matcher)1 Pattern (java.util.regex.Pattern)1 NamingEnumeration (javax.naming.NamingEnumeration)1 NamingException (javax.naming.NamingException)1 Attribute (javax.naming.directory.Attribute)1 Attributes (javax.naming.directory.Attributes)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 StringUtils (org.apache.commons.lang3.StringUtils)1 DEFAULT_ORGANIZATION_ID (org.craftercms.studio.api.v1.constant.StudioConstants.DEFAULT_ORGANIZATION_ID)1 SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial