Examples with BadCredentialsException org.springframework.security.BadCredentialsException used on opensource projects

Search in sources :

Example 1 with BadCredentialsException

use of org.springframework.security.BadCredentialsException in project gocd by gocd.

the class LdapUserSearch method searchForUser.

public DirContextOperations searchForUser(String username) {
    SecurityConfig securityConfig = goConfigService.security();
    if (!securityConfig.isSecurityEnabled()) {
        return null;
    }
    LdapConfig ldapConfig = securityConfig.ldapConfig();
    RuntimeException lastFoundException = null;
    BaseConfig failedBaseConfig = null;
    for (BaseConfig baseConfig : ldapConfig.getBasesConfig()) {
        if (lastFoundException != null && !(lastFoundException instanceof BadCredentialsException)) {
            logger.warn(String.format("The ldap configuration for search base '%s' is invalid", failedBaseConfig.getValue()), lastFoundException);
        }
        FilterBasedLdapUserSearch search = getFilterBasedLdapUserSearch(baseConfig.getValue(), ldapConfig.searchFilter());
        search.setSearchSubtree(true);
        // timeout after five seconds
        search.setSearchTimeLimit(5000);
        try {
            return search.searchForUser(username);
        } catch (UsernameNotFoundException e) {
            failedBaseConfig = baseConfig;
            lastFoundException = new BadCredentialsException("Bad credentials");
        } catch (RuntimeException e) {
            failedBaseConfig = baseConfig;
            lastFoundException = e;
        }
    }
    if (lastFoundException != null) {
        throw lastFoundException;
    }
    throw new RuntimeException("No LDAP Search Bases are configured.");
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException) SecurityConfig(com.thoughtworks.go.config.SecurityConfig) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BadCredentialsException(org.springframework.security.BadCredentialsException) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig)

Example 2 with BadCredentialsException

use of org.springframework.security.BadCredentialsException in project gocd by gocd.

the class LdapAuthenticationTest method assertFailedAuthentication.

private void assertFailedAuthentication(String userName, String password) {
    Authentication authentication = new UsernamePasswordAuthenticationToken(userName, password);
    try {
        ldapAuthenticationProvider.authenticate(authentication);
        fail("Expected authentication to fail for user: " + userName);
    } catch (BadCredentialsException e) {
    }
}
Also used : Authentication(org.springframework.security.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.BadCredentialsException)

Example 3 with BadCredentialsException

use of org.springframework.security.BadCredentialsException in project gocd by gocd.

the class X509AuthoritiesPopulatorTest method shouldNotReturnUserDetailsIfCertificateHasNoOu.

@Test
public void shouldNotReturnUserDetailsIfCertificateHasNoOu() {
    X509Certificate agentCertificate = new X509CertificateGenerator().createCertificateWithDn("CN=hostname").getFirstCertificate();
    try {
        populator.getUserDetails(agentCertificate);
        Assert.fail("Oh dear. You should have thrown an exception, silly!");
    } catch (BadCredentialsException ignored) {
    }
}
Also used : BadCredentialsException(org.springframework.security.BadCredentialsException) X509Certificate(java.security.cert.X509Certificate) X509CertificateGenerator(com.thoughtworks.go.security.X509CertificateGenerator) Test(org.junit.Test)

Example 4 with BadCredentialsException

use of org.springframework.security.BadCredentialsException in project gocd by gocd.

the class AuthenticationProcessingFilterTest method shouldNotSetSecurityExceptionMessageOnSessionWhenBadCredentialsExceptionIsThrownBySpring.

@Test
public void shouldNotSetSecurityExceptionMessageOnSessionWhenBadCredentialsExceptionIsThrownBySpring() throws Exception {
    filter.onUnsuccessfulAuthentication(request, null, new BadCredentialsException("foobar"));
    assertThat(session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY), is(nullValue()));
}
Also used : BadCredentialsException(org.springframework.security.BadCredentialsException) Test(org.junit.Test)

Example 5 with BadCredentialsException

use of org.springframework.security.BadCredentialsException in project gocd by gocd.

the class BasicProcessingFilterEntryPointTest method testShouldRender401WithWithHTMLWithNoAcceptHeader.

@Test
public void testShouldRender401WithWithHTMLWithNoAcceptHeader() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    new BasicProcessingFilterEntryPoint().commence(request, response, new BadCredentialsException("foo"));
    assertEquals("Basic realm=\"GoCD\"", response.getHeader("WWW-Authenticate"));
    assertEquals(401, response.getStatus());
    assertEquals("foo", response.getErrorMessage());
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) BadCredentialsException(org.springframework.security.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

BadCredentialsException (org.springframework.security.BadCredentialsException)9 Test (org.junit.Test)4 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 User (org.springframework.security.userdetails.User)2 LdapConfig (com.thoughtworks.go.config.LdapConfig)1 SecurityConfig (com.thoughtworks.go.config.SecurityConfig)1 BaseConfig (com.thoughtworks.go.config.server.security.ldap.BaseConfig)1 X509CertificateGenerator (com.thoughtworks.go.security.X509CertificateGenerator)1 OauthDataSource (com.thoughtworks.go.server.oauth.OauthDataSource)1 OauthAuthenticationToken (com.thoughtworks.go.server.security.OauthAuthenticationToken)1 X509Certificate (java.security.cert.X509Certificate)1 Matcher (java.util.regex.Matcher)1 X500Principal (javax.security.auth.x500.X500Principal)1 Authentication (org.springframework.security.Authentication)1 GrantedAuthorityImpl (org.springframework.security.GrantedAuthorityImpl)1 FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)1 UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)1 UserDetails (org.springframework.security.userdetails.UserDetails)1 UsernameNotFoundException (org.springframework.security.userdetails.UsernameNotFoundException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial