Search in sources :

Example 1 with AuthenticationCredentialsNotFoundException

use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-boot by spring-projects.

the class AuthorizationAuditListenerTests method testAuthenticationCredentialsNotFound.

@Test
public void testAuthenticationCredentialsNotFound() {
    AuditApplicationEvent event = handleAuthorizationEvent(new AuthenticationCredentialsNotFoundEvent(this, Collections.<ConfigAttribute>singletonList(new SecurityConfig("USER")), new AuthenticationCredentialsNotFoundException("Bad user")));
    assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.AUTHENTICATION_FAILURE);
}
Also used : AuthenticationCredentialsNotFoundEvent(org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent) AuthenticationCredentialsNotFoundException(org.springframework.security.authentication.AuthenticationCredentialsNotFoundException) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) AuditApplicationEvent(org.springframework.boot.actuate.audit.listener.AuditApplicationEvent) Test(org.junit.Test)

Example 2 with AuthenticationCredentialsNotFoundException

use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.

the class MethodSecurityInterceptorWithAopConfigTests method securityInterceptorIsAppliedWhenUsedWithAopConfig.

@Test(expected = AuthenticationCredentialsNotFoundException.class)
public void securityInterceptorIsAppliedWhenUsedWithAopConfig() {
    setContext("<aop:config>" + "     <aop:pointcut id='targetMethods' expression='execution(* org.springframework.security.TargetObject.*(..))'/>" + "     <aop:advisor advice-ref='securityInterceptor' pointcut-ref='targetMethods' />" + "</aop:config>" + TARGET_BEAN_AND_INTERCEPTOR + AUTH_PROVIDER_XML + ACCESS_MANAGER_XML);
    ITargetObject target = (ITargetObject) appContext.getBean("target");
    // Check both against interface and class
    try {
        target.makeLowerCase("TEST");
        fail("AuthenticationCredentialsNotFoundException expected");
    } catch (AuthenticationCredentialsNotFoundException expected) {
    }
    target.makeUpperCase("test");
}
Also used : ITargetObject(org.springframework.security.ITargetObject) AuthenticationCredentialsNotFoundException(org.springframework.security.authentication.AuthenticationCredentialsNotFoundException) Test(org.junit.Test)

Example 3 with AuthenticationCredentialsNotFoundException

use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.

the class MethodSecurityInterceptorWithAopConfigTests method securityInterceptorIsAppliedWhenUsedWithBeanNameAutoProxyCreator.

@Test(expected = AuthenticationCredentialsNotFoundException.class)
public void securityInterceptorIsAppliedWhenUsedWithBeanNameAutoProxyCreator() {
    setContext("<b:bean id='autoProxyCreator' class='org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator'>" + "   <b:property name='interceptorNames'>" + "       <b:list>" + "          <b:value>securityInterceptor</b:value>" + "       </b:list>" + "   </b:property>" + "   <b:property name='beanNames'>" + "       <b:list>" + "          <b:value>target</b:value>" + "       </b:list>" + "   </b:property>" + "   <b:property name='proxyTargetClass' value='false'/>" + "</b:bean>" + TARGET_BEAN_AND_INTERCEPTOR + AUTH_PROVIDER_XML + ACCESS_MANAGER_XML);
    ITargetObject target = (ITargetObject) appContext.getBean("target");
    try {
        target.makeLowerCase("TEST");
        fail("AuthenticationCredentialsNotFoundException expected");
    } catch (AuthenticationCredentialsNotFoundException expected) {
    }
    target.makeUpperCase("test");
}
Also used : ITargetObject(org.springframework.security.ITargetObject) AuthenticationCredentialsNotFoundException(org.springframework.security.authentication.AuthenticationCredentialsNotFoundException) Test(org.junit.Test)

Example 4 with AuthenticationCredentialsNotFoundException

use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.

the class SecuredAnnotationDrivenBeanDefinitionParserTests method targetIsSerializableAfterUse.

@Test(expected = AccessDeniedException.class)
public void targetIsSerializableAfterUse() throws Exception {
    try {
        target.someAdminMethod();
    } catch (AuthenticationCredentialsNotFoundException expected) {
    }
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("u", "p", "ROLE_A"));
    BusinessService chompedTarget = (BusinessService) serializeAndDeserialize(target);
    chompedTarget.someAdminMethod();
}
Also used : BusinessService(org.springframework.security.access.annotation.BusinessService) AuthenticationCredentialsNotFoundException(org.springframework.security.authentication.AuthenticationCredentialsNotFoundException) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 5 with AuthenticationCredentialsNotFoundException

use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.

the class SwitchUserFilter method attemptExitUser.

/**
	 * Attempt to exit from an already switched user.
	 *
	 * @param request The http servlet request
	 *
	 * @return The original <code>Authentication</code> object or <code>null</code>
	 * otherwise.
	 *
	 * @throws AuthenticationCredentialsNotFoundException If no
	 * <code>Authentication</code> associated with this request.
	 */
protected Authentication attemptExitUser(HttpServletRequest request) throws AuthenticationCredentialsNotFoundException {
    // need to check to see if the current user has a SwitchUserGrantedAuthority
    Authentication current = SecurityContextHolder.getContext().getAuthentication();
    if (null == current) {
        throw new AuthenticationCredentialsNotFoundException(this.messages.getMessage("SwitchUserFilter.noCurrentUser", "No current user associated with this request"));
    }
    // check to see if the current user did actual switch to another user
    // if so, get the original source user so we can switch back
    Authentication original = getSourceAuthentication(current);
    if (original == null) {
        this.logger.debug("Could not find original user Authentication object!");
        throw new AuthenticationCredentialsNotFoundException(this.messages.getMessage("SwitchUserFilter.noOriginalAuthentication", "Could not find original Authentication object"));
    }
    // get the source user details
    UserDetails originalUser = null;
    Object obj = original.getPrincipal();
    if ((obj != null) && obj instanceof UserDetails) {
        originalUser = (UserDetails) obj;
    }
    // publish event
    if (this.eventPublisher != null) {
        this.eventPublisher.publishEvent(new AuthenticationSwitchUserEvent(current, originalUser));
    }
    return original;
}
Also used : AuthenticationCredentialsNotFoundException(org.springframework.security.authentication.AuthenticationCredentialsNotFoundException) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication)

Aggregations

AuthenticationCredentialsNotFoundException (org.springframework.security.authentication.AuthenticationCredentialsNotFoundException)12 Test (org.junit.Test)6 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)3 ITargetObject (org.springframework.security.ITargetObject)2 AuthenticationCredentialsNotFoundEvent (org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent)2 CredentialsExpiredException (org.springframework.security.authentication.CredentialsExpiredException)2 Authentication (org.springframework.security.core.Authentication)2 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)1 ConnectionEnvironment (com.evolveum.midpoint.security.api.ConnectionEnvironment)1 MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)1 Task (com.evolveum.midpoint.task.api.Task)1 CommunicationException (com.evolveum.midpoint.util.exception.CommunicationException)1 ConfigurationException (com.evolveum.midpoint.util.exception.ConfigurationException)1 ExpressionEvaluationException (com.evolveum.midpoint.util.exception.ExpressionEvaluationException)1 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)1 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)1 SecurityViolationException (com.evolveum.midpoint.util.exception.SecurityViolationException)1 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)1 IOException (java.io.IOException)1 ArrayList (java.util.ArrayList)1