use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-boot by spring-projects.
the class AuthorizationAuditListenerTests method testAuthenticationCredentialsNotFound.
@Test
public void testAuthenticationCredentialsNotFound() {
AuditApplicationEvent event = handleAuthorizationEvent(new AuthenticationCredentialsNotFoundEvent(this, Collections.<ConfigAttribute>singletonList(new SecurityConfig("USER")), new AuthenticationCredentialsNotFoundException("Bad user")));
assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.AUTHENTICATION_FAILURE);
}
use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.
the class MethodSecurityInterceptorWithAopConfigTests method securityInterceptorIsAppliedWhenUsedWithAopConfig.
@Test(expected = AuthenticationCredentialsNotFoundException.class)
public void securityInterceptorIsAppliedWhenUsedWithAopConfig() {
setContext("<aop:config>" + " <aop:pointcut id='targetMethods' expression='execution(* org.springframework.security.TargetObject.*(..))'/>" + " <aop:advisor advice-ref='securityInterceptor' pointcut-ref='targetMethods' />" + "</aop:config>" + TARGET_BEAN_AND_INTERCEPTOR + AUTH_PROVIDER_XML + ACCESS_MANAGER_XML);
ITargetObject target = (ITargetObject) appContext.getBean("target");
// Check both against interface and class
try {
target.makeLowerCase("TEST");
fail("AuthenticationCredentialsNotFoundException expected");
} catch (AuthenticationCredentialsNotFoundException expected) {
}
target.makeUpperCase("test");
}
use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.
the class MethodSecurityInterceptorWithAopConfigTests method securityInterceptorIsAppliedWhenUsedWithBeanNameAutoProxyCreator.
@Test(expected = AuthenticationCredentialsNotFoundException.class)
public void securityInterceptorIsAppliedWhenUsedWithBeanNameAutoProxyCreator() {
setContext("<b:bean id='autoProxyCreator' class='org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator'>" + " <b:property name='interceptorNames'>" + " <b:list>" + " <b:value>securityInterceptor</b:value>" + " </b:list>" + " </b:property>" + " <b:property name='beanNames'>" + " <b:list>" + " <b:value>target</b:value>" + " </b:list>" + " </b:property>" + " <b:property name='proxyTargetClass' value='false'/>" + "</b:bean>" + TARGET_BEAN_AND_INTERCEPTOR + AUTH_PROVIDER_XML + ACCESS_MANAGER_XML);
ITargetObject target = (ITargetObject) appContext.getBean("target");
try {
target.makeLowerCase("TEST");
fail("AuthenticationCredentialsNotFoundException expected");
} catch (AuthenticationCredentialsNotFoundException expected) {
}
target.makeUpperCase("test");
}
use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.
the class SecuredAnnotationDrivenBeanDefinitionParserTests method targetIsSerializableAfterUse.
@Test(expected = AccessDeniedException.class)
public void targetIsSerializableAfterUse() throws Exception {
try {
target.someAdminMethod();
} catch (AuthenticationCredentialsNotFoundException expected) {
}
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("u", "p", "ROLE_A"));
BusinessService chompedTarget = (BusinessService) serializeAndDeserialize(target);
chompedTarget.someAdminMethod();
}
use of org.springframework.security.authentication.AuthenticationCredentialsNotFoundException in project spring-security by spring-projects.
the class SwitchUserFilter method attemptExitUser.
/**
* Attempt to exit from an already switched user.
*
* @param request The http servlet request
*
* @return The original <code>Authentication</code> object or <code>null</code>
* otherwise.
*
* @throws AuthenticationCredentialsNotFoundException If no
* <code>Authentication</code> associated with this request.
*/
protected Authentication attemptExitUser(HttpServletRequest request) throws AuthenticationCredentialsNotFoundException {
// need to check to see if the current user has a SwitchUserGrantedAuthority
Authentication current = SecurityContextHolder.getContext().getAuthentication();
if (null == current) {
throw new AuthenticationCredentialsNotFoundException(this.messages.getMessage("SwitchUserFilter.noCurrentUser", "No current user associated with this request"));
}
// check to see if the current user did actual switch to another user
// if so, get the original source user so we can switch back
Authentication original = getSourceAuthentication(current);
if (original == null) {
this.logger.debug("Could not find original user Authentication object!");
throw new AuthenticationCredentialsNotFoundException(this.messages.getMessage("SwitchUserFilter.noOriginalAuthentication", "Could not find original Authentication object"));
}
// get the source user details
UserDetails originalUser = null;
Object obj = original.getPrincipal();
if ((obj != null) && obj instanceof UserDetails) {
originalUser = (UserDetails) obj;
}
// publish event
if (this.eventPublisher != null) {
this.eventPublisher.publishEvent(new AuthenticationSwitchUserEvent(current, originalUser));
}
return original;
}
Aggregations