Examples with AuthenticationServiceException org.springframework.security.authentication.AuthenticationServiceException used on opensource projects

Example 6 with AuthenticationServiceException

use of org.springframework.security.authentication.AuthenticationServiceException in project spring-security by spring-projects.

the class UsernamePasswordAuthenticationFilter method attemptAuthentication.

// ~ Methods
// ========================================================================================================
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
    if (postOnly && !request.getMethod().equals("POST")) {
        throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
    }
    String username = obtainUsername(request);
    String password = obtainPassword(request);
    if (username == null) {
        username = "";
    }
    if (password == null) {
        password = "";
    }
    username = username.trim();
    UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
    // Allow subclasses to set the "details" property
    setDetails(request, authRequest);
    return this.getAuthenticationManager().authenticate(authRequest);
}

Example 7 with AuthenticationServiceException

use of org.springframework.security.authentication.AuthenticationServiceException in project spring-security by spring-projects.

the class DaoAuthenticationProviderTests method testDetectsNullBeingReturnedFromAuthenticationDao.

@Test
public void testDetectsNullBeingReturnedFromAuthenticationDao() {
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "koala");
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setUserDetailsService(new MockAuthenticationDaoReturnsNull());
    try {
        provider.authenticate(token);
        fail("Should have thrown AuthenticationServiceException");
    } catch (AuthenticationServiceException expected) {
        assertThat("UserDetailsService returned null, which is an interface contract violation").isEqualTo(expected.getMessage());
    }
}

Example 8 with AuthenticationServiceException

use of org.springframework.security.authentication.AuthenticationServiceException in project midpoint by Evolveum.

the class AuthenticationEvaluatorImpl method getPassword.

private String getPassword(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, ProtectedStringType protectedString) {
    String decryptedPassword;
    if (protectedString.getEncryptedDataType() != null) {
        try {
            decryptedPassword = protector.decryptString(protectedString);
        } catch (EncryptionException e) {
            recordAuthenticationFailure(principal, connEnv, "error decrypting password: " + e.getMessage());
            throw new AuthenticationServiceException("web.security.provider.unavailable", e);
        }
    } else {
        LOGGER.warn("Authenticating user based on clear value. Please check objects, " + "this should not happen. Protected string should be encrypted.");
        decryptedPassword = protectedString.getClearValue();
    }
    return decryptedPassword;
}

Example 9 with AuthenticationServiceException

use of org.springframework.security.authentication.AuthenticationServiceException in project midpoint by Evolveum.

the class MidPointAuthenticationProvider method authenticate.

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    String enteredUsername = (String) authentication.getPrincipal();
    LOGGER.trace("Authenticating username '{}'", enteredUsername);
    ConnectionEnvironment connEnv = ConnectionEnvironment.create(SchemaConstants.CHANNEL_GUI_USER_URI);
    Authentication token;
    if (authentication instanceof UsernamePasswordAuthenticationToken) {
        String enteredPassword = (String) authentication.getCredentials();
        token = passwordAuthenticationEvaluator.authenticate(connEnv, new PasswordAuthenticationContext(enteredUsername, enteredPassword));
    } else if (authentication instanceof PreAuthenticatedAuthenticationToken) {
        token = passwordAuthenticationEvaluator.authenticateUserPreAuthenticated(connEnv, enteredUsername);
    } else {
        LOGGER.error("Unsupported authentication {}", authentication);
        throw new AuthenticationServiceException("web.security.provider.unavailable");
    }
    MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
    LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
    return token;
}

Example 10 with AuthenticationServiceException

use of org.springframework.security.authentication.AuthenticationServiceException in project opennms by OpenNMS.

the class HybridOpenNMSUserAuthenticationProvider method checkUserPassword.

protected void checkUserPassword(final String authUsername, final String authPassword, final SpringSecurityUser user) throws AuthenticationException {
    final String existingPassword = user.getPassword();
    boolean hasUser = false;
    try {
        hasUser = m_userManager.hasUser(user.getUsername());
    } catch (final Throwable e) {
        throw new AuthenticationServiceException("An error occurred while checking for " + authUsername + " in the UserManager", e);
    }
    if (hasUser) {
        if (!m_userManager.comparePasswords(authUsername, authPassword)) {
            LOG.warn("Password auth failed for user: " + authUsername);
            throw new BadCredentialsException("Bad credentials");
        }
    } else {
        if (!m_userManager.checkSaltedPassword(authPassword, existingPassword)) {
            LOG.warn("Salted password auth failed for user: " + authUsername);
            throw new BadCredentialsException("Bad credentials");
        }
    }
}