Examples with BadCredentialsException org.springframework.security.authentication.BadCredentialsException used on opensource projects

Search in sources :

Example 61 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class AbstractPreAuthenticatedProcessingFilterTests method getFilter.

private static ConcretePreAuthenticatedProcessingFilter getFilter(boolean grantAccess) {
    ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
    AuthenticationManager am = mock(AuthenticationManager.class);
    if (!grantAccess) {
        given(am.authenticate(any(Authentication.class))).willThrow(new BadCredentialsException(""));
    } else {
        given(am.authenticate(any(Authentication.class))).willAnswer((Answer<Authentication>) (invocation) -> (Authentication) invocation.getArguments()[0]);
    }
    filter.setAuthenticationManager(am);
    filter.afterPropertiesSet();
    return filter;
}
Also used : AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) User(org.springframework.security.core.userdetails.User) ServletException(jakarta.servlet.ServletException) WebAttributes(org.springframework.security.web.WebAttributes) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Mockito.verifyZeroInteractions(org.mockito.Mockito.verifyZeroInteractions) Answer(org.mockito.stubbing.Answer) BDDMockito.given(org.mockito.BDDMockito.given) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) ForwardAuthenticationSuccessHandler(org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler) FilterChain(jakarta.servlet.FilterChain) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) AfterEach(org.junit.jupiter.api.AfterEach) ForwardAuthenticationFailureHandler(org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Authentication(org.springframework.security.core.Authentication) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Mockito.mock(org.mockito.Mockito.mock) Authentication(org.springframework.security.core.Authentication) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)

Example 62 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class AbstractPreAuthenticatedProcessingFilterTests method exceptionIsThrownOnFailedAuthenticationIfContinueFilterChainOnUnsuccessfulAuthenticationSetToFalse.

/* SEC-881 */
@Test
public void exceptionIsThrownOnFailedAuthenticationIfContinueFilterChainOnUnsuccessfulAuthenticationSetToFalse() throws Exception {
    AuthenticationManager am = mock(AuthenticationManager.class);
    given(am.authenticate(any(Authentication.class))).willThrow(new BadCredentialsException(""));
    this.filter.setContinueFilterChainOnUnsuccessfulAuthentication(false);
    this.filter.setAuthenticationManager(am);
    this.filter.afterPropertiesSet();
    assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), mock(FilterChain.class)));
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
}
Also used : AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 63 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class ExceptionMappingAuthenticationFailureHandlerTests method defaultTargetUrlIsUsedIfNoMappingExists.

@Test
public void defaultTargetUrlIsUsedIfNoMappingExists() throws Exception {
    ExceptionMappingAuthenticationFailureHandler fh = new ExceptionMappingAuthenticationFailureHandler();
    fh.setDefaultFailureUrl("/failed");
    MockHttpServletResponse response = new MockHttpServletResponse();
    fh.onAuthenticationFailure(new MockHttpServletRequest(), response, new BadCredentialsException(""));
    assertThat(response.getRedirectedUrl()).isEqualTo("/failed");
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 64 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class AuthenticationFilterTests method filterWhenDefaultsAndAuthenticationFailThenUnauthorized.

@Test
public void filterWhenDefaultsAndAuthenticationFailThenUnauthorized() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("test", "this", "ROLE");
    given(this.authenticationConverter.convert(any())).willReturn(authentication);
    given(this.authenticationManager.authenticate(any())).willThrow(new BadCredentialsException("failed"));
    AuthenticationFilter filter = new AuthenticationFilter(this.authenticationManager, this.authenticationConverter);
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/");
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain chain = mock(FilterChain.class);
    filter.doFilter(request, response, chain);
    assertThat(response.getStatus()).isEqualTo(HttpStatus.UNAUTHORIZED.value());
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
}
Also used : Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) FilterChain(jakarta.servlet.FilterChain) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 65 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security by spring-projects.

the class AuthenticationFilterTests method filterWhenAuthenticationManagerResolverDefaultsAndAuthenticationFailThenUnauthorized.

@Test
public void filterWhenAuthenticationManagerResolverDefaultsAndAuthenticationFailThenUnauthorized() throws Exception {
    givenResolveWillReturnAuthenticationManager();
    Authentication authentication = new TestingAuthenticationToken("test", "this", "ROLE");
    given(this.authenticationConverter.convert(any())).willReturn(authentication);
    given(this.authenticationManager.authenticate(any())).willThrow(new BadCredentialsException("failed"));
    AuthenticationFilter filter = new AuthenticationFilter(this.authenticationManagerResolver, this.authenticationConverter);
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/");
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain chain = mock(FilterChain.class);
    filter.doFilter(request, response, chain);
    assertThat(response.getStatus()).isEqualTo(HttpStatus.UNAUTHORIZED.value());
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
}
Also used : Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) FilterChain(jakarta.servlet.FilterChain) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)174 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)63 Authentication (org.springframework.security.core.Authentication)57 Test (org.junit.jupiter.api.Test)32 Test (org.junit.Test)26 AuthenticationException (org.springframework.security.core.AuthenticationException)24 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)22 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)21 UserDetails (org.springframework.security.core.userdetails.UserDetails)20 GrantedAuthority (org.springframework.security.core.GrantedAuthority)15 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)14 HttpServletRequest (javax.servlet.http.HttpServletRequest)13 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)13 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)12 FilterChain (jakarta.servlet.FilterChain)10 IOException (java.io.IOException)10 ArrayList (java.util.ArrayList)10 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)10 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)9 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial