Search in sources :

Example 1 with InternalAuthenticationServiceException

use of org.springframework.security.authentication.InternalAuthenticationServiceException in project spring-security by spring-projects.

the class DaoAuthenticationProviderTests method testAuthenticateFailsWhenAuthenticationDaoHasBackendFailure.

@Test
public void testAuthenticateFailsWhenAuthenticationDaoHasBackendFailure() {
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "koala");
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setUserDetailsService(new MockAuthenticationDaoSimulateBackendError());
    provider.setUserCache(new MockUserCache());
    try {
        provider.authenticate(token);
        fail("Should have thrown InternalAuthenticationServiceException");
    } catch (InternalAuthenticationServiceException expected) {
    }
}
Also used : InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Test(org.junit.Test)

Example 2 with InternalAuthenticationServiceException

use of org.springframework.security.authentication.InternalAuthenticationServiceException in project spring-security by spring-projects.

the class AbstractAuthenticationProcessingFilterTests method loginErrorWithInternAuthenticationServiceExceptionLogsError.

/**
	 * SEC-1919
	 */
@Test
public void loginErrorWithInternAuthenticationServiceExceptionLogsError() throws Exception {
    MockHttpServletRequest request = createMockAuthenticationRequest();
    MockFilterChain chain = new MockFilterChain(true);
    MockHttpServletResponse response = new MockHttpServletResponse();
    Log logger = mock(Log.class);
    MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
    ReflectionTestUtils.setField(filter, "logger", logger);
    filter.exceptionToThrow = new InternalAuthenticationServiceException("Mock requested to do so");
    successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
    filter.setAuthenticationSuccessHandler(successHandler);
    filter.doFilter(request, response, chain);
    verify(logger).error(anyString(), eq(filter.exceptionToThrow));
    assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_UNAUTHORIZED);
}
Also used : Log(org.apache.commons.logging.Log) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 3 with InternalAuthenticationServiceException

use of org.springframework.security.authentication.InternalAuthenticationServiceException in project libresonic by Libresonic.

the class JWTRequestParameterProcessingFilter method doFilter.

@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) resp;
    if (!findToken(request).isPresent()) {
        chain.doFilter(req, resp);
        return;
    }
    if (logger.isDebugEnabled()) {
        logger.debug("Request is to process authentication");
    }
    Authentication authResult;
    try {
        authResult = attemptAuthentication(request, response);
        if (authResult == null) {
            // authentication
            return;
        }
    } catch (InternalAuthenticationServiceException failed) {
        logger.error("An internal error occurred while trying to authenticate the user.", failed);
        unsuccessfulAuthentication(request, response, failed);
        return;
    } catch (AuthenticationException failed) {
        // Authentication failed
        unsuccessfulAuthentication(request, response, failed);
        return;
    }
    if (logger.isDebugEnabled()) {
        logger.debug("Authentication success. Updating SecurityContextHolder to contain: " + authResult);
    }
    SecurityContextHolder.getContext().setAuthentication(authResult);
    chain.doFilter(request, response);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationException(org.springframework.security.core.AuthenticationException) Authentication(org.springframework.security.core.Authentication) HttpServletResponse(javax.servlet.http.HttpServletResponse) InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)

Example 4 with InternalAuthenticationServiceException

use of org.springframework.security.authentication.InternalAuthenticationServiceException in project spring-security by spring-projects.

the class LdapAuthenticationProviderTests method authenticateWithNamingException.

@Test
public void authenticateWithNamingException() {
    UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("ben", "benspassword");
    LdapAuthenticator mockAuthenticator = mock(LdapAuthenticator.class);
    CommunicationException expectedCause = new CommunicationException(new javax.naming.CommunicationException());
    when(mockAuthenticator.authenticate(authRequest)).thenThrow(expectedCause);
    LdapAuthenticationProvider ldapProvider = new LdapAuthenticationProvider(mockAuthenticator);
    try {
        ldapProvider.authenticate(authRequest);
        fail("Expected Exception");
    } catch (InternalAuthenticationServiceException success) {
        assertThat(success.getCause()).isSameAs(expectedCause);
    }
}
Also used : CommunicationException(org.springframework.ldap.CommunicationException) InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Test(org.junit.Test)

Example 5 with InternalAuthenticationServiceException

use of org.springframework.security.authentication.InternalAuthenticationServiceException in project spring-security by spring-projects.

the class AbstractAuthenticationProcessingFilter method doFilter.

/**
	 * Invokes the
	 * {@link #requiresAuthentication(HttpServletRequest, HttpServletResponse)
	 * requiresAuthentication} method to determine whether the request is for
	 * authentication and should be handled by this filter. If it is an authentication
	 * request, the
	 * {@link #attemptAuthentication(HttpServletRequest, HttpServletResponse)
	 * attemptAuthentication} will be invoked to perform the authentication. There are
	 * then three possible outcomes:
	 * <ol>
	 * <li>An <tt>Authentication</tt> object is returned. The configured
	 * {@link SessionAuthenticationStrategy} will be invoked (to handle any
	 * session-related behaviour such as creating a new session to protect against
	 * session-fixation attacks) followed by the invocation of
	 * {@link #successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication)}
	 * method</li>
	 * <li>An <tt>AuthenticationException</tt> occurs during authentication. The
	 * {@link #unsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException)
	 * unsuccessfulAuthentication} method will be invoked</li>
	 * <li>Null is returned, indicating that the authentication process is incomplete. The
	 * method will then return immediately, assuming that the subclass has done any
	 * necessary work (such as redirects) to continue the authentication process. The
	 * assumption is that a later request will be received by this method where the
	 * returned <tt>Authentication</tt> object is not null.
	 * </ol>
	 */
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    if (!requiresAuthentication(request, response)) {
        chain.doFilter(request, response);
        return;
    }
    if (logger.isDebugEnabled()) {
        logger.debug("Request is to process authentication");
    }
    Authentication authResult;
    try {
        authResult = attemptAuthentication(request, response);
        if (authResult == null) {
            // authentication
            return;
        }
        sessionStrategy.onAuthentication(authResult, request, response);
    } catch (InternalAuthenticationServiceException failed) {
        logger.error("An internal error occurred while trying to authenticate the user.", failed);
        unsuccessfulAuthentication(request, response, failed);
        return;
    } catch (AuthenticationException failed) {
        // Authentication failed
        unsuccessfulAuthentication(request, response, failed);
        return;
    }
    // Authentication success
    if (continueChainBeforeSuccessfulAuthentication) {
        chain.doFilter(request, response);
    }
    successfulAuthentication(request, response, chain, authResult);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationException(org.springframework.security.core.AuthenticationException) Authentication(org.springframework.security.core.Authentication) HttpServletResponse(javax.servlet.http.HttpServletResponse) InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)

Aggregations

InternalAuthenticationServiceException (org.springframework.security.authentication.InternalAuthenticationServiceException)5 Test (org.junit.Test)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)2 Authentication (org.springframework.security.core.Authentication)2 AuthenticationException (org.springframework.security.core.AuthenticationException)2 Log (org.apache.commons.logging.Log)1 CommunicationException (org.springframework.ldap.CommunicationException)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1