Example 6 with LockedException
use of org.springframework.security.authentication.LockedException in project zhcet-web by zhcet-amu.
the class CustomAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String userId = (String) authentication.getPrincipal();
CustomAuthenticationDetails details = (CustomAuthenticationDetails) authentication.getDetails();
String ip = details.getRemoteAddress();
boolean isBlocked = loginAttemptService.isBlocked(LoginAttemptService.getKey(ip, userId));
if (isBlocked) {
log.debug("User account is locked");
throw new LockedException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"));
}
Authentication authenticated = super.authenticate(authentication);
UserAuth userAuth = (UserAuth) authenticated.getPrincipal();
if (!userAuth.isUsing2fa())
return authenticated;
String code = details.getTotpCode();
String secret = userAuth.getTotpSecret();
if (secret == null || code == null) {
throw new BadCredentialsException("OTP was not provided");
} else if (!TwoFAService.isValidOtp(secret, code)) {
throw new BadCredentialsException("OTP was incorrect. Please try again");
}
return authenticated;
}
Also used :
LockedException(org.springframework.security.authentication.LockedException)
Authentication(org.springframework.security.core.Authentication)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Example 7 with LockedException
use of org.springframework.security.authentication.LockedException in project motech by motech.
the class ResetController method changePassword.
@RequestMapping(value = "/changepassword", method = RequestMethod.POST)
@ResponseBody
public ChangePasswordViewData changePassword(@RequestBody ChangePasswordForm form) {
ChangePasswordViewData viewData = new ChangePasswordViewData(form);
ChangePasswordFormValidator validator = new ChangePasswordFormValidator();
List<String> errors = validator.validate(form);
if (!errors.isEmpty()) {
viewData.setErrors(errors);
} else {
try {
MotechUserProfile profile = motechUserService.changeExpiredPassword(form.getUsername(), form.getOldPassword(), form.getPassword());
if (profile != null) {
viewData.setChangeSucceded(true);
} else {
viewData.getErrors().add("server.reset.wrongPassword");
}
} catch (PasswordValidatorException e) {
viewData.getErrors().add(e.getMessage());
} catch (LockedException e) {
viewData.setUserBlocked(true);
}
}
viewData.getChangePasswordForm().resetPasswordsAndUserName();
return viewData;
}
Also used :
ChangePasswordFormValidator(org.motechproject.server.web.validator.ChangePasswordFormValidator)
MotechUserProfile(org.motechproject.security.domain.MotechUserProfile)
LockedException(org.springframework.security.authentication.LockedException)
PasswordValidatorException(org.motechproject.security.exception.PasswordValidatorException)
ChangePasswordViewData(org.motechproject.server.web.dto.ChangePasswordViewData)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 8 with LockedException
use of org.springframework.security.authentication.LockedException in project spring-security by spring-projects.
the class JaasAuthenticationProviderTests method testLoginExceptionResolver.
@Test
public void testLoginExceptionResolver() {
assertThat(this.jaasProvider.getLoginExceptionResolver()).isNotNull();
this.jaasProvider.setLoginExceptionResolver((e) -> new LockedException("This is just a test!"));
try {
this.jaasProvider.authenticate(new UsernamePasswordAuthenticationToken("user", "password"));
} catch (LockedException ex) {
} catch (Exception ex) {
fail("LockedException should have been thrown and caught");
}
}
Also used :
LockedException(org.springframework.security.authentication.LockedException)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
LoginException(javax.security.auth.login.LoginException)
LockedException(org.springframework.security.authentication.LockedException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
Test(org.junit.jupiter.api.Test)
Example 9 with LockedException
use of org.springframework.security.authentication.LockedException in project spring-security by spring-projects.
the class LoggerListenerTests method testLogsEvents.
@Test
public void testLogsEvents() {
AuthenticationFailureDisabledEvent event = new AuthenticationFailureDisabledEvent(getAuthentication(), new LockedException("TEST"));
LoggerListener listener = new LoggerListener();
listener.onApplicationEvent(event);
}
Also used :
LockedException(org.springframework.security.authentication.LockedException)
Test(org.junit.jupiter.api.Test)
Example 10 with LockedException
use of org.springframework.security.authentication.LockedException in project midpoint by Evolveum.
the class AuthenticationEvaluatorImpl method getAndCheckUserPassword.
/**
* Special-purpose method used for Web Service authentication based on javax.security callbacks.
*
* In that case there is no reasonable way how to reuse existing methods. Therefore this method is NOT part of the
* AuthenticationEvaluator interface. It is mostly a glue to make the old Java security code work.
*/
public String getAndCheckUserPassword(ConnectionEnvironment connEnv, String username) throws AuthenticationCredentialsNotFoundException, DisabledException, LockedException, CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {
MidPointPrincipal principal = getAndCheckPrincipal(connEnv, username, FocusType.class, true);
FocusType focusType = principal.getFocus();
CredentialsType credentials = focusType.getCredentials();
if (credentials == null) {
recordAuthenticationBehavior(username, null, connEnv, "no credentials in user", FocusType.class, false);
throw new AuthenticationCredentialsNotFoundException("web.security.provider.invalid.credentials");
}
PasswordType passwordType = credentials.getPassword();
SecurityPolicyType securityPolicy = principal.getApplicableSecurityPolicy();
PasswordCredentialsPolicyType passwordCredentialsPolicy = SecurityUtil.getEffectivePasswordCredentialsPolicy(securityPolicy);
// Lockout
if (isLockedOut(passwordType, passwordCredentialsPolicy)) {
recordAuthenticationBehavior(username, null, connEnv, "password locked-out", FocusType.class, false);
throw new LockedException("web.security.provider.locked");
}
// Authorizations
if (hasNoneAuthorization(principal)) {
recordAuthenticationBehavior(username, null, connEnv, "no authorizations", FocusType.class, false);
throw new InternalAuthenticationServiceException("web.security.provider.access.denied");
}
// Password age
checkPasswordValidityAndAge(connEnv, principal, passwordType.getValue(), passwordType.getMetadata(), passwordCredentialsPolicy);
return getPassword(connEnv, principal, passwordType.getValue());
}
Also used :
AuthenticationCredentialsNotFoundException(org.springframework.security.authentication.AuthenticationCredentialsNotFoundException)
LockedException(org.springframework.security.authentication.LockedException)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)
Aggregations
LockedException (org.springframework.security.authentication.LockedException)12
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)6
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)6
Authentication (org.springframework.security.core.Authentication)4
AuthenticationException (org.springframework.security.core.AuthenticationException)3
MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)2
AccountLockedException (com.haulmont.cuba.security.global.AccountLockedException)2
LoginException (com.haulmont.cuba.security.global.LoginException)2
Locale (java.util.Locale)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
HttpSession (javax.servlet.http.HttpSession)2
Test (org.junit.Test)2
Test (org.junit.jupiter.api.Test)2
AuthenticationCredentialsNotFoundException (org.springframework.security.authentication.AuthenticationCredentialsNotFoundException)2
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)2
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)1
ConnectionEnvironment (com.evolveum.midpoint.security.api.ConnectionEnvironment)1
Task (com.evolveum.midpoint.task.api.Task)1
CommunicationException (com.evolveum.midpoint.util.exception.CommunicationException)1
ConfigurationException (com.evolveum.midpoint.util.exception.ConfigurationException)1
