use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.
the class PasswordComparisonAuthenticatorTests method testLdapCompareWithDifferentPasswordAttributeSucceeds.
@Test
public void testLdapCompareWithDifferentPasswordAttributeSucceeds() {
authenticator.setUserAttributes(new String[] { "uid" });
authenticator.setPasswordAttributeName("cn");
authenticator.authenticate(new UsernamePasswordAuthenticationToken("ben", "Ben Alex"));
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class TokenEndpointAuthenticationFilter method extractCredentials.
/**
* If the incoming request contains user credentials in headers or parameters then extract them here into an
* Authentication token that can be validated later. This implementation only recognises password grant requests and
* extracts the username and password.
*
* @param request the incoming request, possibly with user credentials
* @return an authentication for validation (or null if there is no further authentication)
*/
protected Authentication extractCredentials(HttpServletRequest request) {
String grantType = request.getParameter("grant_type");
if (grantType != null && grantType.equals("password")) {
UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(request.getParameter("username"), request.getParameter("password"));
result.setDetails(authenticationDetailsSource.buildDetails(request));
return result;
}
return null;
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class ResourceOwnerPasswordTokenGranter method getOAuth2Authentication.
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());
String username = parameters.get("username");
String password = parameters.get("password");
// Protect from downstream leaks of password
parameters.remove("password");
Authentication userAuth = new UsernamePasswordAuthenticationToken(username, password);
((AbstractAuthenticationToken) userAuth).setDetails(parameters);
try {
userAuth = authenticationManager.authenticate(userAuth);
} catch (AccountStatusException ase) {
//covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
throw new InvalidGrantException(ase.getMessage());
} catch (BadCredentialsException e) {
// If the username/password are wrong the spec says we should send 400/invalid grant
throw new InvalidGrantException(e.getMessage());
}
if (userAuth == null || !userAuth.isAuthenticated()) {
throw new InvalidGrantException("Could not authenticate user: " + username);
}
OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
return new OAuth2Authentication(storedOAuth2Request, userAuth);
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project opennms by OpenNMS.
the class RadiusAuthenticationProviderTest method testRetrieveUserChap.
@Test
@Ignore("Need to have a RADIUS server running on localhost")
public void testRetrieveUserChap() throws IOException {
RadiusAuthenticationProvider provider = new RadiusAuthenticationProvider(m_radiusServer, m_sharedSecret);
RadiusAuthenticator authTypeClass = new CHAPAuthenticator();
provider.setAuthTypeClass(authTypeClass);
provider.setRolesAttribute("Unknown-VSAttribute(5813:1)");
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(m_principal, m_credentials);
provider.retrieveUser(m_username, token);
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project opennms by OpenNMS.
the class RadiusAuthenticationProviderTest method testRetrieveUserPap.
@Test
@Ignore("Need to have a RADIUS server running on localhost")
public void testRetrieveUserPap() throws IOException {
RadiusAuthenticationProvider provider = new RadiusAuthenticationProvider(m_radiusServer, m_sharedSecret);
RadiusAuthenticator authTypeClass = new PAPAuthenticator();
provider.setAuthTypeClass(authTypeClass);
provider.setRolesAttribute("Unknown-VSAttribute(5813:1)");
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(m_principal, m_credentials);
provider.retrieveUser(m_username, token);
}
Aggregations