Examples with AuthenticationException org.springframework.security.core.AuthenticationException used on opensource projects

Example 6 with AuthenticationException

use of org.springframework.security.core.AuthenticationException in project spring-security-oauth by spring-projects.

the class ResourceOwnerPasswordTokenGranterTests method testBadCredentials.

@Test(expected = InvalidGrantException.class)
public void testBadCredentials() {
    ResourceOwnerPasswordTokenGranter granter = new ResourceOwnerPasswordTokenGranter(new AuthenticationManager() {

        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            throw new BadCredentialsException("test");
        }
    }, providerTokenServices, clientDetailsService, requestFactory);
    granter.grant("password", tokenRequest);
}

Example 7 with AuthenticationException

use of org.springframework.security.core.AuthenticationException in project spring-security by spring-projects.

the class ExceptionTranslationFilter method doFilter.

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    try {
        chain.doFilter(request, response);
        logger.debug("Chain processed normally");
    } catch (IOException ex) {
        throw ex;
    } catch (Exception ex) {
        // Try to extract a SpringSecurityException from the stacktrace
        Throwable[] causeChain = throwableAnalyzer.determineCauseChain(ex);
        RuntimeException ase = (AuthenticationException) throwableAnalyzer.getFirstThrowableOfType(AuthenticationException.class, causeChain);
        if (ase == null) {
            ase = (AccessDeniedException) throwableAnalyzer.getFirstThrowableOfType(AccessDeniedException.class, causeChain);
        }
        if (ase != null) {
            handleSpringSecurityException(request, response, chain, ase);
        } else {
            // Rethrow ServletExceptions and RuntimeExceptions as-is
            if (ex instanceof ServletException) {
                throw (ServletException) ex;
            } else if (ex instanceof RuntimeException) {
                throw (RuntimeException) ex;
            }
            // as we've already covered all the possibilities for doFilter
            throw new RuntimeException(ex);
        }
    }
}

Example 8 with AuthenticationException

use of org.springframework.security.core.AuthenticationException in project spring-security by spring-projects.

the class SwitchUserFilter method doFilter.

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    // check for switch or exit request
    if (requiresSwitchUser(request)) {
        // if set, attempt switch and store original
        try {
            Authentication targetUser = attemptSwitchUser(request);
            // update the current context to the new target user
            SecurityContextHolder.getContext().setAuthentication(targetUser);
            // redirect to target url
            this.successHandler.onAuthenticationSuccess(request, response, targetUser);
        } catch (AuthenticationException e) {
            this.logger.debug("Switch User failed", e);
            this.failureHandler.onAuthenticationFailure(request, response, e);
        }
        return;
    } else if (requiresExitUser(request)) {
        // get the original authentication object (if exists)
        Authentication originalUser = attemptExitUser(request);
        // update the current context back to the original user
        SecurityContextHolder.getContext().setAuthentication(originalUser);
        // redirect to target url
        this.successHandler.onAuthenticationSuccess(request, response, originalUser);
        return;
    }
    chain.doFilter(request, response);
}

Example 9 with AuthenticationException

use of org.springframework.security.core.AuthenticationException in project spring-security by spring-projects.

the class JaasAuthenticationProviderTests method testBadUser.

@Test
public void testBadUser() {
    try {
        jaasProvider.authenticate(new UsernamePasswordAuthenticationToken("asdf", "password"));
        fail("LoginException should have been thrown for the bad user");
    } catch (AuthenticationException e) {
    }
    assertThat(eventCheck.failedEvent).as("Failure event not fired").isNotNull();
    assertThat(eventCheck.failedEvent.getException()).withFailMessage("Failure event exception was null").isNotNull();
    assertThat(eventCheck.successEvent).as("Success event was fired").isNull();
}

Example 10 with AuthenticationException

use of org.springframework.security.core.AuthenticationException in project spring-security by spring-projects.

the class JaasAuthenticationProviderTests method testBadPassword.

@Test
public void testBadPassword() {
    try {
        jaasProvider.authenticate(new UsernamePasswordAuthenticationToken("user", "asdf"));
        fail("LoginException should have been thrown for the bad password");
    } catch (AuthenticationException e) {
    }
    assertThat(eventCheck.failedEvent).as("Failure event not fired").isNotNull();
    assertThat(eventCheck.failedEvent.getException()).withFailMessage("Failure event exception was null").isNotNull();
    assertThat(eventCheck.successEvent).as("Success event was fired").isNull();
}