Example 41 with AuthenticationException
use of org.springframework.security.core.AuthenticationException in project motech by motech.
the class MotechLoginErrorHandlerTest method shouldBlockUser.
@Test
public void shouldBlockUser() throws ServletException, IOException {
AuthenticationException exception = new BadCredentialsException("Wrong Password");
exception.setAuthentication(authentication);
MotechUser user = createUser(UserStatus.ACTIVE, 3);
when(authentication.getName()).thenReturn("testUser");
when(motechUsersDao.findByUserName("testUser")).thenReturn(user);
when(settingService.getFailureLoginLimit()).thenReturn(3);
motechLoginErrorHandler.onAuthenticationFailure(request, response, exception);
verify(response).sendRedirect(LOGIN_BLOCKED);
verify(motechUsersDao).update(userCaptor.capture());
MotechUser capturedUser = userCaptor.getValue();
assertEquals((Integer) 0, capturedUser.getFailureLoginCounter());
assertEquals(UserStatus.BLOCKED, capturedUser.getUserStatus());
}
Also used :
MotechUser(org.motechproject.security.domain.MotechUser)
AuthenticationException(org.springframework.security.core.AuthenticationException)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Test(org.junit.Test)
Example 42 with AuthenticationException
use of org.springframework.security.core.AuthenticationException in project motech by motech.
the class MotechLoginErrorHandlerTest method shouldReturnJSON.
@Test
public void shouldReturnJSON() throws ServletException, IOException {
AuthenticationException exception = new BadCredentialsException("Wrong Password");
exception.setAuthentication(authentication);
MockHttpServletRequest mockRequest = new MockHttpServletRequest();
mockRequest.addHeader("x-requested-with", "XMLHttpRequest");
MockHttpServletResponse mockResponse = new MockHttpServletResponse();
motechLoginErrorHandler.onAuthenticationFailure(mockRequest, mockResponse, exception);
MotechJsonMessage messageObject = new MotechJsonMessage("security.wrongPassword");
assertEquals(messageObject.toJson(), mockResponse.getContentAsString());
}
Also used :
MotechJsonMessage(org.motechproject.commons.api.json.MotechJsonMessage)
AuthenticationException(org.springframework.security.core.AuthenticationException)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Example 43 with AuthenticationException
use of org.springframework.security.core.AuthenticationException in project irida by phac-nml.
the class CredentialsExpiredAuthenticationFailureHandlerTest method testOnAuthenticationFailure.
@Test
public void testOnAuthenticationFailure() throws IOException, ServletException {
String username = "tom";
User user = new User();
PasswordReset reset = new PasswordReset(user);
String expectedRedirect = "/password_reset/" + reset.getId() + "?expired=true";
AuthenticationException exception = new CredentialsExpiredException("Credentials expired");
HttpServletRequest request = mock(HttpServletRequest.class);
HttpServletResponse response = mock(HttpServletResponse.class);
when(request.getParameter("username")).thenReturn(username);
when(request.getContextPath()).thenReturn("");
when(userService.getUserByUsername(username)).thenReturn(user);
when(resetService.create(any(PasswordReset.class))).thenReturn(reset);
handler.onAuthenticationFailure(request, response, exception);
verify(request).getParameter("username");
verify(userService).getUserByUsername(username);
verify(resetService).create(any(PasswordReset.class));
ArgumentCaptor<String> redirectCaptor = ArgumentCaptor.forClass(String.class);
verify(response).sendRedirect(redirectCaptor.capture());
String redirect = redirectCaptor.getValue();
assertEquals(expectedRedirect, redirect);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
User(ca.corefacility.bioinformatics.irida.model.user.User)
CredentialsExpiredException(org.springframework.security.authentication.CredentialsExpiredException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
PasswordReset(ca.corefacility.bioinformatics.irida.model.user.PasswordReset)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Test(org.junit.Test)
Example 44 with AuthenticationException
use of org.springframework.security.core.AuthenticationException in project irida by phac-nml.
the class CredentialsExpiredAuthenticationFailureHandlerTest method testOnAuthenticationFailureWithOtherException.
@Test
public void testOnAuthenticationFailureWithOtherException() throws IOException, ServletException {
HttpServletRequest request = mock(HttpServletRequest.class);
HttpServletResponse response = mock(HttpServletResponse.class);
AuthenticationException exception = new DisabledException("disabled");
handler.onAuthenticationFailure(request, response, exception);
verifyZeroInteractions(userService);
verifyZeroInteractions(resetService);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
AuthenticationException(org.springframework.security.core.AuthenticationException)
DisabledException(org.springframework.security.authentication.DisabledException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Test(org.junit.Test)
Example 45 with AuthenticationException
use of org.springframework.security.core.AuthenticationException in project dubion by valsamiq.
the class CustomSignInAdapter method signIn.
@Override
public String signIn(String userId, Connection<?> connection, NativeWebRequest request) {
try {
UserDetails user = userDetailsService.loadUserByUsername(userId);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
String jwt = tokenProvider.createToken(authenticationToken, false);
ServletWebRequest servletWebRequest = (ServletWebRequest) request;
servletWebRequest.getResponse().addCookie(getSocialAuthenticationCookie(jwt));
} catch (AuthenticationException ae) {
log.error("Social authentication error");
log.trace("Authentication exception trace: {}", ae);
}
return jHipsterProperties.getSocial().getRedirectAfterSignIn();
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
AuthenticationException(org.springframework.security.core.AuthenticationException)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
ServletWebRequest(org.springframework.web.context.request.ServletWebRequest)
Aggregations
AuthenticationException (org.springframework.security.core.AuthenticationException)152
Authentication (org.springframework.security.core.Authentication)79
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)42
HttpServletRequest (javax.servlet.http.HttpServletRequest)26
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)24
HttpServletResponse (javax.servlet.http.HttpServletResponse)23
Test (org.junit.Test)20
Test (org.junit.jupiter.api.Test)19
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)14
IOException (java.io.IOException)13
ServletException (javax.servlet.ServletException)12
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)10
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)9
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)9
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)8
GrantedAuthority (org.springframework.security.core.GrantedAuthority)8
Map (java.util.Map)7
UserDetails (org.springframework.security.core.userdetails.UserDetails)7
MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)6
HashMap (java.util.HashMap)6
