List of usage examples for org.springframework.security.authentication UsernamePasswordAuthenticationToken getCredentials
public Object getCredentials()
From source file:fr.mycellar.interfaces.web.security.MyCellarAuthenticationProvider.java
@Override protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { fr.mycellar.domain.user.User user = userServiceFacade.authenticateUser(userDetails.getUsername(), (String) authentication.getCredentials()); if (user == null) { throw new BadCredentialsException("Bad credentials for username '" + userDetails.getUsername() + "'."); }/* ww w . j a va 2 s.c o m*/ }
From source file:org.cloudfoundry.tools.security.CloudFoundryAuthenticationProvider.java
@Override protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { logger.debug("Attempting login of " + username + " via cloudfoundry"); Object credentials = authentication.getCredentials(); if (credentials == null) { logger.debug("Empty credentials provided for " + username); throw new BadCredentialsException("Bad credentials"); }//from ww w . ja v a2 s . co m List<String> activeUsers = cloudEnvironment().getUsers(); if (!activeUsers.contains(username)) { logger.debug("User " + username + " not found in active users " + activeUsers); throw new UsernameNotFoundException(username); } String token = login(username, credentials.toString()); logger.debug("User " + username + " logged in via cloudfoundry"); return new User(username, token, this.authorities); }
From source file:org.geonode.security.GeoNodeAuthenticationProvider.java
@Override public Authentication authenticate(Authentication authentication, HttpServletRequest request) throws AuthenticationException { this.client.setRequestUrl("http://" + request.getServerName() + "/"); if (authentication instanceof UsernamePasswordAuthenticationToken) { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication; String username = token.getName(); String password = (String) token.getCredentials(); // ignore this - let the other provider(s) handle things if (GeoServerUser.ROOT_USERNAME.equals(username) && GeoServerUser.DEFAULT_ADMIN_PASSWD.equals(username)) { return null; }/*from w w w . j av a 2 s. com*/ try { if (username == "" && password == null) { return client.authenticateAnonymous(); } else { // if an anonymous session cookie exists in the request but // the user is logging in via the admin or other form mechanism, // it's possible that the GeoNodeCookieProcessingFilter will // 'overwrite' the credentials... it will check for this Authentication auth = client.authenticateUserPwd(username, password); if (auth.isAuthenticated()) { SecurityContextHolder.getContext().setAuthentication(auth); } return auth; } } catch (IOException e) { throw new AuthenticationServiceException( "Communication with GeoNode failed (UsernamePasswordAuthenticationToken)", e); } } else if (authentication instanceof GeoNodeSessionAuthToken) { try { return client.authenticateCookie((String) authentication.getCredentials()); } catch (IOException e) { throw new AuthenticationServiceException( "Communication with GeoNode failed (GeoNodeSessionAuthToken)", e); } } else if (authentication instanceof AnonymousGeoNodeAuthenticationToken) { try { return client.authenticateAnonymous(); } catch (IOException e) { throw new AuthenticationServiceException( "Communication with GeoNode failed (AnonymousGeoNodeAuthenticationToken)", e); } } else { throw new IllegalArgumentException( "GeoNodeAuthenticationProvider accepts only UsernamePasswordAuthenticationToken and GeoNodeSessionAuthToken; received " + authentication); } }
From source file:org.verinice.rest.security.VeriniceAuthenticationProvider.java
@Override protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { if (authentication.getCredentials() == null) { LOG.debug("Authentication failed: no credentials provided"); throw new BadCredentialsException(messages .getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials")); }// w ww.jav a 2 s . c o m boolean rightPassword = checkPassword(userDetails, authentication); if (!rightPassword) { LOG.debug("Authentication failed: password does not match stored value"); throw new BadCredentialsException(messages .getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials")); } }
From source file:com.rockagen.gnext.service.spring.security.extension.ExAuthenticationProvider.java
@Override protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { UserDetails loadedUser;/*from www .j a v a 2 s . co m*/ try { loadedUser = loadUser(username, authentication.getCredentials().toString()); } catch (Exception repositoryProblem) { throw new InternalAuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem); } return loadedUser; }
From source file:org.duracloud.account.security.auth.AuthProviderTest.java
private boolean testIpAuthChecks(String remoteAddress) { AuthProvider authProvider = new AuthProvider(null, new ShaPasswordEncoder(256)); String username = "user"; String password = "pass"; String passwordHash = "d74ff0ee8da3b9806b18c877dbf29bbde50b5bd8e4dad7a3a725000feb82e8f1"; String ipLimits = "1.2.3.4/32;1.2.5.6/30"; DuracloudUser userDetails = EasyMock.createMock(DuracloudUser.class); WebAuthenticationDetails webAuthDetails = EasyMock.createMock(WebAuthenticationDetails.class); UsernamePasswordAuthenticationToken authToken = EasyMock .createMock(UsernamePasswordAuthenticationToken.class); // Calls which occur as part of the call to super.additionalAuthenticationChecks() EasyMock.expect(authToken.getCredentials()).andReturn(password).times(2); EasyMock.expect(userDetails.getPassword()).andReturn(passwordHash).times(1); // Direct calls expected EasyMock.expect(userDetails.getAllowableIPAddressRange()).andReturn(ipLimits).times(1); EasyMock.expect(userDetails.getUsername()).andReturn(username).times(1); EasyMock.expect(authToken.getDetails()).andReturn(webAuthDetails).times(1); EasyMock.expect(webAuthDetails.getRemoteAddress()).andReturn(remoteAddress).times(1); EasyMock.replay(userDetails, webAuthDetails, authToken); boolean authAllowed = true; try {/*w w w.j av a 2 s . c o m*/ authProvider.additionalAuthenticationChecks(userDetails, authToken); } catch (InsufficientAuthenticationException e) { authAllowed = false; } EasyMock.verify(userDetails, webAuthDetails, authToken); return authAllowed; }
From source file:com.amediamanager.service.UserServiceImpl.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication; String username = String.valueOf(auth.getPrincipal()); String password = String.valueOf(auth.getCredentials()); User user = find(username);// ww w .j a v a 2s .c o m if (null == user || (!BCrypt.checkpw(password, user.getPassword()))) { throw new BadCredentialsException("Invalid username or password"); } List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>(); grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER")); // Create new auth token auth = new UsernamePasswordAuthenticationToken(username, null, grantedAuths); auth.setDetails(user); return auth; }
From source file:com.corporate.transport.authentication.FacebookAuthenticationProvider.java
public Authentication authenticate(Authentication authentication) { System.out.println("FacebookAuthenticationProvider.authenticate()"); UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication; String username = auth.getName(); String password = (String) auth.getCredentials(); //TEST //from w w w. jav a 2 s. c o m try { System.out.println("GOING FOR VALIDATION"); LDAPAuthentication ldap = new LDAPAuthentication(); if (ldap.authenticate(username, password)) { List<GrantedAuthority> grantedAuthoritiesList = new ArrayList<GrantedAuthority>(); if (username != null && (username.equals("patel286@avaya.com"))) { grantedAuthoritiesList.add(new GrantedAuthorityImpl("ROLE_ADMIN")); } else { grantedAuthoritiesList.add(new GrantedAuthorityImpl("ROLE_USER")); } return new UsernamePasswordAuthenticationToken(username, null, grantedAuthoritiesList); } } catch (Exception e) { if (e instanceof AuthenticationException) { throw new BadCredentialsException("Incorrect Email Id or Password - Jayesh"); } //TODO [SM] Add logging for specific exception else if (e instanceof CommunicationException) { throw new LDAPConnectivityException("There is some error connecting with LDAP"); } else if (e instanceof NamingException) { throw new LDAPConnectivityException("There is some error connecting with LDAP"); } else { throw new LDAPConnectivityException("There is some error connecting with LDAP"); } } //PRODUCTION /* try{ System.out.println("GOING FOR VALIDATION"); com.corporate.ldap.Authentication ldap = new com.corporate.ldap.Authentication(); status = ldap.authenticate(username, password); System.out.println("GOING FOR VALIDATION STATUS:"+status); if(status==1){ List<GrantedAuthority> grantedAuthoritiesList = new ArrayList<GrantedAuthority>(); if(username!=null && username.equals("jayesh.patel")){ grantedAuthoritiesList.add(new GrantedAuthorityImpl("ROLE_ADMIN")); }else{ grantedAuthoritiesList.add(new GrantedAuthorityImpl("ROLE_USER")); } return new UsernamePasswordAuthenticationToken(username, null, grantedAuthoritiesList); }else if(status==0){ throw new BadCredentialsException("Incorrect Email Id or Password."); }else if(status==2){ throw new LDAPConnectivityException("There is some error connecting with LDAP"); } }catch (Exception e) { e.printStackTrace(); }*/ return null; }
From source file:org.apache.cxf.fediz.service.idp.STSUPAuthenticationProvider.java
private Authentication handleUsernamePassword(UsernamePasswordAuthenticationToken usernamePasswordToken, IdpSTSClient sts) {//from w ww.j a va 2s . c om sts.getProperties().put(SecurityConstants.USERNAME, usernamePasswordToken.getName()); sts.getProperties().put(SecurityConstants.PASSWORD, (String) usernamePasswordToken.getCredentials()); try { // Line below may be uncommented for debugging // setTimeout(sts.getClient(), 3600000L); SecurityToken token = sts.requestSecurityToken(this.appliesTo); List<GrantedAuthority> authorities = createAuthorities(token); UsernamePasswordAuthenticationToken upat = new UsernamePasswordAuthenticationToken( usernamePasswordToken.getName(), usernamePasswordToken.getCredentials(), authorities); STSUserDetails details = new STSUserDetails(usernamePasswordToken.getName(), (String) usernamePasswordToken.getCredentials(), authorities, token); upat.setDetails(details); LOG.debug("[IDP_TOKEN={}] provided for user '{}'", token.getId(), usernamePasswordToken.getName()); return upat; } catch (Exception ex) { LOG.info("Failed to authenticate user '" + usernamePasswordToken.getName() + "'", ex); return null; } }
From source file:com.telefonica.euro_iaas.paasmanager.rest.auth.OpenStackAuthenticationProvider.java
@Override protected final UserDetails retrieveUser(final String username, final UsernamePasswordAuthenticationToken authentication) { if (null != authentication.getCredentials()) { String tenantId = authentication.getCredentials().toString(); PaasManagerUser paasManagerUser = authenticationFiware(username, tenantId); UserDetails userDetails = new User(paasManagerUser.getUserName(), paasManagerUser.getToken(), new HashSet<GrantedAuthority>()); return userDetails; } else {/*from ww w.j a v a2 s . c o m*/ String str = "Missing tenantId header"; log.info(str); throw new BadCredentialsException(str); } }