List of usage examples for org.springframework.security.authentication UsernamePasswordAuthenticationToken getCredentials
public Object getCredentials()
From source file:com.yuchengtech.mobile.console.service.security.DaoAuthenticationProvider.java
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { Object salt = null;//from w ww .j a v a 2s . com if (this.saltSource != null) { salt = this.saltSource.getSalt(userDetails); } if (authentication.getCredentials() == null) { throw new BadCredentialsException(messages .getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), includeDetailsObject ? userDetails : null); } String presentedPassword = authentication.getCredentials().toString(); // if (!isBobEmpNo(userDetails.getUsername())) { if (!passwordEncoder.isPasswordValid(userDetails.getPassword(), presentedPassword, salt)) { throw new BadCredentialsException(messages .getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), includeDetailsObject ? userDetails : null); } // } }
From source file:com.tasktop.c2c.server.common.service.http.MultiUserClientHttpRequestFactory.java
protected void setCredentials(HttpClient httpClient, Authentication authentication) { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication; String username = token.getName(); String password = token.getCredentials() == null ? "" : token.getCredentials().toString(); // FIXME: review, should probably not be AuthScope.ANY Credentials credentials = new UsernamePasswordCredentials(username, password); Object auth = httpClient.getParams().getParameter(PARAM_AUTH_KEY); if (auth == null || !auth.equals(credentials)) { clearAuthState(httpClient);/*from w w w . jav a 2s . c o m*/ httpClient.getParams().setParameter(PARAM_AUTH_KEY, credentials); httpClient.getState().setCredentials(AuthScope.ANY, credentials); } // this seems to be necessary for correct operation. // it seems that with keepalives a response to an auth challenge is issued // without first reading the whole response, making the 2nd request read the wrong // data for the HTTP status line. httpClient.getParams().setAuthenticationPreemptive(authenticationPreemptive); if (cookiePolicy != null) { httpClient.getParams().setCookiePolicy(cookiePolicy); } }
From source file:com.telefonica.euro_iaas.sdc.puppetwrapper.auth.OpenStackAuthenticationProviderTest.java
@Test public void retrieveUserTest_systemFasttrack() throws AuthenticationConnectionException { String adminToken = "fa63ea912a2a579c2542dbb90951d500"; OpenStackAuthenticationProvider openStackAuthenticationProvider = new OpenStackAuthenticationProvider(); openStackAuthenticationProvider.setAdminPass("admin"); openStackAuthenticationProvider.setAdminTenant("00000000000000000000000000000001"); openStackAuthenticationProvider.setAdminUser("admin"); openStackAuthenticationProvider.setKeystoneURL("http://keystone.test"); openStackAuthenticationProvider.setThresholdString("1"); openStackAuthenticationProvider.setCloudSystem("FASTTRACK"); openStackAuthenticationToken = mock(OpenStackAuthenticationToken.class); openStackAuthenticationProvider.oSAuthToken = openStackAuthenticationToken; Client client = mock(Client.class); openStackAuthenticationProvider.setClient(client); WebTarget webResource = mock(WebTarget.class); Invocation.Builder builder = mock(Invocation.Builder.class); WebTarget webResource2 = mock(WebTarget.class); Invocation.Builder builder2 = mock(Invocation.Builder.class); Response clientResponse = mock(Response.class); Response response401 = mock(Response.class); AuthenticateResponse authenticateResponse = mock(AuthenticateResponse.class); // when/*from w ww .jav a 2 s.com*/ when(openStackAuthenticationToken.getCredentials()).thenReturn(new String[] { adminToken, "string2" }); when(client.target("http://keystone.test")).thenReturn(webResource).thenReturn(webResource2); when(webResource.path(any(String.class))).thenReturn(webResource); when(webResource.request()).thenReturn(builder); when(builder.header(anyString(), anyString())).thenReturn(builder); when(builder.header(eq("X-Auth-Token"), anyString())).thenReturn(builder); when(builder.get()).thenReturn(response401); when(response401.getStatus()).thenReturn(401); when(webResource2.path(any(String.class))).thenReturn(webResource2); when(webResource2.request()).thenReturn(builder2); when(builder2.header(anyString(), anyString())).thenReturn(builder2); when(builder2.header(eq("X-Auth-Token"), anyString())).thenReturn(builder2); when(builder2.get(AuthenticateResponse.class)).thenReturn(authenticateResponse); Token validToken = mock(Token.class); TenantForAuthenticateResponse tenantForAuthenticateResponse = mock(TenantForAuthenticateResponse.class); UserForAuthenticateResponse userForAuthenticateResponse = mock(UserForAuthenticateResponse.class); when(authenticateResponse.getToken()).thenReturn(validToken); when(validToken.getTenant()).thenReturn(tenantForAuthenticateResponse); when(tenantForAuthenticateResponse.getId()).thenReturn("user tenantId"); when(authenticateResponse.getUser()).thenReturn(userForAuthenticateResponse); when(userForAuthenticateResponse.getRoles()).thenReturn(null); Map<QName, String> collection = new HashMap<QName, String>(); collection.put(QName.valueOf("username"), "value"); when(userForAuthenticateResponse.getOtherAttributes()).thenReturn(collection); UsernamePasswordAuthenticationToken authentication = mock(UsernamePasswordAuthenticationToken.class); when(authentication.getCredentials()).thenReturn("user tenantId"); UserDetails user = openStackAuthenticationProvider.retrieveUser("pepe", authentication); assertTrue(user == null); verify(authentication, times(2)).getCredentials(); }
From source file:com.telefonica.euro_iaas.sdc.puppetwrapper.auth.OpenStackAuthenticationProviderTest.java
@Test public void retrieveUserTest_systemFiware() throws AuthenticationConnectionException { String adminToken = "fa63ea912a2a579c2542dbb90951d500"; OpenStackAuthenticationProvider openStackAuthenticationProvider = new OpenStackAuthenticationProvider(); openStackAuthenticationProvider.setAdminPass("admin"); openStackAuthenticationProvider.setAdminTenant("00000000000000000000000000000001"); openStackAuthenticationProvider.setAdminUser("admin"); openStackAuthenticationProvider.setKeystoneURL("http://keystone.test"); openStackAuthenticationProvider.setThresholdString("1"); openStackAuthenticationProvider.setCloudSystem("FIWARE"); openStackAuthenticationToken = mock(OpenStackAuthenticationToken.class); openStackAuthenticationProvider.oSAuthToken = openStackAuthenticationToken; Client client = mock(Client.class); openStackAuthenticationProvider.setClient(client); WebTarget webResource = mock(WebTarget.class); Invocation.Builder builder = mock(Invocation.Builder.class); WebTarget webResource2 = mock(WebTarget.class); Invocation.Builder builder2 = mock(Invocation.Builder.class); Response clientResponse = mock(Response.class); Response response401 = mock(Response.class); AuthenticateResponse authenticateResponse = mock(AuthenticateResponse.class); // when/*from ww w .j ava2s . co m*/ when(openStackAuthenticationToken.getCredentials()).thenReturn(new String[] { adminToken, "string2" }); when(client.target("http://keystone.test")).thenReturn(webResource).thenReturn(webResource2); when(webResource.path(any(String.class))).thenReturn(webResource); when(webResource.request()).thenReturn(builder); when(builder.header(anyString(), anyString())).thenReturn(builder); when(builder.header(eq("X-Auth-Token"), anyString())).thenReturn(builder); when(builder.get()).thenReturn(response401); when(response401.getStatus()).thenReturn(401); when(webResource2.path(any(String.class))).thenReturn(webResource2); when(webResource2.request()).thenReturn(builder2); when(builder2.header(anyString(), anyString())).thenReturn(builder2); when(builder2.header(eq("X-Auth-Token"), anyString())).thenReturn(builder2); when(builder2.get(AuthenticateResponse.class)).thenReturn(authenticateResponse); Token validToken = mock(Token.class); TenantForAuthenticateResponse tenantForAuthenticateResponse = mock(TenantForAuthenticateResponse.class); UserForAuthenticateResponse userForAuthenticateResponse = mock(UserForAuthenticateResponse.class); when(authenticateResponse.getToken()).thenReturn(validToken); when(validToken.getTenant()).thenReturn(tenantForAuthenticateResponse); when(tenantForAuthenticateResponse.getId()).thenReturn("user tenantId"); when(authenticateResponse.getUser()).thenReturn(userForAuthenticateResponse); when(userForAuthenticateResponse.getRoles()).thenReturn(null); Map<QName, String> collection = new HashMap<QName, String>(); collection.put(QName.valueOf("username"), "value"); when(userForAuthenticateResponse.getOtherAttributes()).thenReturn(collection); UsernamePasswordAuthenticationToken authentication = mock(UsernamePasswordAuthenticationToken.class); when(authentication.getCredentials()).thenReturn("user tenantId"); UserDetails user = openStackAuthenticationProvider.retrieveUser("pepe", authentication); assertNotNull(user); verify(openStackAuthenticationToken, times(2)).getCredentials(); verify(authentication, times(2)).getCredentials(); }
From source file:org.verinice.rest.security.VeriniceAuthenticationProvider.java
private boolean checkPassword(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) { String realm = environement.getProperty("veriniceserver.realm"); String a1 = authentication.getName() + ":" + realm + ":" + authentication.getCredentials(); String md5Hex = md5Hex(a1);// w w w. j a v a2s .co m return md5Hex.equals(userDetails.getPassword()); }
From source file:es.sas.lopd.infraestructura.seguridad.impl.DaoAuthenticationProvider.java
@SuppressWarnings("deprecation") protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { Object salt = null;//from w w w.ja v a 2s . c om if (this.saltSource != null) { salt = this.saltSource.getSalt(userDetails); } if (authentication.getCredentials() == null) { logger.debug("Authentication failed: no credentials provided"); throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), userDetails); } String presentedPassword = authentication.getCredentials().toString(); if (!passwordEncoder.isPasswordValid(userDetails.getPassword(), presentedPassword, salt)) { logger.debug("Authentication failed: password does not match stored value"); throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), userDetails); } }
From source file:com.mothsoft.alexis.service.security.AlexisApiAuthenticationProvider.java
@Override protected UserDetails retrieveUser(final String username, final UsernamePasswordAuthenticationToken token) throws AuthenticationException { return this.transactionTemplate.execute(new TransactionCallback<UserDetails>() { @Override/* w ww . j a v a 2 s. c o m*/ public UserDetails doInTransaction(TransactionStatus arg0) { final String apiToken = String.valueOf(token.getCredentials()); final boolean valid = AlexisApiAuthenticationProvider.this.userDao.authenticate(username, apiToken); if (!valid) { throw new BadCredentialsException(username); } final UserDetails userDetails = AlexisApiAuthenticationProvider.this.userDetailsService .loadUserByUsername(username); final UserDetails toReturn = new UserAuthenticationDetails((UserAuthenticationDetails) userDetails, apiToken); return toReturn; } }); }
From source file:abid.password.springmvc.MutablePasswordAuthenticationProvider.java
@Override protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { if (StringUtils.isEmpty(username)) { throw new BadCredentialsException(getLocalisedMessage("authentication.username.required")); }//from w w w.ja v a2 s . com String password = String.valueOf(authentication.getCredentials()); if (StringUtils.isEmpty(password)) { throw new BadCredentialsException(getLocalisedMessage("authentication.password.required")); } try { User authenticatedUser = userService.authenticate(username, password); if (authenticatedUser != null) { return new CustomUserDetails(authenticatedUser); } } catch (UserException e) { log.error("Error occurred authentication user", e); } throw new BadCredentialsException(getLocalisedMessage("authentication.failed")); }
From source file:org.glassmaker.spring.oauth.OAuth2AuthenticationProvider.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { if (!supports(authentication.getClass())) { return null; }// ww w. j a v a2 s .c om if (authentication instanceof UsernamePasswordAuthenticationToken) { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication; UserDetails userDetails = userDetailsService.loadUserByUsername((String) token.getPrincipal()); UsernamePasswordAuthenticationToken newToken = new UsernamePasswordAuthenticationToken( token.getPrincipal(), token.getCredentials(), userDetails.getAuthorities()); newToken.setDetails(token.getDetails()); return newToken; } return null; }
From source file:org.taverna.server.master.identity.WorkflowInternalAuthProvider.java
@Override @PerfLogged//from w ww . j av a2 s . c om protected final void additionalAuthenticationChecks(UserDetails userRecord, UsernamePasswordAuthenticationToken token) { try { additionalAuthenticationChecks(userRecord, token.getPrincipal(), token.getCredentials()); } catch (AuthenticationException e) { throw e; } catch (Exception e) { log.warn("unexpected failure in authentication", e); throw new AuthenticationServiceException("unexpected failure in authentication", e); } }