@Override protected UsernamePasswordCredentials convertToPac4jCredentials(final UsernamePasswordCredential casCredential) throws GeneralSecurityException, PreventedException { logger.debug("CAS credentials: {}", casCredential); final String username = this.principalNameTransformer.transform(casCredential.getUsername()); if (username == null) { throw new AccountNotFoundException("Username is null."); } final String password = this.passwordEncoder.encode(casCredential.getPassword()); final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, password, getClass().getSimpleName()); logger.debug("pac4j credentials: {}", credentials); return credentials; }
final String password = getPasswordEncoder().encode(credential.getPassword()); final LoginContext lc = new LoginContext( this.realm,
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (users == null || users.isEmpty()) { throw new FailedLoginException("No user can be accepted because none is defined"); } final String username = credential.getUsername(); final String cachedPassword = this.users.get(username); if (cachedPassword == null) { logger.debug("{} was not found in the map.", username); throw new AccountNotFoundException(username + " not found in backing map."); } final String encodedPassword = this.getPasswordEncoder().encode(credential.getPassword()); if (!cachedPassword.equals(encodedPassword)) { throw new FailedLoginException(); } return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { try { if (this.fileName == null || !this.fileName.exists()) { throw new FileNotFoundException("Filename does not exist"); } final String username = credential.getUsername(); final String passwordOnRecord = getPasswordOnRecord(username); if (StringUtils.isBlank(passwordOnRecord)) { throw new AccountNotFoundException(username + " not found in backing file."); } final String password = credential.getPassword(); if (StringUtils.isNotBlank(password) && this.getPasswordEncoder().encode(password).equals(passwordOnRecord)) { return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); } } catch (final IOException e) { throw new PreventedException("IO error reading backing file", e); } throw new FailedLoginException(); }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (StringUtils.isBlank(this.sql) || getJdbcTemplate() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } final String username = credential.getUsername(); final String encyptedPassword = getPasswordEncoder().encode(credential.getPassword()); final int count; try { count = getJdbcTemplate().queryForObject(this.sql, Integer.class, username, encyptedPassword); } catch (final DataAccessException e) { throw new PreventedException("SQL exception while executing query for " + username, e); } if (count == 0) { throw new FailedLoginException(username + " not found with SQL query."); } return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); }
throws GeneralSecurityException, PreventedException { final String password = getPasswordEncoder().encode(credential.getPassword()); final String username = credential.getUsername();
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (StringUtils.isBlank(this.sql) || getJdbcTemplate() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } final String username = credential.getUsername(); final String encryptedPassword = this.getPasswordEncoder().encode(credential.getPassword()); try { final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username); if (!dbPassword.equals(encryptedPassword)) { throw new FailedLoginException("Password does not match value on record."); } } catch (final IncorrectResultSizeDataAccessException e) { if (e.getActualSize() == 0) { throw new AccountNotFoundException(username + " not found with SQL query"); } else { throw new FailedLoginException("Multiple records found for " + username); } } catch (final DataAccessException e) { throw new PreventedException("SQL exception while executing query for " + username, e); } return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (getDataSource() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } Connection connection = null; try { final String username = credential.getUsername(); final String password = getPasswordEncoder().encode(credential.getPassword()); connection = this.getDataSource().getConnection(username, password); return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); } catch (final SQLException e) { throw new FailedLoginException(e.getMessage()); } catch (final Exception e) { throw new PreventedException("Unexpected SQL connection error", e); } finally { if (connection != null) { DataSourceUtils.releaseConnection(connection, this.getDataSource()); } } }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential) throws GeneralSecurityException, PreventedException { if (StringUtils.isBlank(this.sql) || StringUtils.isBlank(this.algorithmName) || getJdbcTemplate() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } final String username = getPrincipalNameTransformer().transform(transformedCredential.getUsername()); final String encodedPsw = this.getPasswordEncoder().encode(transformedCredential.getPassword()); try { final Map<String, Object> values = getJdbcTemplate().queryForMap(this.sql, username); final String digestedPassword = digestEncodedPassword(encodedPsw, values); if (!values.get(this.passwordFieldName).equals(digestedPassword)) { throw new FailedLoginException("Password does not match value on record."); } return createHandlerResult(transformedCredential, this.principalFactory.createPrincipal(username), null); } catch (final IncorrectResultSizeDataAccessException e) { if (e.getActualSize() == 0) { throw new AccountNotFoundException(username + " not found with SQL query"); } else { throw new FailedLoginException("Multiple records found for " + username); } } catch (final DataAccessException e) { throw new PreventedException("SQL exception while executing query for " + username, e); } }
try { logger.debug("Attempting LDAP authentication for {}", upc); final String password = getPasswordEncoder().encode(upc.getPassword()); final AuthenticationRequest request = new AuthenticationRequest(upc.getUsername(), new org.ldaptive.Credential(password),
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential) throws GeneralSecurityException, PreventedException { try { final RememberMeUsernamePasswordCredential credential = (RememberMeUsernamePasswordCredential) transformedCredential; final UsernamePasswordToken token = new UsernamePasswordToken(credential.getUsername(), this.getPasswordEncoder().encode(credential.getPassword())); token.setRememberMe(credential.isRememberMe()); final Subject currentUser = getCurrentExecutingSubject(); currentUser.login(token); checkSubjectRolesAndPermissions(currentUser); return createAuthenticatedSubjectResult(credential, currentUser); } catch (final UnknownAccountException uae) { throw new AccountNotFoundException(uae.getMessage()); } catch (final IncorrectCredentialsException ice) { throw new FailedLoginException(ice.getMessage()); } catch (final LockedAccountException lae) { throw new AccountLockedException(lae.getMessage()); } catch (final ExcessiveAttemptsException eae) { throw new AccountLockedException(eae.getMessage()); } catch (final ExpiredCredentialsException eae) { throw new CredentialExpiredException(eae.getMessage()); } catch (final DisabledAccountException eae) { throw new AccountDisabledException(eae.getMessage()); } catch (final AuthenticationException ae){ throw new FailedLoginException(ae.getMessage()); } }