public AuthenticationException resolveException(LoginException e) { return new LockedException("This is just a test!"); } });
@ResponseStatus(HttpStatus.UNAUTHORIZED) // 401 @ExceptionHandler(LockedException.class) @ResponseBody public ErrorInfo handleLockedUser(LockedException e) { ErrorInfo result = new ErrorInfo(e.getMessage()); result.setMessageKey(INACTIVE_USER_MESSAGE_KEY); return result; }
@Override public Authentication authenticate(T authenticationToken) throws AuthenticationException { if (authenticationToken == null) { throw new InvalidTokenException("Null authentication token"); } org.springframework.security.core.Authentication authentication = getAuthentication(authenticationToken); if (authentication == null) { throw new InvalidTokenException("Invalid authentication token: missing Spring Security Authentication"); } try { authentication = authenticationManager.authenticate(authentication); } catch (UsernameNotFoundException e) { throw new UnknownAccountException(e.getMessage()); } catch (BadCredentialsException e) { throw new InvalidCredentialsException(e.getMessage()); } catch (CredentialsExpiredException | AccountExpiredException e) { throw new ExpiredCredentialsException(e.getMessage()); } catch (DisabledException e) { throw new DisabledAccountException(e.getMessage()); } catch (LockedException e) { throw new LockedAccountException(e.getMessage()); } catch (Exception e) { throw new UnexpectedAuthenticationException(e.getMessage(), e); } return SpringSecurityAuthentication.create(authentication); }
public void check(UserDetails user) { if (!user.isAccountNonLocked()) { logger.debug("User account is locked"); throw new LockedException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.locked", "User account is locked")); } if (!user.isEnabled()) { logger.debug("User account is disabled"); throw new DisabledException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled")); } if (!user.isAccountNonExpired()) { logger.debug("User account is expired"); throw new AccountExpiredException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.expired", "User account has expired")); } } }
@Test public void authenticateWhenPostAuthenticationChecksFail() { when(this.userDetailsService.findByUsername(any())).thenReturn(Mono.just(this.user)); doThrow(new LockedException("account is locked")).when(this.postAuthenticationChecks).check(any()); when(this.encoder.matches(any(), any())).thenReturn(true); this.manager.setPasswordEncoder(this.encoder); this.manager.setPostAuthenticationChecks(this.postAuthenticationChecks); assertThatExceptionOfType(LockedException.class) .isThrownBy(() -> this.manager.authenticate(new UsernamePasswordAuthenticationToken(this.user, this.user.getPassword())).block()) .withMessage("account is locked"); verify(this.postAuthenticationChecks).check(eq(this.user)); }
@Test public void testLogsEvents() { AuthenticationFailureDisabledEvent event = new AuthenticationFailureDisabledEvent( getAuthentication(), new LockedException("TEST")); LoggerListener listener = new LoggerListener(); listener.onApplicationEvent(event); } }
public void check(UserDetails user) { if (!user.isAccountNonLocked()) { logger.debug("User account is locked"); throw new LockedException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.locked", "User account is locked")); } if (!user.isEnabled()) { logger.debug("User account is disabled"); throw new DisabledException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled")); } if (!user.isAccountNonExpired()) { logger.debug("User account is expired"); throw new AccountExpiredException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.expired", "User account has expired")); } } }
private void raiseExceptionForErrorCode(int code, NamingException exception) { String hexString = Integer.toHexString(code); Throwable cause = new ActiveDirectoryAuthenticationException(hexString, exception.getMessage(), exception); switch (code) { case PASSWORD_EXPIRED: throw new CredentialsExpiredException(messages.getMessage( "LdapAuthenticationProvider.credentialsExpired", "User credentials have expired"), cause); case ACCOUNT_DISABLED: throw new DisabledException(messages.getMessage( "LdapAuthenticationProvider.disabled", "User is disabled"), cause); case ACCOUNT_EXPIRED: throw new AccountExpiredException(messages.getMessage( "LdapAuthenticationProvider.expired", "User account has expired"), cause); case ACCOUNT_LOCKED: throw new LockedException(messages.getMessage( "LdapAuthenticationProvider.locked", "User account is locked"), cause); default: throw badCredentials(cause); } }
@Test @SuppressWarnings("deprecation") public void statusExceptionIsPublished() throws Exception { AuthenticationManager parent = mock(AuthenticationManager.class); final LockedException expected = new LockedException(""); ProviderManager mgr = new ProviderManager( Arrays.asList(createProviderWhichThrows(expected)), parent); final Authentication authReq = mock(Authentication.class); AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class); mgr.setAuthenticationEventPublisher(publisher); try { mgr.authenticate(authReq); fail("Expected exception"); } catch (LockedException e) { assertThat(e).isSameAs(expected); } verify(publisher).publishAuthenticationFailure(expected, authReq); }
@Override protected DirContextOperations doAuthentication( UsernamePasswordAuthenticationToken authentication) { try { return getAuthenticator().authenticate(authentication); } catch (PasswordPolicyException ppe) { // The only reason a ppolicy exception can occur during a bind is that the // account is locked. throw new LockedException(this.messages.getMessage( ppe.getStatus().getErrorCode(), ppe.getStatus().getDefaultMessage())); } catch (UsernameNotFoundException notFound) { if (this.hideUserNotFoundExceptions) { throw new BadCredentialsException(this.messages.getMessage( "LdapAuthenticationProvider.badCredentials", "Bad credentials")); } else { throw notFound; } } catch (NamingException ldapAccessFailure) { throw new InternalAuthenticationServiceException( ldapAccessFailure.getMessage(), ldapAccessFailure); } }
publisher.publishAuthenticationFailure(new DisabledException(""), a); publisher.publishAuthenticationFailure(new DisabledException("", cause), a); publisher.publishAuthenticationFailure(new LockedException(""), a); publisher.publishAuthenticationFailure(new LockedException("", cause), a); publisher.publishAuthenticationFailure(new AuthenticationServiceException(""), a); publisher.publishAuthenticationFailure(new AuthenticationServiceException("",
public void check(UserDetails user) { if (!user.isAccountNonLocked()) { throw new LockedException(messages.getMessage( "AccountStatusUserDetailsChecker.locked", "User account is locked")); } if (!user.isEnabled()) { throw new DisabledException(messages.getMessage( "AccountStatusUserDetailsChecker.disabled", "User is disabled")); } if (!user.isAccountNonExpired()) { throw new AccountExpiredException( messages.getMessage("AccountStatusUserDetailsChecker.expired", "User account has expired")); } if (!user.isCredentialsNonExpired()) { throw new CredentialsExpiredException(messages.getMessage( "AccountStatusUserDetailsChecker.credentialsExpired", "User credentials have expired")); } } }
public void check(UserDetails user) { if (!user.isAccountNonLocked()) { throw new LockedException(messages.getMessage( "AccountStatusUserDetailsChecker.locked", "User account is locked")); } if (!user.isEnabled()) { throw new DisabledException(messages.getMessage( "AccountStatusUserDetailsChecker.disabled", "User is disabled")); } if (!user.isAccountNonExpired()) { throw new AccountExpiredException( messages.getMessage("AccountStatusUserDetailsChecker.expired", "User account has expired")); } if (!user.isCredentialsNonExpired()) { throw new CredentialsExpiredException(messages.getMessage( "AccountStatusUserDetailsChecker.credentialsExpired", "User credentials have expired")); } } }
else if(user.isLocked()) { if(canUnlockUser(user)){ logger.info("|*|*| Unlocking account. Account Lock Timer Over.. |*|*|*|"); loginHistoryService.lockUserAccount(user.getUserId(), false); } else { throw new LockedException("Account is Locked"); } }
else if(user.isLocked()) { if(canUnlockUser(user)){ logger.info("|*|*| Unlocking account. Account Lock Timer Over.. |*|*|*|"); loginHistoryService.lockUserAccount(user.getUserId(), false); } else { throw new LockedException("Account is Locked"); } }
throw new LockedException(error);
private void assertUserNotLocked(String username) { if(isLockMechanismDisabled()) { return; } Date logindate = lastFailedLogin.get(username); if(logindate != null && isWaitTimeOver(logindate)) { accessCounter.remove(username); lastFailedLogin.remove(username); } if (accessCounter.get(username) != null && accessCounter.get(username) >= maxLoginFailures) { throw new LockedException("The user '" + username + "' is temporary locked."); } }
throw new LockedException(error);
throw new BadCredentialsException("Bad credentials."); } else if (!user.isEnabled()) { throw new LockedException("Account is locked.");
LOG.warn(e.getMessage()); throw new LockedException("Too many failed login attempts.");