public void sendToLoginPage(HttpServletRequest request, HttpServletResponse response, String ctx) throws AuthenticationFailedException { String iwaURL = null; try { iwaURL = IdentityUtil.getServerURL(IWAConstants.IWA_AUTH_EP, false, true) + "?" + IWAConstants.IWA_PARAM_STATE + "=" + URLEncoder.encode(ctx, IWAConstants.UTF_8); response.sendRedirect(response.encodeRedirectURL(iwaURL)); } catch (IOException e) { log.error("Error when sending to the login page :" + iwaURL, e); throw new AuthenticationFailedException("Authentication failed"); } }
if (!StringUtils.equals(userDomain, tenantDomain)) { context.setProperty("UserTenantDomainMismatch", true); throw new AuthenticationFailedException("Service Provider tenant domain must be " + "equal to user tenant domain for non-SaaS applications"); Map<Integer, StepConfig> stepMap = context.getSequenceConfig().getStepMap(); boolean stepHasMultiOption = false; publishAuthenticationStepAttempt(request, context, e.getUser(), false);
log.error(e.getMessage(), e); context.setRequestAuthenticated(false); } catch (LogoutFailedException e) {
log.error("Authentication failed exception!", e); handleFailedAuthentication(request, response, context, authenticatorConfig, e.getUser()); } catch (LogoutFailedException e) { throw new FrameworkException(e.getMessage(), e);
if (!StringUtils.equals(userDomain, tenantDomain)) { context.setProperty("UserTenantDomainMismatch", true); throw new AuthenticationFailedException("Service Provider tenant domain must be " + "equal to user tenant domain for non-SaaS applications", context.getSubject()); return AuthenticatorFlowStatus.SUCCESS_COMPLETED; } catch (AuthenticationFailedException e) { publishAuthenticationStepAttempt(request, context, e.getUser(), false); request.setAttribute(FrameworkConstants.REQ_ATTR_HANDLED, true);
log.error(e.getMessage(), e); context.setRequestAuthenticated(false); } catch (LogoutFailedException e) {
log.error("Authentication failed exception!", e); handleFailedAuthentication(request, response, context, authenticatorConfig, e.getUser()); } catch (LogoutFailedException e) { throw new FrameworkException(e.getMessage(), e);
public void sendToLoginPage(HttpServletRequest request, HttpServletResponse response, String ctx) throws AuthenticationFailedException { String iwaURL = null; try { iwaURL = IdentityUtil.getServerURL(IWAConstants.IWA_AUTH_EP, false, true) + "?" + IWAConstants.IWA_PARAM_STATE + "=" + URLEncoder.encode(ctx, IWAConstants.UTF_8); response.sendRedirect(response.encodeRedirectURL(iwaURL)); } catch (IOException e) { log.error("Error when sending to the login page :" + iwaURL, e); throw new AuthenticationFailedException("Authentication failed"); } }
if (!StringUtils.equals(userDomain, tenantDomain)) { context.setProperty("UserTenantDomainMismatch", true); throw new AuthenticationFailedException("Service Provider tenant domain must be " + "equal to user tenant domain for non-SaaS applications", context.getSubject()); return AuthenticatorFlowStatus.SUCCESS_COMPLETED; } catch (AuthenticationFailedException e) { publishAuthenticationStepAttempt(request, context, e.getUser(), false); request.setAttribute(FrameworkConstants.REQ_ATTR_HANDLED, true);
log.error(e.getMessage(), e); context.setRequestAuthenticated(false); } catch (LogoutFailedException e) {
protected OAuthClientResponse getOauthResponse(OAuthClient oAuthClient, OAuthClientRequest accessRequest) throws AuthenticationFailedException { OAuthClientResponse oAuthResponse; try { oAuthResponse = oAuthClient.accessToken(accessRequest); } catch (OAuthSystemException | OAuthProblemException e) { if (log.isDebugEnabled()) { log.debug("Exception while requesting access token", e); } throw new AuthenticationFailedException(e.getMessage(), e); } return oAuthResponse; }
log.error(e.getMessage(), e); context.setRequestAuthenticated(false); } catch (LogoutFailedException e) {
private OAuthClientResponse getOauthResponse(OAuthClient oAuthClient, OAuthClientRequest accessRequest) throws AuthenticationFailedException { OAuthClientResponse oAuthResponse = null; try { oAuthResponse = oAuthClient.accessToken(accessRequest); } catch (OAuthSystemException e) { if (log.isDebugEnabled()) { log.debug("Exception while requesting access token", e); } throw new AuthenticationFailedException(e.getMessage(), e); } catch (OAuthProblemException e) { if (log.isDebugEnabled()) { log.debug("Exception while requesting access token", e); } } return oAuthResponse; }
private String getAuthenticatedUserId(AuthenticationContext context, OAuthClientResponse oAuthResponse, Map<String, Object> idTokenClaims) throws AuthenticationFailedException { String authenticatedUserId; if (isUserIdFoundAmongClaims(context)) { authenticatedUserId = getSubjectFromUserIDClaimURI(context, idTokenClaims); if (StringUtils.isNotBlank(authenticatedUserId)) { if (log.isDebugEnabled()) { log.debug("Authenticated user id: " + authenticatedUserId + " was found among id_token claims."); } } else { if (log.isDebugEnabled()) { log.debug("Subject claim could not be found amongst id_token claims. Defaulting to the 'sub' " + "attribute in id_token as authenticated user id."); } // Default to userId sent as the 'sub' claim. authenticatedUserId = getAuthenticateUser(context, idTokenClaims, oAuthResponse); } } else { authenticatedUserId = getAuthenticateUser(context, idTokenClaims, oAuthResponse); if (log.isDebugEnabled()) { log.debug("Authenticated user id: " + authenticatedUserId + " retrieved from the 'sub' claim."); } } if (authenticatedUserId == null) { throw new AuthenticationFailedException( "Cannot find the userId from the id_token sent by the federated IDP."); } return authenticatedUserId; }
private static boolean isUserExists(String userName, AuthenticationContext authenticationContext) throws UserStoreException, AuthenticationFailedException { boolean isUserExist = X509CertificateUtil.getUserRealm(userName).getUserStoreManager().isExistingUser (userName); if (isUserExist) { if (log.isDebugEnabled()) { log.debug("User exists with the user name: " + userName); } return true; } else { authenticationContext.setProperty(X509CertificateConstants.X509_CERTIFICATE_ERROR_CODE, X509CertificateConstants.USER_NOT_FOUND); throw new AuthenticationFailedException(" Unable to find X509 Certificate's user in user store. "); } }
certificates = (X509Certificate[]) object; } else { throw new AuthenticationFailedException("Exception while casting the X509Certificate"); data = cert.getEncoded(); } catch (CertificateEncodingException e) { throw new AuthenticationFailedException("Encoded certificate in not found", e); authenticationContext.setProperty(X509CertificateConstants.X509_CERTIFICATE_ERROR_CODE, X509CertificateConstants.USERNAME_CONFLICT); throw new AuthenticationFailedException("Couldn't find X509 certificate to " + "this authenticated user: " + authenticatedUserName); authenticationContext.setProperty(X509CertificateConstants.X509_CERTIFICATE_ERROR_CODE, X509CertificateConstants.USERNAME_NOT_FOUND_FOR_X509_CERTIFICATE_ATTRIBUTE); throw new AuthenticationFailedException("Couldn't find the username for X509Certificate's " + "attribute"); throw new AuthenticationFailedException("X509Certificate object is null"); throw new AuthenticationFailedException("Unable to find X509 Certificate in browser");
log.debug("Authenticated principal is null. Therefore authentication is failed."); throw new AuthenticationFailedException("Authentication Failed"); isAuthenticated = userStoreManager.isExistingUser(MultitenantUtils.getTenantAwareUsername(username)); } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new AuthenticationFailedException("IWAAuthenticator failed while trying to find user existence", e); log.debug("user authentication failed, user:" + username + " is not in the user store"); throw new AuthenticationFailedException("Authentication Failed");
log.debug("Authenticated principal is null. Therefore authentication is failed."); throw new AuthenticationFailedException("Authentication Failed"); isAuthenticated = userStoreManager.isExistingUser(MultitenantUtils.getTenantAwareUsername(username)); } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new AuthenticationFailedException("IWAAuthenticator failed while trying to find user existence", e); log.debug("user authentication failed, user:" + username + " is not in the user store"); throw new AuthenticationFailedException("Authentication Failed");
log.debug("UserRealm is null for username: " + username); throw new AuthenticationFailedException("Cannot find the user realm for the given tenant domain : " + CarbonContext.getThreadLocalCarbonContext().getTenantDomain()); throw new AuthenticationFailedException("Error while retrieving certificate of user: " + username, e); } catch (UserStoreException e) { throw new AuthenticationFailedException("Error while retrieving the user store manager ", e);
log.debug("UserRealm is null for username: " + username); throw new AuthenticationFailedException("Cannot find the user realm for the given tenant domain : " + CarbonContext.getThreadLocalCarbonContext().getTenantDomain()); throw new AuthenticationFailedException("Error while decoding the certificate ", e); } catch (UserStoreException e) { throw new AuthenticationFailedException("Error while retrieving the user store manager ", e);