@Override public void authenticate(String login, String password, Locale messagesLocale) throws LoginException { if (!ldapTemplate.authenticate(LdapUtils.emptyLdapName(), buildPersonFilter(login), password)) { throw new LoginException( messages.formatMessage(LdapAuthProvider.class, "LoginException.InvalidLoginOrPassword", messagesLocale, login) ); } }
throw new BadCredentialsException(e.getMessage()); } catch (LoginException e) { log.info("Authentication failed: {} {} - {}", login, ipAddress, e.getMessage()); throw new BadCredentialsException(e.getMessage());
@Override public UserSession getSystemSession(String trustedClientPassword) throws LoginException { try { return trustedClientService.getSystemSession(trustedClientPassword); } catch (LoginException e) { log.info("Login failed: {}", e.toString()); throw e; } catch (Throwable e) { log.error("Login error", e); //noinspection ThrowableResultOfMethodCallIgnored Throwable rootCause = ExceptionUtils.getRootCause(e); if (rootCause == null) rootCause = e; // send text only to avoid ClassNotFoundException when the client has no dependency to some library throw new LoginException(rootCause.toString()); } }
log.info("Login failed: {}", e.toString()); String message = StringUtils.abbreviate(e.getMessage(), 1000); showLoginException(message); } catch (Exception e) {
@Nonnull @Override public AuthenticationDetails authenticate(Credentials credentials) throws LoginException { try { preprocessCredentials(credentials); //noinspection UnnecessaryLocalVariable AuthenticationDetails authenticationDetails = authenticationManager.authenticate(credentials); return authenticationDetails; } catch (InternalAuthenticationException ie) { log.error("Authentication error", ie); throw ie; } catch (LoginException e) { log.info("Authentication failed: {}", e.toString()); throw e; } catch (Throwable e) { log.error("Authentication error", e); throw wrapInLoginException(e); } }
@Nonnull @Override public AuthenticationDetails login(Credentials credentials) throws LoginException { try { preprocessCredentials(credentials); //noinspection UnnecessaryLocalVariable AuthenticationDetails details = authenticationManager.login(credentials); Map<String, Object> logParams = emptyMap(); if (credentials instanceof AbstractClientCredentials) { ClientType clientType = ((AbstractClientCredentials) credentials).getClientType(); if (clientType != null) { logParams = ParamsMap.of(ClientType.class.getName(), clientType.name()); } } userSessionLog.createSessionLogRecord(details.getSession(), SessionAction.LOGIN, logParams); return details; } catch (InternalAuthenticationException ie) { log.error("Login error", ie); throw ie; } catch (LoginException e) { log.info("Login failed: {}", e.toString()); throw e; } catch (Throwable e) { log.error("Login error", e); throw wrapInLoginException(e); } }
@Override public void authenticate(String login, String password, Locale messagesLocale) throws LoginException { if (!ldapTemplate.authenticate(LdapUtils.emptyLdapName(), buildPersonFilter(login), password)) { throw new LoginException( messages.formatMessage(LdapAuthProvider.class, "LoginException.InvalidLoginOrPassword", messagesLocale, login) ); } }
} catch (LoginException e) { log.error(ExceptionUtils.getStackTrace(e)); return "Login error: " + e.getMessage();
protected void checkTrustedClientCredentials(String trustedClientPassword) throws LoginException { RemoteClientInfo remoteClientInfo = RemoteClientInfo.get(); if (remoteClientInfo != null && remoteClientInfo.getAddress() != null) { // reject request from not permitted client ip if (!trustedLoginHandler.checkAddress(remoteClientInfo.getAddress())) { log.warn("Attempt trusted access from not permitted IP address: {}", remoteClientInfo.getAddress()); throw new LoginException("Trusted access denied"); } } if (!trustedLoginHandler.checkPassword(trustedClientPassword)) { throw new LoginException(getInvalidCredentialsMessage(serverConfig.getJmxUserLogin(), messages.getTools().getDefaultLocale())); } } }
protected AuthenticationDetails loginClient(LoginPasswordCredentials credentials) { String login = credentials.getLogin(); Locale credentialsLocale = credentials.getLocale() == null ? messages.getTools().getDefaultLocale() : credentials.getLocale(); if (Strings.isNullOrEmpty(login)) { // empty login is not valid throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } UserSession systemSession = trustedClientService.getSystemSession(restApiConfig.getTrustedClientPassword()); User user = AppContext.withSecurityContext(new SecurityContext(systemSession), () -> usersRepository.findUserByLogin(login)); if (user == null) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } if (!passwordEncryption.checkPassword(user, credentials.getPassword())) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } return authenticationService.login(createTrustedCredentials(credentials)); }
protected AuthenticationDetails loginClient(LoginPasswordCredentials credentials) { String login = credentials.getLogin(); Locale credentialsLocale = credentials.getLocale() == null ? messages.getTools().getDefaultLocale() : credentials.getLocale(); if (Strings.isNullOrEmpty(login)) { // empty login is not valid throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } UserSession systemSession = trustedClientService.getSystemSession(portalConfig.getTrustedClientPassword()); User user = AppContext.withSecurityContext(new SecurityContext(systemSession), () -> usersRepository.findUserByLogin(login)); if (user == null) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } if (!passwordEncryption.checkPassword(user, credentials.getPassword())) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } return authenticationService.login(createTrustedCredentials(credentials)); }
protected AuthenticationDetails loginClient(LoginPasswordCredentials credentials) { String login = credentials.getLogin(); Locale credentialsLocale = credentials.getLocale() == null ? messages.getTools().getDefaultLocale() : credentials.getLocale(); if (Strings.isNullOrEmpty(login)) { // empty login is not valid throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } UserSession systemSession = trustedClientService.getSystemSession(webAuthConfig.getTrustedClientPassword()); User user = AppContext.withSecurityContext(new SecurityContext(systemSession), () -> usersRepository.findUserByLogin(login)); if (user == null) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } if (!passwordEncryption.checkPassword(user, credentials.getPassword())) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } return authenticationService.login(createTrustedCredentials(credentials)); }
@Override public AuthenticationDetails authenticate(Credentials credentials) throws LoginException { LoginPasswordCredentials loginAndPassword = (LoginPasswordCredentials) credentials; String login = loginAndPassword.getLogin(); Locale credentialsLocale = loginAndPassword.getLocale() == null ? messages.getTools().getDefaultLocale() : loginAndPassword.getLocale(); if (Strings.isNullOrEmpty(login)) { // empty login is not valid throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } checkUserCredentials(credentials); User user = loadUser(login); if (user == null) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } if (!passwordEncryption.checkPassword(user, loginAndPassword.getPassword())) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } Locale userLocale = getUserLocale(loginAndPassword, user); UserSession session = createSession(loginAndPassword, user, userLocale); setClientSessionParams(loginAndPassword, session); AuthenticationDetails authenticationDetails = new SimpleAuthenticationDetails(session); checkUserAccess(loginAndPassword, authenticationDetails); return authenticationDetails; }
throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
@Override public AuthenticationDetails authenticate(Credentials credentials) throws LoginException { RememberMeCredentials rememberMe = (RememberMeCredentials) credentials; String login = rememberMe.getLogin(); Locale credentialsLocale = rememberMe.getLocale() == null ? messages.getTools().getDefaultLocale() : rememberMe.getLocale(); if (Strings.isNullOrEmpty(login)) { // empty login is not valid throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } checkUserCredentials(credentials); User user = loadUser(login); if (user == null) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } RememberMeToken loginToken = loadRememberMeToken(user, rememberMe.getRememberMeToken()); if (loginToken == null) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } Locale userLocale = getUserLocale(rememberMe, user); UserSession session = createSession(rememberMe, user, userLocale); setClientSessionParams(rememberMe, session); AuthenticationDetails authenticationDetails = new SimpleAuthenticationDetails(session); checkUserAccess(rememberMe, authenticationDetails); return authenticationDetails; }
@Order(Events.HIGHEST_PLATFORM_PRECEDENCE + 10) @EventListener protected void onAuthenticationFailure(AuthenticationFailureEvent event) throws LoginException { if (bruteForceProtectionAPI.isBruteForceProtectionEnabled()) { Credentials credentials = event.getCredentials(); if (credentials instanceof AbstractClientCredentials) { AbstractClientCredentials clientCredentials = (AbstractClientCredentials) credentials; if (clientCredentials.isCheckClientPermissions()) { int loginAttemptsLeft = bruteForceProtectionAPI.registerUnsuccessfulLogin( clientCredentials.getUserIdentifier(), clientCredentials.getIpAddress()); String message; if (loginAttemptsLeft > 0) { message = messages.formatMessage(MSG_PACK, "LoginException.loginFailedAttemptsLeft", loginAttemptsLeft); } else { message = messages.formatMessage(MSG_PACK, "LoginException.loginAttemptsNumberExceeded", bruteForceProtectionAPI.getBruteForceBlockIntervalSec()); } throw new LoginException(message); } } } }
throw new LoginException( messages.formatMainMessage("LoginException.InvalidLoginOrPassword", sessionLocale, auth.getUsername())); log.error("Unsupported authentication mode {}", authenticationConfig.getAuthenticationMode()); throw new LoginException( messages.formatMainMessage("LoginException.InvalidLoginOrPassword", sessionLocale, auth.getUsername()));
@Override public void check(Credentials credentials, AuthenticationDetails authenticationDetails) throws LoginException { if (credentials instanceof AbstractClientCredentials) { AbstractClientCredentials clientCredentials = (AbstractClientCredentials) credentials; if (clientCredentials.isCheckClientPermissions()) { ClientType clientType = clientCredentials.getClientType(); if (ClientType.DESKTOP == clientType || ClientType.WEB == clientType) { if (!authenticationDetails.getSession().isSpecificPermitted("cuba.gui.loginToClient")) { log.warn("Attempt of login to {} for user '{}' without cuba.gui.loginToClient permission", clientType, clientCredentials); Locale userLocale; if (clientCredentials.getLocale() != null) { userLocale = clientCredentials.getLocale(); } else { userLocale = messages.getTools().getDefaultLocale(); } throw new LoginException(getInvalidCredentialsMessage(clientCredentials.getUserIdentifier(), userLocale)); } } } } }
throw new LoginException( messages.formatMessage(LdapLoginProvider.class, "LoginException.InvalidLoginOrPassword", locale, loginPasswordCredentials.getLogin())
@Override public AuthenticationDetails authenticate(Credentials credentials) throws LoginException { SystemUserCredentials systemLogin = (SystemUserCredentials) credentials; String login = systemLogin.getLogin(); Locale credentialsLocale = systemLogin.getLocale() == null ? messages.getTools().getDefaultLocale() : systemLogin.getLocale(); User user = loadUser(login); if (user == null) { throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale)); } Locale userLocale = getUserLocale(systemLogin, user); UserSession session = userSessionManager.createSession(user, userLocale, true); return new SimpleAuthenticationDetails(session); }