@Override
  public int authenticateByEmailAddress(
      long companyId,
      String emailAddress,
      String password,
      Map<String, String[]> headerMap,
      Map<String, String[]> parameterMap)
      throws AuthException {

    _log.info("authenticateByEmailAddress");

    UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(emailAddress, password);

    Subject currentUser = SecurityUtils.getSubject();

    try {
      currentUser.login(usernamePasswordToken);

      boolean authenticated = currentUser.isAuthenticated();

      if (authenticated) {
        _log.info("authenticated");
        return SKIP_LIFERAY_CHECK;
      } else {
        return FAILURE;
      }
    } catch (AuthenticationException e) {
      _log.error(e.getMessage(), e);
      throw new AuthException(e.getMessage(), e);
    }
  }
Beispiel #2
0
 /**
  * shiro安全框架用户登录
  *
  * @param loginUser
  */
 private boolean authenticationByShiro(String userName, String password, boolean remeberMe) {
   UsernamePasswordToken token = new UsernamePasswordToken(userName, password, remeberMe);
   try {
     SecurityUtils.getSubject().login(token);
   } catch (AuthenticationException e) {
     this.addActionError(e.getMessage());
     log.warn("shiro login error" + e.getMessage(), e);
     return false;
   }
   return true;
 }
Beispiel #3
0
 @Override
 protected void doPost(HttpServletRequest request, HttpServletResponse response)
     throws ServletException, IOException {
   try {
     String password = WebUtils.getCleanParam(request, PASSWORD);
     String username = WebUtils.getCleanParam(request, USERNAME);
     boolean rememberMe = WebUtils.isTrue(request, REMEMBER_ME);
     String host = request.getRemoteHost();
     UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe, host);
     try {
       Subject subject = SecurityUtils.getSubject();
       loginWithNewSession(token, subject);
       // subject.login(token);
       issueJson(response, HTTP_STATUS_OK, MESSAGE, "ok");
     } catch (AuthenticationException e) {
       issue(
           MIME_TEXT_PLAIN,
           HTTP_STATUS_NOT_FOUND,
           "cannot authorize " + username + ": " + e.getMessage(),
           response);
     }
   } catch (Exception e) {
     issue(
         MIME_TEXT_PLAIN,
         HTTP_STATUS_INTERNAL_SERVER_ERROR,
         "Internal error: " + e.getMessage(),
         response);
   }
 }
Beispiel #4
0
  @Override
  public AuthInfo login(AuthToken token) throws RpcException {
    try {
      if (token != null) {
        UsernamePasswordToken upt = //
            new UsernamePasswordToken( //
                token.getUsername(), //
                token.getPassword().toCharArray(), //
                token.isRememberMe());
        try {
          SecurityUtils.getSubject().login(upt);
        } catch (AuthenticationException e) {
          throw new RpcException(e.getMessage(), e);
        }
      }

      AuthInfo result = new AuthInfo();
      result.setUsername((String) SecurityUtils.getSubject().getPrincipal());
      result.setAuthenticated(SecurityUtils.getSubject().isAuthenticated());

      boolean[] roleResult = SecurityUtils.getSubject().hasRoles(Arrays.asList(checkRoles));
      for (int i = 0; i < checkRoles.length; i++) {
        result.getRoles().put(checkRoles[i], roleResult[i]);
      }

      return result;
    } catch (RpcException e) {
      throw e;
    } catch (Throwable t) {
      log.error(t.getMessage(), t);
      throw new RpcException(t.getMessage(), t);
    }
  }
Beispiel #5
0
 /* 无需做链接,这是OpenID的回调地址 */
 @RequiresGuest
 @At("/login/?/callback")
 public View returnPoint(String providerId, HttpServletRequest request, HttpSession session)
     throws Exception {
   SocialAuthManager manager = (SocialAuthManager) session.getAttribute("openid.manager");
   if (manager == null) throw new SocialAuthException("Not manager found!");
   session.removeAttribute("openid.manager"); // 防止重复登录的可能性
   Map<String, String> paramsMap = SocialAuthUtil.getRequestParametersMap(request);
   AuthProvider provider = manager.connect(paramsMap);
   Profile p = provider.getUserProfile();
   Subject currentUser = SecurityUtils.getSubject();
   ThreadContext.bind(currentUser);
   OAuthToken token = new OAuthToken(p, request.getRemoteAddr());
   try {
     currentUser.login(token);
   } catch (UnknownAccountException uae) {
     return new ViewWrapper(new ForwardView("/admin/index"), "帐号不存在");
   } catch (IncorrectCredentialsException ice) {
     return new ViewWrapper(new ForwardView("/admin/index"), "证书验证失败");
   } catch (LockedAccountException lae) {
     return new ViewWrapper(new ForwardView("/admin/index"), "帐号已被锁定");
   } catch (ExcessiveAttemptsException eae) {
     return new ViewWrapper(new ForwardView("/admin/index"), "尝试的次数太多");
   } catch (AuthenticationException ae) {
     return new ViewWrapper(new ForwardView("/admin/index"), ae.getMessage());
   }
   return new ViewWrapper(new ServerRedirectView("/admin/main.rk"), null);
 }
 /** 重写父类方法,当登录失败将异常信息设置到request的attribute中 */
 @Override
 protected void setFailureAttribute(ServletRequest request, AuthenticationException ae) {
   if (ae instanceof IncorrectCredentialsException) {
     request.setAttribute(getFailureKeyAttribute(), "用户名密码不正确");
   } else {
     request.setAttribute(getFailureKeyAttribute(), ae.getMessage());
   }
 }
  @Override
  public void changePassword(String userId, String oldPassword, String newPassword)
      throws UserNotFoundException, InvalidCredentialsException {
    // first authenticate the user
    try {
      UsernamePasswordToken authenticationToken = new UsernamePasswordToken(userId, oldPassword);
      if (realmSecurityManager.authenticate(authenticationToken) == null) {
        throw new InvalidCredentialsException();
      }
    } catch (AuthenticationException e) {
      log.debug("User failed to change password reason: " + e.getMessage(), e);
      throw new InvalidCredentialsException();
    }

    // if that was good just change the password
    changePassword(userId, newPassword);
  }