@Override public Response toResponse(AuthenticationException exception) { logger.debug("Exception: {}", exception.getMessage()); return Response.status(Status.UNAUTHORIZED) .entity(exception.getMessage()) .type("text/plain") .build(); }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException { e.printStackTrace(); System.out.println("FAIL " + e.getMessage()); response.getWriter().print(e.getMessage()); response.getWriter().flush(); }
/* * Método que captura el fallo de autenticación a través de una excepción * de tipo AuthenticactionException. * params: *-HttpServletRequest request: petiticón *-HttpServletResponse response: respuesta *-AuthenticationException: Causa del fallo de autenticación * return: */ @Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { String usuario = request.getParameter("j_username"); logger.warn( "Falla de autenticacion. Usuario: " + usuario + ". Causa: " + exception.getMessage()); if (exception instanceof LockedException) { if (exception.getMessage().equals("B")) { // Si está bloqueado por mantenimiento ManejadorMensajes.agregarMensaje( request, TipoMensaje.ADVERTENCIA, "El sistema de Policlínico Santa Clara. " + "se encuentra en mantenimiento y estaremos de vuelta pronto. " + "Si presenta problemas, consulte al administrador de sistema"); } else { // Si la sesión estaba activa ManejadorMensajes.agregarMensaje( request, TipoMensaje.ERROR, "Sesión de usuario activa. Ciérrela e ingrese nuevamente"); } response.sendRedirect(request.getContextPath()); } if (exception instanceof BadCredentialsException) { // Si hubo error de autenticación ManejadorMensajes.agregarMensaje( request, TipoMensaje.ERROR, "Falla de autenticación: Usuario o contraseña inválidos"); response.sendRedirect(request.getContextPath()); } if (exception instanceof AccountExpiredException) { // Si cuenta no está vigente ManejadorMensajes.agregarMensaje( request, TipoMensaje.ERROR, "Falla de autenticación: Usuario no vigente o contraseña expirada"); response.sendRedirect(request.getContextPath()); } if (exception instanceof CredentialsExpiredException) { // Si las credenciales expiraron Utils.borrarAtributo(request, "cambiocontrasena"); Utils.borrarAtributo(request, "usuariocambio"); Utils.registrarAtributo(request, "cambiocontrasena", "1"); Utils.registrarAtributo(request, "usuariocambio", usuario); response.sendRedirect(request.getContextPath() + "/usuarios/cambiar_contrasena"); } }
/** ${@inheritDoc} */ @Override public User login(String username, String password) throws FailedToLoginException { try { // Authenticate the user authenticationService.authenticate(username, password); LOGGER.info("[{}] has successfully logged in", username); // Get the user and return it return this.loadUserByUsername(username); } catch (AuthenticationException e) { LOGGER.error(e.getMessage()); throw new FailedToLoginException(e.getMessage()); } }
@Test public void shouldReturnErrorIfPasswordNotSpecified() { when(authentication.getCredentials()).thenReturn(null); try { provider.authenticate(authentication); } catch (AuthenticationException e) { assertEquals("User or password not valid", e.getMessage()); } }
@Override public void commence( HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { response.setHeader("WWW-Authenticate", this.headerValue); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); }
public void commence( HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { if (authException instanceof InvalidOAuthParametersException) { response.sendError(400, authException.getMessage()); } else if (authException.getCause() instanceof UnsupportedSignatureMethodException) { response.sendError(400, authException.getMessage()); } else { StringBuilder headerValue = new StringBuilder("OAuth"); if (realmName != null) { headerValue.append(" realm=\"").append(realmName).append('"'); } response.addHeader("WWW-Authenticate", headerValue.toString()); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); } }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { response.setContentType("text/plain"); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); ServletOutputStream outputStream = response.getOutputStream(); outputStream.print(exception.getMessage()); outputStream.close(); }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws ServletException, IOException { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); PrintWriter writer = response.getWriter(); writer.write(exception.getMessage()); writer.flush(); }
@Test public void shouldReturnErrorIfUserAndPasswordNotValidOrDontHaveAnyRoles() { when(authentication.getName()).thenReturn("my_username"); when(authentication.getCredentials()).thenReturn("my_password"); try { provider.authenticate(authentication); } catch (AuthenticationException e) { assertEquals("User or password not valid", e.getMessage()); } }
/** * 权限验证 * * @param username * @param password * @return */ private Response authentication(String username, String password) { try { Authentication authentication = authenticationManager.authenticate( // new UsernamePasswordAuthenticationToken(username, password)); SecurityContextHolder.getContext().setAuthentication(authentication); } catch (AuthenticationException e) { return buildErrorResponse(Status.UNAUTHORIZED, e.getMessage()); } return null; }
@RequestMapping(value = "/login", method = RequestMethod.GET) public ModelAndView login( HttpServletRequest request, HttpServletResponse response, HttpSession session) { final boolean debug = log.isDebugEnabled(); ModelAndView result = new ModelAndView(); // ...first check for an authentication object, if one exists we are already logged in... Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken) && authentication.isAuthenticated()) { try { if (debug) log.debug("User has already been authenticated. Redirecting to dashboard."); // Redirect to Dashboard.action for struts2 support response.sendRedirect("Dashboard.action"); return result; } catch (IOException e) { log.warn( "Could not perform the redirect for an authenticated user, displaying login page instead"); } } // ...we're dealing with an unauthenticated user, we're going to show the login form... AuthzSubject guestUser = authzSubjectManager.getSubjectById(AuthzConstants.guestId); // ...before we return, check for an error message... boolean loginError = request.getParameter("authfailed") != null; if (loginError) { if (session != null) { AuthenticationException ex = (AuthenticationException) session.getAttribute( AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); if (ex != null) { result.addObject("errorMessage", RequestUtils.message(request, ex.getMessage())); } } } result.addObject("guestUsername", (guestUser != null) ? guestUser.getName() : "guest"); result.addObject("guestEnabled", (guestUser != null && guestUser.getActive())); // ...set a response header so we can identify the login page explicitly... response.setHeader("hq-requires-auth", "1"); return result; }
@Override public void commence(HttpServletRequest req, HttpServletResponse res, AuthenticationException e) throws IOException, ServletException { res.setContentType(MediaType.APPLICATION_JSON_VALUE); Result<Map<String, Object>> result = new Result<Map<String, Object>>(); Meta meta = new Meta(); meta.setMessage(e.getMessage()); meta.setStatus(HttpStatus.UNAUTHORIZED); ErrorInfo errorInfo = new ErrorInfo( e.getMessage(), Integer.toString(org.apache.commons.httpclient.HttpStatus.SC_UNAUTHORIZED)); meta.setErrorInfo(errorInfo); result.setMeta(meta); PrintWriter out = res.getWriter(); ObjectMapper mapper = new ObjectMapper(); mapper.setSerializationInclusion(Include.NON_EMPTY); out.print(mapper.writeValueAsString(result)); out.close(); }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { if (RequestUtils.isAajaxRequest(request)) { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); PrintWriter writer = response.getWriter(); writer.write(exception.getMessage()); writer.flush(); } else { super.onAuthenticationFailure(request, response, exception); } }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException ae) throws IOException, ServletException { logger.info(" onAuthenticationFailure"); logger.info("classes " + ae.getClass()); // org.springframework.security.web.authentication.session.SessionAuthenticationException @SuppressWarnings("deprecation") UsernamePasswordAuthenticationToken user = (UsernamePasswordAuthenticationToken) ae.getAuthentication(); logger.info("xxxxxxxxx1 " + ae.getMessage()); logger.info("xxxxxxxxx2 " + ae.hashCode()); logger.info("xxxxxxxxx3 " + ae.toString()); // user contains required data // login/duplicate ==> Session exceeded // login/failure ==> invalid username or password if (user != null) response.sendRedirect("login/failure"); else response.sendRedirect("login/duplicate"); // Session exceeded /* onAuthenticationFailure xxxxxxxxx1 Maximum sessions of 1 for this principal exceeded xxxxxxxxx2 109033592 xxxxxxxxx3 org.springframework.security.web.authentication.session.SessionAuthenticationException: Maximum sessions of 1 for this principal exceeded user null*/ // invalid username or password /*onAuthenticationFailure xxxxxxxxx1 java.lang.NullPointerException xxxxxxxxx2 1637300018 xxxxxxxxx3 org.springframework.security.authentication.AuthenticationServiceException: java.lang.NullPointerException user org.springframework.security.authentication.UsernamePasswordAuthenticationToken@5b97ec2: Principal: sdsd; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: C602C7B2DFF3458815F9640ACC750D7F; Not granted any authorities */ // invalid password Only /*onAuthenticationFailure xxxxxxxxx1 Bad credentials xxxxxxxxx2 405682457 xxxxxxxxx3 org.springframework.security.authentication.BadCredentialsException: Bad credentials user org.springframework.security.authentication.UsernamePasswordAuthenticationToken@8b9d3a1a: Principal: MCA000049; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: C602C7B2DFF3458815F9640ACC750D7F; Not granted any authorities */ }
public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { if (defaultFailureUrl == null) { logger.debug("No failure URL set, sending 401 Unauthorized error"); System.out.println("emtra por aquiiiiiiiiiiiiiii 1111"); response.sendError( HttpServletResponse.SC_UNAUTHORIZED, "Authentication Failed: " + exception.getMessage()); } else { if (forwardToDestination) { logger.debug("Forwarding to " + defaultFailureUrl); request.getRequestDispatcher(defaultFailureUrl).forward(request, response); } else { System.out.println("entra por aqui 222222222 + " + exception); request.getRequestDispatcher("/attempt").include(request, response); /*logger.debug("Redirecting to " + defaultFailureUrl); redirectStrategy.sendRedirect(request, response, defaultFailureUrl);*/ } } }
public static void unsuccessfulAuthorization( HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) { if (StringUtils.isNotBlank(request.getHeader(PROXY_ENTITIES_CHAIN))) { response.setHeader(PROXY_ENTITIES_DETAILS, failed.getMessage()); } }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { response.sendRedirect("/?error=" + exception.getMessage()); }
public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) { /** 次数限制 */ HttpSession session = request.getSession(); if (exception.getMessage().equals("密码不正确")) { String name = request.getParameter( UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY); UserAccount u = null; if (commonDAO.findByPropertyName(UserAccount.class, "loginname", name).size() > 0) { u = commonDAO.findByPropertyName(UserAccount.class, "loginname", name).get(0); } Integer tryCount = (Integer) session.getAttribute(name + "_" + TRY_MAX_COUNT) == null ? 1 : (Integer) session.getAttribute(name + "_" + TRY_MAX_COUNT) + 1; if (tryCount > maxTryCount - 1) { // 锁定账户 u.setNonLocked(false); commonDAO.update(u); LogEntity le = new LogEntity(); le.setDate(DmDateUtil.Current()); le.setType("0"); le.setTitle("登录失败"); le.setContent("用户名:" + u.getName() + "--登录失败,密码错误超过最大登录尝试次数,已被锁定"); le.setUser(u.getName() + "(" + u.getLoginname() + "[" + u.getCode() + "])"); le.setIp(getIpAddress(request)); commonDAO.save(le); logger.info(le.getUser() + ">>" + le.getContent()); exception = new AuthenticationServiceException("超过最大登录尝试次数" + maxTryCount + ",用户已被锁定"); session.setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, exception); session.removeAttribute(name + "_" + TRY_MAX_COUNT); } else { session.setAttribute(name + "_" + TRY_MAX_COUNT, tryCount); exception = new BadCredentialsException(exception.getMessage() + ",剩余尝试次数" + (3 - tryCount)); LogEntity le = new LogEntity(); le.setDate(DmDateUtil.Current()); le.setType("0"); le.setTitle("登录失败"); le.setContent("用户名:" + u.getName() + "--登录失败"); le.setUser(u.getName() + "(" + u.getLoginname() + "[" + u.getCode() + "])"); le.setIp(getIpAddress(request)); commonDAO.save(le); logger.info(le.getUser() + ">>" + le.getContent()); } } /** 次数限制结束------------------ */ try { // 觉得默认跳转的地方 if (defaultFailureUrl == null) { logger.debug("No failure URL set, sending 401 Unauthorized error"); response.sendError( HttpServletResponse.SC_UNAUTHORIZED, "Authentication Failed: " + exception.getMessage()); } else { saveException(request, exception); if (forwardToDestination) { logger.debug("Forwarding to " + defaultFailureUrl); request.getRequestDispatcher(defaultFailureUrl).forward(request, response); } else { logger.debug("Redirecting to " + defaultFailureUrl); redirectStrategy.sendRedirect(request, response, defaultFailureUrl); } } } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (ServletException e) { // TODO Auto-generated catch block e.printStackTrace(); } }