Examples of AuthTokenRequiredException

Examples of org.apache.juddi.error.AuthTokenRequiredException

70
71
72
73
74
75
76
77
78
79
80
      Publisher publisher = getPublisher(authInfo,dataStore);
      String publisherID = publisher.getPublisherID();

      String authToken = authInfo.getValue();
      if ((authInfo == null) || (authInfo.getValue() == null))
        throw new AuthTokenRequiredException("discard_authToken: "+
            "authInfo="+authInfo);

      dataStore.retireAuthToken(authToken);
      dataStore.commit();
View Full Code Here

Examples of org.apache.juddi.error.AuthTokenRequiredException

70
71
72
73
74
75
76
77
78
79
80
      Publisher publisher = getPublisher(authInfo,dataStore);
      String publisherID = publisher.getPublisherID();

      String authToken = authInfo.getValue();
      if ((authInfo == null) || (authInfo.getValue() == null))
        throw new AuthTokenRequiredException("authInfo="+authInfo);

      dataStore.retireAuthToken(authToken);
      dataStore.commit();

      log.info("Publisher '"+publisherID+"' has discarded AuthToken: "+authToken);
View Full Code Here

Examples of org.apache.juddi.error.AuthTokenRequiredException

62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
    throws RegistryException
  {
    Publisher publisher = null;

    if ((authInfo == null) || (authInfo.getValue() == null))
      throw new AuthTokenRequiredException("authToken: null");

    String authToken = authInfo.getValue();
    if (authToken.trim().length() == 0)
      throw new AuthTokenRequiredException("authToken: "+authToken);

    publisher = dataStore.getAuthTokenPublisher(authToken);
    if (publisher == null)
      throw new AuthTokenRequiredException("authToken: "+authToken);

    if (dataStore.isAuthTokenExpired(authToken))
      throw new AuthTokenExpiredException("authToken: "+authToken);

    // Token is valid so 'touch' so that it's
View Full Code Here

Examples of org.apache.juddi.error.AuthTokenRequiredException

36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
  public static final int AUTHTOKEN_RETIRED = 0;
 
  public UddiEntityPublisher getEntityPublisher(EntityManager em, String authInfo) throws DispositionReportFaultMessage {
   
    if (authInfo == null || authInfo.length() == 0)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthRequired"));
   
    org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, authInfo);
    if (modelAuthToken == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
   
    if (modelAuthToken.getTokenState() == AUTHTOKEN_RETIRED)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
   
    Authenticator authenticator = AuthenticatorFactory.getAuthenticator();
    UddiEntityPublisher entityPublisher = authenticator.identify(authInfo, modelAuthToken.getAuthorizedName());
   
    // Must make sure the returned publisher has all the necessary fields filled
    if (entityPublisher == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));

    if (entityPublisher.getAuthorizedName() == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));

    // Auth token is being used.  Adjust appropriate values so that it's internal 'expiration clock' is reset.
    modelAuthToken.setLastUsed(new Date());
    modelAuthToken.setNumberOfUses(modelAuthToken.getNumberOfUses() + 1);
   
View Full Code Here

Examples of org.apache.juddi.v3.error.AuthTokenRequiredException

36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
  public static final int AUTHTOKEN_RETIRED = 0;
 
  public UddiEntityPublisher getEntityPublisher(EntityManager em, String authInfo) throws DispositionReportFaultMessage {
   
    if (authInfo == null || authInfo.length() == 0)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthRequired"));
   
    org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, authInfo);
    if (modelAuthToken == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
   
    if (modelAuthToken.getTokenState() == AUTHTOKEN_RETIRED)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
   
    Authenticator authenticator = AuthenticatorFactory.getAuthenticator();
    UddiEntityPublisher entityPublisher = authenticator.identify(authInfo, modelAuthToken.getAuthorizedName());
   
    // Must make sure the returned publisher has all the necessary fields filled
    if (entityPublisher == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));

    if (entityPublisher.getAuthorizedName() == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));

    // Auth token is being used.  Adjust appropriate values so that it's internal 'expiration clock' is reset.
    modelAuthToken.setLastUsed(new Date());
    modelAuthToken.setNumberOfUses(modelAuthToken.getNumberOfUses() + 1);
   
View Full Code Here

Examples of org.apache.juddi.v3.error.AuthTokenRequiredException

139
140
141
142
143
144
145
146
147
148
149
      if (publisher == null)
        throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));
     
      AuthToken at = em.find(AuthToken.class, authInfo);
      if (at == null)
        throw new AuthTokenRequiredException(new ErrorMessage("E_authTokenRequired", authInfo));       
    } finally {
      if (tx.isActive()) {
        tx.rollback();
      }
      em.close();
View Full Code Here

Examples of org.apache.juddi.v3.error.AuthTokenRequiredException

51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
        @Resource
        protected WebServiceContext ctx;
  public UddiEntityPublisher getEntityPublisher(EntityManager em, String authInfo) throws DispositionReportFaultMessage {
   
    if (authInfo == null || authInfo.length() == 0)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthRequired"));
   
    org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, authInfo);
    if (modelAuthToken == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
 
    int allowedMinutesOfInactivity = 0;
    try {
      allowedMinutesOfInactivity = AppConfig.getConfiguration().getInt(Property.JUDDI_AUTH_TOKEN_TIMEOUT, 0);
    } catch (ConfigurationException ce) {
      logger.error("Error reading property " + Property.JUDDI_AUTH_TOKEN_EXPIRATION + " from "
          + "the application's configuration. No automatic timeout token invalidation will occur. "
          + ce.getMessage(), ce);
    }
    int maxMinutesOfAge = 0;
    try {
      maxMinutesOfAge = AppConfig.getConfiguration().getInt(Property.JUDDI_AUTH_TOKEN_EXPIRATION, 0);
    } catch (ConfigurationException ce) {
      logger.error("Error reading property " + Property.JUDDI_AUTH_TOKEN_EXPIRATION + " from "
          + "the application's configuration. No automatic timeout token invalidation will occur. "
          + ce.getMessage(), ce);
    }
    Date now = new Date();
    // 0 or negative means token does not expire
    if (allowedMinutesOfInactivity > 0) {
      // expire tokens after # minutes of inactivity
      // compare the time in milli-seconds
      if (now.getTime() > modelAuthToken.getLastUsed().getTime() + allowedMinutesOfInactivity * 60000l) {
        logger.info("AUDIT: FAILTURE Token " + modelAuthToken.getAuthToken() + " expired due to inactivity "+getRequestorsIPAddress());
        modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
      }
    }
    if (maxMinutesOfAge > 0) {
      // expire tokens when max age is reached
      // compare the time in milli-seconds
      if (now.getTime() > modelAuthToken.getCreated().getTime()  + maxMinutesOfAge * 60000l) {
                           
        logger.info("AUDIT: FAILURE - Token " + modelAuthToken.getAuthorizedName() + " expired due to old age " + getRequestorsIPAddress());
        modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
      }
    }

    if (modelAuthToken.getTokenState() == AUTHTOKEN_RETIRED){
                   
      throw new AuthTokenExpiredException(new ErrorMessage("errors.auth.AuthTokenExpired"));
                }
    if (ctx !=null){
                    try{
                        boolean check=true;
                        try{
                            check=AppConfig.getConfiguration().getBoolean(Property.JUDDI_AUTH_TOKEN_ENFORCE_SAME_IP, true);
                        }
                        catch (ConfigurationException ex){
                            logger.warn("Error loading config property " + Property.JUDDI_AUTH_TOKEN_ENFORCE_SAME_IP +
                                    " Enforcing Same IP for Auth Tokens will be enabled by default", ex);
                        }
                        if (check){
                            MessageContext mc = ctx.getMessageContext();
                            HttpServletRequest req = null;
                            if (mc!=null){
                                req=(HttpServletRequest)mc.get(MessageContext.SERVLET_REQUEST);
                            }
                            if (req!=null &&
                                    modelAuthToken.getIPAddress()!=null &&
                                    modelAuthToken.getIPAddress()!=null &&
                                    !modelAuthToken.getIPAddress().equalsIgnoreCase(req.getRemoteAddr()))
                            {
                                modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
                                logger.error("AUDIT FAILURE - Security Alert - Attempt to use issued auth token from a different IP address, user " +
                                        modelAuthToken.getAuthorizedName() + ", issued IP " + modelAuthToken.getIPAddress() +
                                        ", attempted use from " + req.getRemoteAddr() + ", forcing reauthentication.");
                                throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
                                //invalidate the token, someone's intercepted it or it was reused on another ip
                            }
                        }
                    }
                    catch (Exception ex){
                        if (ex instanceof AuthTokenRequiredException)
                            throw (AuthTokenRequiredException)ex;
                        logger.error("unexpected error caught looking up requestor's ip address", ex);
                    }
                   
                }
    Authenticator authenticator = AuthenticatorFactory.getAuthenticator();
    UddiEntityPublisher entityPublisher = authenticator.identify(authInfo, modelAuthToken.getAuthorizedName());
   
    // Must make sure the returned publisher has all the necessary fields filled
    if (entityPublisher == null) {
                    logger.warn("AUDIT FAILURE - Auth token invalided, publisher does not exist "+ getRequestorsIPAddress());
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
                }
    if (entityPublisher.getAuthorizedName() == null){
                    logger.warn("AUDIT FAILURE - Auth token invalided, username does exist"+ getRequestorsIPAddress());
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
                }
    // Auth token is being used.  Adjust appropriate values so that it's internal 'expiration clock' is reset.
    modelAuthToken.setLastUsed(new Date());
    modelAuthToken.setNumberOfUses(modelAuthToken.getNumberOfUses() + 1);
   
View Full Code Here

Examples of org.apache.juddi.v3.error.AuthTokenRequiredException

45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
  Log logger = LogFactory.getLog(this.getClass());
 
  public UddiEntityPublisher getEntityPublisher(EntityManager em, String authInfo) throws DispositionReportFaultMessage {
   
    if (authInfo == null || authInfo.length() == 0)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthRequired"));
   
    org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, authInfo);
    if (modelAuthToken == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
 
    int allowedMinutesOfInactivity = 0;
    try {
      allowedMinutesOfInactivity = AppConfig.getConfiguration().getInt(Property.JUDDI_AUTH_TOKEN_TIMEOUT, 0);
    } catch (ConfigurationException ce) {
      logger.error("Error reading property " + Property.JUDDI_AUTH_TOKEN_EXPIRATION + " from "
          + "the application's configuration. No automatic timeout token invalidation will occur. "
          + ce.getMessage(), ce);
    }
    int maxMinutesOfAge = 0;
    try {
      maxMinutesOfAge = AppConfig.getConfiguration().getInt(Property.JUDDI_AUTH_TOKEN_EXPIRATION, 0);
    } catch (ConfigurationException ce) {
      logger.error("Error reading property " + Property.JUDDI_AUTH_TOKEN_EXPIRATION + " from "
          + "the application's configuration. No automatic timeout token invalidation will occur. "
          + ce.getMessage(), ce);
    }
    Date now = new Date();
    // 0 or negative means token does not expire
    if (allowedMinutesOfInactivity > 0) {
      // expire tokens after # minutes of inactivity
      // compare the time in milli-seconds
      if (now.getTime() > modelAuthToken.getLastUsed().getTime() + allowedMinutesOfInactivity * 60000l) {
        logger.debug("Token " + modelAuthToken.getAuthToken() + " expired due to inactivity");
        modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
      }
    }
    if (maxMinutesOfAge > 0) {
      // expire tokens when max age is reached
      // compare the time in milli-seconds
      if (now.getTime() > modelAuthToken.getCreated().getTime()  + maxMinutesOfAge * 60000l) {
        logger.debug("Token " + modelAuthToken.getAuthToken() + " expired due to old age");
        modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
      }
    }

    if (modelAuthToken.getTokenState() == AUTHTOKEN_RETIRED)
      throw new AuthTokenExpiredException(new ErrorMessage("errors.auth.AuthTokenExpired"));
   
    Authenticator authenticator = AuthenticatorFactory.getAuthenticator();
    UddiEntityPublisher entityPublisher = authenticator.identify(authInfo, modelAuthToken.getAuthorizedName());
   
    // Must make sure the returned publisher has all the necessary fields filled
    if (entityPublisher == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));

    if (entityPublisher.getAuthorizedName() == null)
      throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));

    // Auth token is being used.  Adjust appropriate values so that it's internal 'expiration clock' is reset.
    modelAuthToken.setLastUsed(new Date());
    modelAuthToken.setNumberOfUses(modelAuthToken.getNumberOfUses() + 1);
   
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.