Examples of javax.security.auth.login.FailedLoginException

javax.security.auth.login.FailedLoginException
Signals that user authentication failed.
This exception is thrown by LoginModules if authentication failed. For example, a {@code LoginModule} throws this exception ifthe user entered an incorrect password.

            tmpPassword = new char[0];
        }
        String password = users.getProperty(user);


        if (password == null) {
            throw new FailedLoginException("User does exist");
        }
        if (!password.equals(new String(tmpPassword))) {
            throw new FailedLoginException("Password does not match");
        }
        loginSucceeded = true;


        if (debug) {
            LOG.debug("login " + user);

View Full Code Here

        }
        certificates = ((CertificateCallback)callbacks[0]).getCertificates();


        username = getUserNameForCertificates(certificates);
        if (username == null) {
            throw new FailedLoginException("No user for client certificate: " + getDistinguishedName(certificates));
        }


        groups = getUserGroups(username);


        if (debug) {

View Full Code Here

        } catch (NullPointerException e) {
            //error handled in the next statement
        }
        if (userInfos == null) {
          if (!this.detailedLoginExcepion) {
            throw new FailedLoginException("login failed");
          } else {
            throw new FailedLoginException("User " + user + " does not exist");
          }
        }
        
        // the password is in the first position
        String[] infos = userInfos.split(",");
        String storedPassword = infos[0];
        
        // check if the stored password is flagged as encrypted
        String encryptedPassword = getEncryptedPassword(storedPassword);
        if (!storedPassword.equals(encryptedPassword)) {
            if (debug) {
                LOG.debug("The password isn't flagged as encrypted, encrypt it.");
            }
            if (debug) {
                LOG.debug("Rebuild the user informations string.");
            }
            userInfos = encryptedPassword + ",";
            for (int i = 1; i < infos.length; i++) {
                if (i == (infos.length - 1)) {
                    userInfos = userInfos + infos[i];
                } else {
                    userInfos = userInfos + infos[i] + ",";
                }
            }
            if (debug) {
                LOG.debug("Push back the user informations in the users properties.");
            }
            users.put(user, userInfos);
            try {
                if (debug) {
                    LOG.debug("Store the users properties file.");
                }
                users.save();
            } catch (IOException ioe) {
                LOG.warn("Unable to write user properties file " + f, ioe);
            }
            storedPassword = encryptedPassword;
        }


        // check the provided password
        if (!checkPassword(password, storedPassword)) {
          if (!this.detailedLoginExcepion) {
            throw new FailedLoginException("login failed");
          } else {
            throw new FailedLoginException("Password for " + user + " does not match");
          }
        }


        principals = new HashSet<Principal>();
        principals.add(new UserPrincipal(user));

View Full Code Here

            String password = new String(((PasswordCallback) callbacks[1]).getPassword());


            String userInfos = (String) properties.get(USER_PREFIX + user);
            if (userInfos == null) {
              if (!this.detailedLoginExcepion) {
                throw new FailedLoginException("login failed");
              } else {
                throw new FailedLoginException("User does not exist");
              }
            }
            String[] infos = userInfos.split(",");
            String storedPassword = infos[0];


            // check the provided password
            if (!checkPassword(password, storedPassword)) {
              if (!this.detailedLoginExcepion) {
                throw new FailedLoginException("login failed");
              } else {
                throw new FailedLoginException("Password for " + user + " does not match");
              }
            }


            principals = new HashSet<Principal>();
            principals.add(new UserPrincipal(user));

View Full Code Here

     */
    @Override
    protected String getUsersPassword() throws LoginException {
        String username = getUsername();
        if ("admin".equals(username)) {
            throw new FailedLoginException("Cannot log in as overlord");
        }
        String password = getUsernameAndPassword()[1]; // what did the user enter?
        Connection conn = null;
        PreparedStatement ps = null;
        ResultSet rs = null;


        try {
            InitialContext ctx = new InitialContext();
            DataSource ds = (DataSource) ctx.lookup(dsJndiName);
            conn = ds.getConnection();


            ps = conn.prepareStatement(principalsQuery);
            ps.setString(1, username);
            rs = ps.executeQuery();
            if (rs.next() == true) {
                throw new FailedLoginException("username found in principals - do not continue");
            }


            password = CryptoUtil.createPasswordHash("MD5", "base64", null, null, password); // return back the string entered by the user as a hash
        } catch (NamingException ex) {
            throw new LoginException(ex.toString(true));

View Full Code Here

     */
    @Override
    protected String getUsersPassword() throws LoginException {
        String username = getUsername();
        if ("admin".equals(username)) {
            throw new FailedLoginException("Cannot log in as overlord");
        }
        String password = null;
        Connection conn = null;
        PreparedStatement ps = null;
        ResultSet rs = null;


        try {
            InitialContext ctx = new InitialContext();
            DataSource ds = (DataSource) ctx.lookup(dsJndiName);
            conn = ds.getConnection();


            ps = conn.prepareStatement(principalsQuery);
            ps.setString(1, username);
            rs = ps.executeQuery();
            if (rs.next() == false) {
                throw new FailedLoginException("No matching username found in principals");
            }


            password = rs.getString(1);
        } catch (NamingException ex) {
            throw new LoginException(ex.toString(true));

View Full Code Here

        char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
        if (tmpPassword == null) {
            tmpPassword = new char[0];
        }
        if (user == null) {
            throw new FailedLoginException("user name is null");
        }
        String password = users.getProperty(user);


        if (password == null) {
            throw new FailedLoginException("User does exist");
        }
        if (!password.equals(new String(tmpPassword))) {
            throw new FailedLoginException("Password does not match");
        }
        loginSucceeded = true;


        if (debug) {
            LOG.debug("login " + user);

View Full Code Here

            log.debug("Create the LDAP initial context.");
        }
        try {
            context = open();
        } catch (NamingException ne) {
            FailedLoginException ex = new FailedLoginException("Error opening LDAP connection");
            ex.initCause(ne);
            throw ex;
        }
        
        if (!isLoginPropertySet(USER_SEARCH_MATCHING))
          return false;


        userSearchMatchingFormat = new MessageFormat(getLDAPPropertyValue(USER_SEARCH_MATCHING));
        userSearchSubtreeBool = Boolean.valueOf(getLDAPPropertyValue(USER_SEARCH_SUBTREE)).booleanValue();


        try {


            String filter = userSearchMatchingFormat.format(new String[] {
                username
            });
            SearchControls constraints = new SearchControls();
            if (userSearchSubtreeBool) {
                constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
            } else {
                constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
            }


            // setup attributes
            List<String> list = new ArrayList<String>();
            if (isLoginPropertySet(USER_ROLE_NAME)) {
                list.add(getLDAPPropertyValue(USER_ROLE_NAME));
            }
            String[] attribs = new String[list.size()];
            list.toArray(attribs);
            constraints.setReturningAttributes(attribs);


            if (log.isDebugEnabled()) {
                log.debug("Get the user DN.");
                log.debug("Looking for the user in LDAP with ");
                log.debug("  base DN: " + getLDAPPropertyValue(USER_BASE));
                log.debug("  filter: " + filter);
            }


            NamingEnumeration<SearchResult> results = context.search(getLDAPPropertyValue(USER_BASE), filter, constraints);


            if (results == null || !results.hasMore()) {
                log.warn("User " + username + " not found in LDAP.");
                throw new FailedLoginException("User " + username + " not found in LDAP.");
            }


            SearchResult result = results.next();


            if (results.hasMore()) {
                // ignore for now
            }
            NameParser parser = context.getNameParser("");
            Name contextName = parser.parse(context.getNameInNamespace());
            Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE));
            Name entryName = parser.parse(result.getName());
            Name name = contextName.addAll(baseName);
            name = name.addAll(entryName);
            String dn = name.toString();


            Attributes attrs = result.getAttributes();
            if (attrs == null) {
                throw new FailedLoginException("User found, but LDAP entry malformed: " + username);
            }
            List<String> roles = null;
            if (isLoginPropertySet(USER_ROLE_NAME)) {
                roles = addAttributeValues(getLDAPPropertyValue(USER_ROLE_NAME), attrs, roles);
            }


            // check the credentials by binding to server
            if (bindUser(context, dn, password)) {
                // if authenticated add more roles
                roles = getRoles(context, dn, username, roles);
                if (log.isDebugEnabled()) {
                    log.debug("Roles " + roles + " for user " + username);
                }
                for (int i = 0; i < roles.size(); i++) {
                    groups.add(new GroupPrincipal(roles.get(i)));
                }
            } else {
                throw new FailedLoginException("Password does not match for user: " + username);
            }
        } catch (CommunicationException e) {
            FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
            ex.initCause(e);
            throw ex;
        } catch (NamingException e) {
            if (context != null) {
                close(context);
            }
            FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
            ex.initCause(e);
            throw ex;
        }


        return true;
    }

View Full Code Here

            });
            loginContext.login();


            if (subject.getPrincipals().size() == 0) {
                // there must be some Principals, but which ones required are tested later
                throw new FailedLoginException("User does not have the required role");
            }


            return subject;
        } catch (LoginException e) {
            throw new SecurityException("Authentication failed", e);

View Full Code Here

            throw new LoginException("Username can not be null");
        }
        user = ((NameCallback) callbacks[0]).getName();
        if (user.startsWith(PropertiesBackingEngine.GROUP_PREFIX)) {
            // you can't log in under a group name
            throw new FailedLoginException("login failed");
        }


        // password callback get value
        if (((PasswordCallback) callbacks[1]).getPassword() == null) {
            throw new LoginException("Password can not be null");
        }
        String password = new String(((PasswordCallback) callbacks[1]).getPassword());


        // user infos container read from the users properties file
        String userInfos = null;


        try {
            userInfos = (String) users.get(user);
        } catch (NullPointerException e) {
            //error handled in the next statement
        }
        if (userInfos == null) {
          if (!this.detailedLoginExcepion) {
            throw new FailedLoginException("login failed");
          } else {
            throw new FailedLoginException("User " + user + " does not exist");
          }
        }
        
        // the password is in the first position
        String[] infos = userInfos.split(",");
        String storedPassword = infos[0];
        
        // check the provided password
        if (!checkPassword(password, storedPassword)) {
          if (!this.detailedLoginExcepion) {
            throw new FailedLoginException("login failed");
          } else {
            throw new FailedLoginException("Password for " + user + " does not match");
          }
        }


        principals = new HashSet<Principal>();
        principals.add(new UserPrincipal(user));

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of javax.security.auth.login.FailedLoginException

ca.eandb.util.auth.FileLoginModule

cgl.shindig.security.AbstractLoginModule

cgl.shindig.security.LocalAuthContext

com.cellasoft.jchat.server.AuthenticationServer

com.ecyrd.jspwiki.auth.login.CookieAssertionLoginModule

com.ecyrd.jspwiki.auth.login.UserDatabaseLoginModule

com.ecyrd.jspwiki.auth.login.WebContainerLoginModule

com.krminc.phr.security.PHRLogin

com.sun.security.auth.module.KeyStoreLoginModule

de.iritgo.aktera.authentication.defaultauth.LoginHelper

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.