Java Code Examples for org.springframework.security.core.userdetails.UserDetails#isEnabled()

The following examples show how to use org.springframework.security.core.userdetails.UserDetails#isEnabled() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: OpenIdAuthenticationProvider.java    From cola with MIT License 7 votes vote down vote up
@Override
public void check(UserDetails user) {
	if (!user.isAccountNonLocked()) {
		logger.debug("User account is locked");

		throw new LockedException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.locked",
				"User account is locked"));
	}

	if (!user.isEnabled()) {
		logger.debug("User account is disabled");

		throw new DisabledException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.disabled",
				"User is disabled"));
	}

	if (!user.isAccountNonExpired()) {
		logger.debug("User account is expired");

		throw new AccountExpiredException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.expired",
				"User account has expired"));
	}
}
 
Example 2
Source File: SmsAuthenticationProvider.java    From cola with MIT License 6 votes vote down vote up
@Override
public void check(UserDetails user) {
	if (!user.isAccountNonLocked()) {
		logger.debug("User account is locked");

		throw new LockedException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.locked",
				"User account is locked"));
	}

	if (!user.isEnabled()) {
		logger.debug("User account is disabled");

		throw new DisabledException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.disabled",
				"User is disabled"));
	}

	if (!user.isAccountNonExpired()) {
		logger.debug("User account is expired");

		throw new AccountExpiredException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.expired",
				"User account has expired"));
	}
}
 
Example 3
Source File: AcAuthenticationProvider.java    From cola with MIT License 6 votes vote down vote up
@Override
public void check(UserDetails user) {
	if (!user.isAccountNonLocked()) {
		logger.debug("User account is locked");

		throw new LockedException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.locked",
				"User account is locked"));
	}

	if (!user.isEnabled()) {
		logger.debug("User account is disabled");

		throw new DisabledException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.disabled",
				"User is disabled"));
	}

	if (!user.isAccountNonExpired()) {
		logger.debug("User account is expired");

		throw new AccountExpiredException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.expired",
				"User account has expired"));
	}
}
 
Example 4
Source File: JwtTokenFilter.java    From server with MIT License 6 votes vote down vote up
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) {
        filterChain.doFilter(request, response);
        return;
    }

    String token = JwtTokenUtil.getTokenFromHttpRequestHeader(request);
    if (!StringUtils.isEmpty(token)) {
        String username = JwtTokenUtil.parseUsername(token);
        if (username != null) {
            try {
                UserDetails userDetails = userDetailsService.loadUserByUsername(username);
                if (userDetails.isEnabled()) {
                    Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
                    SecurityContextHolder.getContext().setAuthentication(auth);
                }
            } catch (UsernameNotFoundException ign) {
            }
        }
    }

    filterChain.doFilter(request, response);
}
 
Example 5
Source File: WebAuthnAuthenticationProvider.java    From webauthn4j-spring-security with Apache License 2.0 6 votes vote down vote up
@Override
public void check(UserDetails user) {
    if (!user.isAccountNonLocked()) {
        logger.debug("User account is locked");

        throw new LockedException(messages.getMessage(
                "WebAuthnAuthenticationProvider.locked",
                "User account is locked"));
    }

    if (!user.isEnabled()) {
        logger.debug("User account is disabled");

        throw new DisabledException(messages.getMessage(
                "WebAuthnAuthenticationProvider.disabled",
                "User is disabled"));
    }

    if (!user.isAccountNonExpired()) {
        logger.debug("User account is expired");

        throw new AccountExpiredException(messages.getMessage(
                "WebAuthnAuthenticationProvider.expired",
                "User account has expired"));
    }
}
 
Example 6
Source File: TgolUserDetailsService.java    From Asqatasun with GNU Affero General Public License v3.0 6 votes vote down vote up
@Override
protected UserDetails createUserDetails(String username, UserDetails userFromUserQuery,
        List<GrantedAuthority> combinedAuthorities) {
    
    User user = userDataService.getUserFromEmail(username);

    return new TgolUserDetails(
            username, 
            userFromUserQuery.getPassword(), 
            userFromUserQuery.isEnabled(),
            true, 
            true, 
            true, 
            combinedAuthorities,
            user);
}
 
Example 7
Source File: MobileCodeAuthenticationProvider.java    From springcloud-oauth2 with MIT License 5 votes vote down vote up
/**
 * 账号禁用、锁定、超时校验
 *
 * @param user
 */
private void check(UserDetails user) {
    if (!user.isAccountNonLocked()) {
        throw new LockedException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"));
    } else if (!user.isEnabled()) {
        throw new DisabledException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
    } else if (!user.isAccountNonExpired()) {
        throw new AccountExpiredException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"));
    }
}
 
Example 8
Source File: AbstractUserDetailsAuthenticationProvider.java    From Taroco with Apache License 2.0 5 votes vote down vote up
@Override
public void check(UserDetails user) {
    if (!user.isAccountNonLocked()) {
        log.debug("User account is locked");
        throw new LockedException(AbstractUserDetailsAuthenticationProvider.this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"));
    } else if (!user.isEnabled()) {
        log.debug("User account is disabled");
        throw new DisabledException(AbstractUserDetailsAuthenticationProvider.this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
    } else if (!user.isAccountNonExpired()) {
        log.debug("User account is expired");
        throw new AccountExpiredException(AbstractUserDetailsAuthenticationProvider.this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"));
    }
}
 
Example 9
Source File: HSQLAuthenticationProvider.java    From maven-framework-project with MIT License 5 votes vote down vote up
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    log.trace("authenticate()");
    log.debug("authenticating: " + authentication);
    String clearText = String.valueOf(authentication.getCredentials());
    UserDetails userDetails = this.retrieveUser(authentication.getName(), (UsernamePasswordAuthenticationToken) authentication);

    if (!StringUtils.equals(clearText, userDetails.getPassword())){
        throw new BadCredentialsException("invalid password");
    }
    if (!userDetails.isEnabled()){
        throw new BadCredentialsException("User not enabled");
    }
    return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
}
 
Example 10
Source File: HSQLAuthenticationProvider.java    From maven-framework-project with MIT License 5 votes vote down vote up
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
    log.trace("additionalAuthenticationChecks()");
    log.debug("isEnabled: " + userDetails.isEnabled());
    if (!userDetails.isEnabled()){
        throw new BadCredentialsException("User not enabled");
    }
}
 
Example 11
Source File: ActivitiAuthenticationProvider.java    From maven-framework-project with MIT License 5 votes vote down vote up
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    log.trace("authenticate()");
    log.debug("authenticating: " + authentication);
    String clearText = String.valueOf(authentication.getCredentials());
    UserDetails userDetails = this.retrieveUser(authentication.getName(), (UsernamePasswordAuthenticationToken) authentication);

    if (!Objects.equal(clearText, userDetails.getPassword())) {
        throw new BadCredentialsException("invalid password");
    }
    if (!userDetails.isEnabled()) {
        throw new BadCredentialsException("User not enabled");
    }
    return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
}
 
Example 12
Source File: ActivitiAuthenticationProvider.java    From maven-framework-project with MIT License 5 votes vote down vote up
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
    log.trace("additionalAuthenticationChecks()");
    log.debug("isEnabled: " + userDetails.isEnabled());
    if (!userDetails.isEnabled()) {
        throw new BadCredentialsException("User not enabled");
    }
}
 
Example 13
Source File: MolgenisUserDetailsChecker.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public void check(UserDetails userDetails) {
  if (!userDetails.isEnabled()) {
    throw new DisabledException(
        messages.getMessage("AccountStatusUserDetailsChecker.disabled", "User is not active")
            + ' '
            + userDetails.toString());
  }
}
 
Example 14
Source File: LoginAuthenticationFilter.java    From mall4j with GNU Affero General Public License v3.0 4 votes vote down vote up
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
    if (!ServletUtil.METHOD_POST.equals(request.getMethod())) {
        throw new AuthenticationServiceException(
                "Authentication method not supported: " + request.getMethod());
    }
    String requestBody = getStringFromStream(request);

    if (StrUtil.isBlank(requestBody)) {
        throw new AuthenticationServiceException("无法获取输入信息");
    }
    AdminAuthenticationToken adminAuthenticationToken  =  Json.parseObject(requestBody, AdminAuthenticationToken.class);


    String username = adminAuthenticationToken.getPrincipal() == null?"NONE_PROVIDED":adminAuthenticationToken.getName();


    String kaptchaKey = SecurityConstants.SPRING_SECURITY_RESTFUL_IMAGE_CODE + adminAuthenticationToken.getSessionUUID();

    String kaptcha = RedisUtil.get(kaptchaKey);

    RedisUtil.del(kaptchaKey);

    if(StrUtil.isBlank(adminAuthenticationToken.getImageCode()) || !adminAuthenticationToken.getImageCode().equalsIgnoreCase(kaptcha)){
        throw new ImageCodeNotMatchExceptionBase("验证码有误");
    }

    UserDetails user;
    try {
        user = yamiUserDetailsService.loadUserByUsername(username);
    } catch (UsernameNotFoundExceptionBase var6) {
        throw new UsernameNotFoundExceptionBase("账号或密码不正确");
    }

    String encodedPassword = user.getPassword();
    String rawPassword = adminAuthenticationToken.getCredentials().toString();

    // 密码不正确
    if (!passwordEncoder.matches(rawPassword,encodedPassword)){
        throw new BadCredentialsExceptionBase("账号或密码不正确");
    }

    if (!user.isEnabled()) {
        throw new UsernameNotFoundExceptionBase("账号已被锁定,请联系管理员");
    }
    AdminAuthenticationToken result = new AdminAuthenticationToken(user, adminAuthenticationToken.getCredentials());
    result.setDetails(adminAuthenticationToken.getDetails());
    return result;
}