org.jasig.cas.authentication.HandlerResult Java Examples

The following examples show how to use org.jasig.cas.authentication.HandlerResult. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: X509CredentialsAuthenticationHandlerTests.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
/**
 * Tests the {@link X509CredentialsAuthenticationHandler#authenticate(org.jasig.cas.authentication.Credential)} method.
 */
@Test
public void verifyAuthenticate() {
    try {
        if (this.handler.supports(this.credential)) {
            final HandlerResult result = this.handler.authenticate(this.credential);
            if (this.expectedResult instanceof DefaultHandlerResult) {
                assertEquals(this.expectedResult, result);
            } else {
                fail("Authentication succeeded when it should have failed with " + this.expectedResult);
            }
        }
    } catch (final Exception e) {
        if (this.expectedResult instanceof Exception) {
            assertEquals(this.expectedResult.getClass(), e.getClass());
        } else {
            fail("Authentication failed when it should have succeeded.");
        }
    }
}
 
Example #2
Source File: SimpleTestUsernamePasswordAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Override
public HandlerResult authenticate(final Credential credential)
        throws GeneralSecurityException, PreventedException {

    final UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
    final String username = usernamePasswordCredential.getUsername();
    final String password = usernamePasswordCredential.getPassword();

    final Exception exception = this.usernameErrorMap.get(username);
    if (exception instanceof GeneralSecurityException) {
        throw (GeneralSecurityException) exception;
    } else if (exception instanceof PreventedException) {
        throw (PreventedException) exception;
    } else if (exception instanceof RuntimeException) {
        throw (RuntimeException) exception;
    } else if (exception != null) {
        logger.debug("Cannot throw checked exception {} since it is not declared by method signature.", exception);
    }

    if (StringUtils.hasText(username) && StringUtils.hasText(password) && username.equals(password)) {
        logger.debug("User [{}] was successfully authenticated.", username);
        return new DefaultHandlerResult(this, new BasicCredentialMetaData(credential));
    }
    logger.debug("User [{}] failed authentication", username);
    throw new FailedLoginException();
}
 
Example #3
Source File: OpenIdCredentialsAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Override
public HandlerResult authenticate(final Credential credential) throws GeneralSecurityException {
    final OpenIdCredential c = (OpenIdCredential) credential;

    final TicketGrantingTicket t = this.ticketRegistry.getTicket(c.getTicketGrantingTicketId(),
                    TicketGrantingTicket.class);

    if (t == null || t.isExpired()) {
        throw new FailedLoginException("TGT is null or expired.");
    }
    final Principal principal = t.getAuthentication().getPrincipal();
    if (!principal.getId().equals(c.getUsername())) {
        throw new FailedLoginException("Principal ID mismatch");
    }
    return new DefaultHandlerResult(this, new BasicCredentialMetaData(c), principal);
}
 
Example #4
Source File: SearchModeSearchDatabaseAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 6 votes vote down vote up
/** {@inheritDoc} */
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
        throws GeneralSecurityException, PreventedException {

    final String username = credential.getUsername();
    final String encyptedPassword = getPasswordEncoder().encode(credential.getPassword());
    final int count;
    try {
        count = getJdbcTemplate().queryForObject(this.sql, Integer.class, username, encyptedPassword);
    } catch (final DataAccessException e) {
        throw new PreventedException("SQL exception while executing query for " + username, e);
    }
    if (count == 0) {
        throw new FailedLoginException(username + " not found with SQL query.");
    }
    return createHandlerResult(credential, new SimplePrincipal(username), null);
}
 
Example #5
Source File: AbstractUsernamePasswordAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 6 votes vote down vote up
/** {@inheritDoc} */
@Override
protected final HandlerResult doAuthentication(final Credential credential)
        throws GeneralSecurityException, PreventedException {
    final UsernamePasswordCredential userPass = (UsernamePasswordCredential) credential;
    if (userPass.getUsername() == null) {
        throw new AccountNotFoundException("Username is null.");
    }
    
    final String transformedUsername= this.principalNameTransformer.transform(userPass.getUsername());
    if (transformedUsername == null) {
        throw new AccountNotFoundException("Transformed username is null.");
    }
    userPass.setUsername(transformedUsername);
    return authenticateUsernamePasswordInternal(userPass);
}
 
Example #6
Source File: X509CredentialsAuthenticationHandlerTests.java    From cas4.0.x-server-wechat with Apache License 2.0 6 votes vote down vote up
/**
 * Tests the {@link X509CredentialsAuthenticationHandler#authenticate(org.jasig.cas.authentication.Credential)} method.
 */
@Test
public void testAuthenticate() {
    try {
        if (this.handler.supports(this.credential)) {
            final HandlerResult result = this.handler.authenticate(this.credential);
            if (this.expectedResult instanceof HandlerResult) {
                assertEquals(this.expectedResult, result);
            } else {
                fail("Authentication succeeded when it should have failed with " + this.expectedResult);
            }
        }
    } catch (final Exception e) {
        if (this.expectedResult instanceof Exception) {
            assertEquals(this.expectedResult.getClass(), e.getClass());
        } else {
            fail("Authentication failed when it should have succeeded.");
        }
    }
}
 
Example #7
Source File: RadiusAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 6 votes vote down vote up
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
        throws GeneralSecurityException, PreventedException {

    final String username = credential.getUsername();
    for (final RadiusServer radiusServer : this.servers) {
        logger.debug("Attempting to authenticate {} at {}", username, radiusServer);
        try {
            if (radiusServer.authenticate(username, credential.getPassword())) {
                return createHandlerResult(credential, new SimplePrincipal(username), null);
            } 
            
            if (!this.failoverOnAuthenticationFailure) {
                throw new FailedLoginException();
            }
            logger.debug("failoverOnAuthenticationFailure enabled -- trying next server");
        } catch (final PreventedException e) {
            if (!this.failoverOnException) {
                throw e;
            }
            logger.warn("failoverOnException enabled -- trying next server.", e);
        }
    }
    throw new FailedLoginException();
}
 
Example #8
Source File: FileAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 6 votes vote down vote up
/** {@inheritDoc} */
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
        throws GeneralSecurityException, PreventedException {
    try {
        
        final String username = credential.getUsername();
        final String passwordOnRecord = getPasswordOnRecord(username);
        if (passwordOnRecord == null) {
            throw new AccountNotFoundException(username + " not found in backing file.");
        }
        if (credential.getPassword() != null
                && this.getPasswordEncoder().encode(credential.getPassword()).equals(passwordOnRecord)) {
            return createHandlerResult(credential, new SimplePrincipal(username), null);
        }
    } catch (final IOException e) {
        throw new PreventedException("IO error reading backing file", e);
    }
    throw new FailedLoginException();
}
 
Example #9
Source File: HttpBasedServiceCredentialsAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Override
public HandlerResult authenticate(final Credential credential) throws GeneralSecurityException {
    final HttpBasedServiceCredential httpCredential = (HttpBasedServiceCredential) credential;
    if (!httpCredential.getService().getProxyPolicy().isAllowedProxyCallbackUrl(httpCredential.getCallbackUrl())) {
        logger.warn("Proxy policy for service [{}] cannot authorize the requested callbackurl [{}]",
                httpCredential.getService(), httpCredential.getCallbackUrl());
        throw new FailedLoginException(httpCredential.getCallbackUrl() + " cannot be authorized");
    }

    logger.debug("Attempting to authenticate {}", httpCredential);
    final URL callbackUrl = httpCredential.getCallbackUrl();
    if (!this.httpClient.isValidEndPoint(callbackUrl)) {
        throw new FailedLoginException(callbackUrl.toExternalForm() + " sent an unacceptable response status code");
    }
    return new DefaultHandlerResult(this, httpCredential, this.principalFactory.createPrincipal(httpCredential.getId()));
}
 
Example #10
Source File: FileAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
        throws GeneralSecurityException, PreventedException {
    try {
        final String username = credential.getUsername();
        final String passwordOnRecord = getPasswordOnRecord(username);
        if (StringUtils.isBlank(passwordOnRecord)) {
            throw new AccountNotFoundException(username + " not found in backing file.");
        }
        final String password = credential.getPassword();
        if (StringUtils.isNotBlank(password) && this.getPasswordEncoder().encode(password).equals(passwordOnRecord)) {
            return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null);
        }
    } catch (final IOException e) {
        throw new PreventedException("IO error reading backing file", e);
    }
    throw new FailedLoginException();
}
 
Example #11
Source File: AbstractUsernamePasswordAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
/**
 * {@inheritDoc}
 **/
@Override
protected final HandlerResult doAuthentication(final Credential credential)
        throws GeneralSecurityException, PreventedException {
    final UsernamePasswordCredential userPass = (UsernamePasswordCredential) credential;
    if (userPass.getUsername() == null) {
        throw new AccountNotFoundException("Username is null.");
    }
    
    final String transformedUsername= this.principalNameTransformer.transform(userPass.getUsername());
    if (transformedUsername == null) {
        throw new AccountNotFoundException("Transformed username is null.");
    }
    userPass.setUsername(transformedUsername);
    return authenticateUsernamePasswordInternal(userPass);
}
 
Example #12
Source File: OpenIdCredentialsAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 6 votes vote down vote up
@Override
public HandlerResult authenticate(final Credential credential) throws GeneralSecurityException {
    final OpenIdCredential c = (OpenIdCredential) credential;

    final TicketGrantingTicket t = this.ticketRegistry.getTicket(c.getTicketGrantingTicketId(),
                    TicketGrantingTicket.class);

    if (t == null || t.isExpired()) {
        throw new FailedLoginException("TGT is null or expired.");
    }
    final Principal principal = t.getAuthentication().getPrincipal();
    if (!principal.getId().equals(c.getUsername())) {
        throw new FailedLoginException("Principal ID mismatch");
    }
    return new HandlerResult(this, new BasicCredentialMetaData(c), principal);
}
 
Example #13
Source File: ClientAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
protected HandlerResult createResult(final ClientCredential credentials, final UserProfile profile)
    throws GeneralSecurityException, PreventedException {
    final String id;
    if (typedIdUsed) {
        id = profile.getTypedId();
    } else {
        id = profile.getId();
    }
    if (StringUtils.isNotBlank(id)) {
        credentials.setUserProfile(profile);
        return new DefaultHandlerResult(
            this,
            new BasicCredentialMetaData(credentials),
            this.principalFactory.createPrincipal(id, profile.getAttributes()));
    }
    throw new FailedLoginException("No identifier found for this user profile: " + profile);
}
 
Example #14
Source File: QueryAndEncodeDatabaseAuthenticationHandlerTests.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Test
public void verifyAuthenticationSuccessfulWithAPasswordEncoder() throws Exception {
    final QueryAndEncodeDatabaseAuthenticationHandler q =
            new QueryAndEncodeDatabaseAuthenticationHandler(this.dataSource, buildSql(),
                    ALG_NAME);
    q.setNumberOfIterationsFieldName("numIterations");
    q.setStaticSalt(STATIC_SALT);
    q.setPasswordEncoder(new PasswordEncoder() {
        @Override
        public String encode(final String password) {
            return password.concat("1");
        }
    });

    q.setPrincipalNameTransformer(new PrefixSuffixPrincipalNameTransformer("user", null));
    final HandlerResult r = q.authenticateUsernamePasswordInternal(
            TestUtils.getCredentialsWithDifferentUsernameAndPassword("1", "user"));

    assertNotNull(r);
    assertEquals(r.getPrincipal().getId(), "user1");
}
 
Example #15
Source File: SimpleTestUsernamePasswordAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 6 votes vote down vote up
@Override
public HandlerResult authenticate(final Credential credential)
        throws GeneralSecurityException, PreventedException {

    final UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
    final String username = usernamePasswordCredential.getUsername();
    final String password = usernamePasswordCredential.getPassword();

    final Exception exception = this.usernameErrorMap.get(username);
    if (exception instanceof GeneralSecurityException) {
        throw (GeneralSecurityException) exception;
    } else if (exception instanceof PreventedException) {
        throw (PreventedException) exception;
    } else if (exception instanceof RuntimeException) {
        throw (RuntimeException) exception;
    } else if (exception != null) {
        logger.debug("Cannot throw checked exception {} since it is not declared by method signature.", exception);
    }

    if (StringUtils.hasText(username) && StringUtils.hasText(password) && username.equals(password)) {
        logger.debug("User [{}] was successfully authenticated.", username);
        return new HandlerResult(this, new BasicCredentialMetaData(credential));
    }
    logger.debug("User [{}] failed authentication", username);
    throw new FailedLoginException();
}
 
Example #16
Source File: SearchModeSearchDatabaseAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
        throws GeneralSecurityException, PreventedException {

    final String username = credential.getUsername();
    final String encyptedPassword = getPasswordEncoder().encode(credential.getPassword());
    final int count;
    try {
        count = getJdbcTemplate().queryForObject(this.sql, Integer.class, username, encyptedPassword);
    } catch (final DataAccessException e) {
        throw new PreventedException("SQL exception while executing query for " + username, e);
    }
    if (count == 0) {
        throw new FailedLoginException(username + " not found with SQL query.");
    }
    return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null);
}
 
Example #17
Source File: AbstractClientAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
@Override
protected HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
    final ClientCredential clientCredentials = (ClientCredential) credential;
    logger.debug("clientCredentials : {}", clientCredentials);

    final Credentials credentials = clientCredentials.getCredentials();
    final String clientName = credentials.getClientName();
    logger.debug("clientName : {}", clientName);

    // get client
    final Client<Credentials, UserProfile> client = this.clients.findClient(clientName);
    logger.debug("client : {}", client);

    // web context
    final ServletExternalContext servletExternalContext = (ServletExternalContext) ExternalContextHolder.getExternalContext();
    final HttpServletRequest request = (HttpServletRequest) servletExternalContext.getNativeRequest();
    final HttpServletResponse response = (HttpServletResponse) servletExternalContext.getNativeResponse();
    final WebContext webContext = new J2EContext(request, response);
    
    // get user profile
    final UserProfile userProfile = client.getUserProfile(credentials, webContext);
    logger.debug("userProfile : {}", userProfile);

    if (userProfile != null) {
        return createResult(clientCredentials, userProfile);
    }

    throw new FailedLoginException("Provider did not produce a user profile for: " + clientCredentials);
}
 
Example #18
Source File: X509CredentialsAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
protected final HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {

    final X509CertificateCredential x509Credential = (X509CertificateCredential) credential;
    final X509Certificate[] certificates = x509Credential.getCertificates();

    X509Certificate clientCert = null;
    boolean hasTrustedIssuer = false;
    for (int i = certificates.length - 1; i >= 0; i--) {
        final X509Certificate certificate = certificates[i];
        logger.debug("Evaluating {}", CertUtils.toString(certificate));

        validate(certificate);

        if (!hasTrustedIssuer) {
            hasTrustedIssuer = isCertificateFromTrustedIssuer(certificate);
        }

        // getBasicConstraints returns pathLenContraint which is generally
        // >=0 when this is a CA cert and -1 when it's not
        final int pathLength = certificate.getBasicConstraints();
        if (pathLength < 0) {
            logger.debug("Found valid client certificate");
            clientCert = certificate;
        } else {
            logger.debug("Found valid CA certificate");
        }
    }
    if (hasTrustedIssuer && clientCert != null) {
        x509Credential.setCertificate(clientCert);
        return new DefaultHandlerResult(this, x509Credential, this.principalFactory.createPrincipal(x509Credential.getId()));
    }
    throw new FailedLoginException();
}
 
Example #19
Source File: AuthenticationViaFormAction.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
/**
 * Add warning messages to message context if needed.
 *
 * @param tgtId the tgt id
 * @param messageContext the message context
 * @return true if warnings were found and added, false otherwise.
 * @since 4.1.0
 */
protected boolean addWarningMessagesToMessageContextIfNeeded(final TicketGrantingTicket tgtId, final MessageContext messageContext) {
    boolean foundAndAddedWarnings = false;
    for (final Map.Entry<String, HandlerResult> entry : tgtId.getAuthentication().getSuccesses().entrySet()) {
        for (final MessageDescriptor message : entry.getValue().getWarnings()) {
            addWarningToContext(messageContext, message);
            foundAndAddedWarnings = true;
        }
    }
    return foundAndAddedWarnings;

}
 
Example #20
Source File: AbstractPreAndPostProcessingAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
/**
 * {@inheritDoc}
 **/
@Override
public final HandlerResult authenticate(final Credential credential)
        throws GeneralSecurityException, PreventedException {

    if (!preAuthenticate(credential)) {
        throw new FailedLoginException();
    }

    return postAuthenticate(credential, doAuthentication(credential));
}
 
Example #21
Source File: TestUtils.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
public static Authentication getAuthentication(final Principal principal, final Map<String, Object> attributes) {
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    return new AuthenticationBuilder(principal)
            .addCredential(meta)
            .addSuccess("testHandler", new HandlerResult(handler, meta))
            .setAttributes(attributes)
            .build();
}
 
Example #22
Source File: SamlAuthenticationMetaDataPopulatorTests.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
private static AuthenticationBuilder newAuthenticationBuilder(final Principal principal) {
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    return new AuthenticationBuilder(principal)
            .addCredential(meta)
            .addSuccess("test", new HandlerResult(handler, meta));
}
 
Example #23
Source File: ClientAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Override
protected HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
    final ClientCredential clientCredentials = (ClientCredential) credential;
    logger.debug("clientCredentials : {}", clientCredentials);

    final String clientName = clientCredentials.getCredentials().getClientName();
    logger.debug("clientName : {}", clientName);

    // get client
    final Client<org.pac4j.core.credentials.Credentials, UserProfile> client = this.clients.findClient(clientName);
    logger.debug("client : {}", client);

    // web context
    final ServletExternalContext servletExternalContext = (ServletExternalContext) ExternalContextHolder.getExternalContext();
    final HttpServletRequest request = (HttpServletRequest) servletExternalContext.getNativeRequest();
    final HttpServletResponse response = (HttpServletResponse) servletExternalContext.getNativeResponse();
    final WebContext webContext = new J2EContext(request, response);

    // get user profile
    final UserProfile userProfile = client.getUserProfile(clientCredentials.getCredentials(), webContext);
    logger.debug("userProfile : {}", userProfile);

    if (userProfile != null && StringUtils.isNotBlank(userProfile.getTypedId())) {
        clientCredentials.setUserProfile(userProfile);
        return new HandlerResult(
                this,
                new BasicCredentialMetaData(credential),
                new SimplePrincipal(userProfile.getTypedId(), userProfile.getAttributes()));
    }

    throw new FailedLoginException("Provider did not produce profile for " + clientCredentials);
}
 
Example #24
Source File: AuthenticationViaFormAction.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
/**
 * Add warning messages to message context if needed.
 *
 * @param tgtId          the tgt id
 * @param messageContext the message context
 * @return true if warnings were found and added, false otherwise.
 * @since 4.0.3
 */
private boolean addWarningMessagesToMessageContextIfNeeded(final TicketGrantingTicket tgtId,
                                                           final MessageContext messageContext) {
    boolean foundAndAddedWarnings = false;
    for (final Map.Entry<String, HandlerResult> entry : tgtId.getAuthentication().getSuccesses().entrySet()) {
        for (final Message message : entry.getValue().getWarnings()) {
            addWarningToContext(messageContext, message);
            foundAndAddedWarnings = true;
        }
    }
    return foundAndAddedWarnings;

}
 
Example #25
Source File: HttpBasedServiceCredentialsAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
public HandlerResult authenticate(final Credential credential) throws GeneralSecurityException {
    final HttpBasedServiceCredential httpCredential = (HttpBasedServiceCredential) credential;
    if (this.requireSecure && !httpCredential.getCallbackUrl().getProtocol().equals(PROTOCOL_HTTPS)) {
        logger.debug("Authentication failed because url was not secure.");
        throw new FailedLoginException(httpCredential.getCallbackUrl() + " is not an HTTPS endpoint as required.");
    }
    logger.debug("Attempting to authenticate {}", httpCredential);
    if (!this.httpClient.isValidEndPoint(httpCredential.getCallbackUrl())) {
        throw new FailedLoginException(
                httpCredential.getCallbackUrl() + " sent an unacceptable response status code");
    }
    return new HandlerResult(this, httpCredential, new SimplePrincipal(httpCredential.getId()));
}
 
Example #26
Source File: RejectUsersAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
        throws GeneralSecurityException, PreventedException {

    final String username = credential.getUsername();
    if (this.users.contains(username)) {
        throw new FailedLoginException();
    }

    return createHandlerResult(credential, new SimplePrincipal(username), null);
}
 
Example #27
Source File: AbstractPreAndPostProcessingAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
/** {@inheritDoc} */
@Override
public final HandlerResult authenticate(final Credential credential)
        throws GeneralSecurityException, PreventedException {

    if (!preAuthenticate(credential)) {
        throw new FailedLoginException();
    }

    return postAuthenticate(credential, doAuthentication(credential));
}
 
Example #28
Source File: TestOneTimePasswordAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Override
public HandlerResult authenticate(final Credential credential)
        throws GeneralSecurityException, PreventedException {
    final OneTimePasswordCredential otp = (OneTimePasswordCredential) credential;
    final String valueOnRecord = credentialMap.get(otp.getId());
    if (otp.getPassword().equals(credentialMap.get(otp.getId()))) {
        return new HandlerResult(this, new BasicCredentialMetaData(otp), new SimplePrincipal(otp.getId()));
    }
    throw new FailedLoginException();
}
 
Example #29
Source File: RemoteAddressAuthenticationHandler.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Override
public HandlerResult authenticate(final Credential credential) throws GeneralSecurityException {
    final RemoteAddressCredential c = (RemoteAddressCredential) credential;
    try {
        final InetAddress inetAddress = InetAddress.getByName(c.getRemoteAddress().trim());
        if (containsAddress(this.inetNetwork, this.inetNetmask, inetAddress)) {
            return new HandlerResult(this, c, new SimplePrincipal(c.getId()));
        }
    } catch (final UnknownHostException e) {
        logger.debug("Unknown host {}", c.getRemoteAddress());
    }
    throw new FailedLoginException(c.getRemoteAddress() + " not in allowed range.");
}
 
Example #30
Source File: RememberMeAuthenticationMetaDataPopulatorTests.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
private AuthenticationBuilder newBuilder(final Credential credential) {
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    final AuthenticationBuilder builder = new AuthenticationBuilder(TestUtils.getPrincipal())
            .addCredential(meta)
            .addSuccess("test", new HandlerResult(handler, meta));

    this.p.populateAttributes(builder, credential);
    return builder;
}