Java DisabledException类代码示例

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
private SecurityUser authenticateByUserId(UserId userId) {
  User user = userService.findUserById(userId);
  if (user == null) {
    throw new UsernameNotFoundException("User not found by refresh token");
  }

  UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getId());
  if (userCredentials == null) {
    throw new UsernameNotFoundException("User credentials not found");
  }

  if (!userCredentials.isEnabled()) {
    throw new DisabledException("User is not active");
  }

  if (user.getAuthority() == null)
    throw new InsufficientAuthenticationException("User has no authority assigned");

  UserPrincipal userPrincipal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());

  SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled(), userPrincipal);

  return securityUser;
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
                                    AuthenticationException e) throws IOException, ServletException {
    if (LOG.isTraceEnabled()) {
        LOG.trace("Login failed for user {}.", httpServletRequest.getParameter(SecurityConstants.USERNAME_PARAM));
    }
    final LoginStatus status = new LoginStatus(false, false, null, e.getMessage());
    if (e instanceof LockedException) {
        status.setErrorId("login.locked");
    } else if (e instanceof DisabledException) {
        status.setErrorId("login.disabled");
    } else if (e instanceof UsernameNotFoundException) {
        status.setErrorId("login.error");
    }
    mapper.writeValue(httpServletResponse.getOutputStream(), status);
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public UsernamePasswordAuthenticationToken authenticate(ConnectionEnvironment connEnv, T authnCtx) 
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException, 
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {		
	
	checkEnteredCredentials(connEnv, authnCtx);
	
	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), true);
	
	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
	
	if (checkCredentials(principal, authnCtx, connEnv)) {
		
		recordPasswordAuthenticationSuccess(principal, connEnv, getCredential(credentials), credentialsPolicy);
		UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal, 
				authnCtx.getEnteredCredential(), principal.getAuthorities());
		return token;
		
	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
		
		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public UserType checkCredentials(ConnectionEnvironment connEnv, T authnCtx) 
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException, 
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {		
	
	checkEnteredCredentials(connEnv, authnCtx);
	
	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), false);
	
	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
	
	if (checkCredentials(principal, authnCtx, connEnv)) {
		return userType;
	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
		
		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
/**
 * Tests the status of the LDAP details and throws an appropriate exception.
 * 
 * @param dirContextOperations
 *            The context containing user data.
 * @param username
 *            The username.
 * @throws AuthenticationException
 *             if the status would prevent logging in
 */
private void checkAccountStatus(DirContextOperations dirContextOperations, String username)
        throws AuthenticationException {
    UserDetails ldapDetails = new LdapUserDetailsMapper()
            .mapUserFromContext(dirContextOperations, username,
                    new ArrayList<GrantedAuthority>());
    if (!ldapDetails.isEnabled()) {
        throw new DisabledException("LDAP account is disabled.");
    }
    if (!ldapDetails.isAccountNonLocked()) {
        throw new LockedException("LDAP account is locked.");
    }
    if (!ldapDetails.isCredentialsNonExpired()) {
        throw new CredentialsExpiredException("Credentials for LDAP account are expired.");
    }
    if (!ldapDetails.isAccountNonExpired()) {
        throw new AccountExpiredException("LDAP account is expired.");
    }
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public UserDetails loadUserByUsername(final String username) {
	LOGGER.debug("Authenticating {}", username);

	final String lowercaseUsername = username.toLowerCase();
	final Optional<User> loadedUser = userRepository.findUserByUsernameIgnoreCase(lowercaseUsername);

	return loadedUser.map(user -> {
		if (isNotBlank(user.getActivationCode())) {
			// ActivationCode of user is set so the account is not yet activated.
			throw new DisabledException("Given user is not yet activated.");
		}

		if (isNotBlank(user.getPasswordResetCode())) {
			// PasswordResetCode of user is set so the account is disabled till the password was reseted.
			throw new DisabledException("Given user has requested password reset.");
		}

		// Map authorities
		final List<SimpleGrantedAuthority> grantedAuthorities = user.getAuthorities().stream()
				.map(authority -> new SimpleGrantedAuthority(authority.getName())).collect(Collectors.toList());

		// Return converted user
		return springSecurityUser(lowercaseUsername, user.getPassword(), grantedAuthorities);
	}).orElseThrow(() -> new UsernameNotFoundException("User " + lowercaseUsername + " was not found"));
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
/**
 * handle locked ?
 * 
 * @param userId
 * @return
 */
protected AuthenticationException handlerLocked(String userId) {

	AuthUser user = authUserServ.load(userId);
	if (user.getErrorCount() >= 5) {

		Long dateTime = user.getStateTime().getTime();
		// 1 DAY = 86 400 000 ms
		if(new Date().getTime()-dateTime <86400000){
			// Locked user if input 6 error password  
			user.setEnabled(0);
			authUserServ.add(user);
			return new DisabledException(messages.getMessage(
					"AccountStatusUserDetailsChecker.locked"));
		}
	}else{
		// error count ++
		user.setErrorCount(user.getErrorCount() + 1);
		// state time
		user.setStateTime(new Date());
	}
	int onlyCount=6-user.getErrorCount();
	authUserServ.add(user);
	return new BadCredentialsException(messages.getMessage(
			"AccountStatusUserDetailsChecker.onlyCount", new Object[] { onlyCount }));
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public UsernamePasswordAuthenticationToken authenticate(ConnectionEnvironment connEnv, T authnCtx)
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {

	checkEnteredCredentials(connEnv, authnCtx);

	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), true);

	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);

	if (checkCredentials(principal, authnCtx, connEnv)) {

		recordPasswordAuthenticationSuccess(principal, connEnv, getCredential(credentials), credentialsPolicy);
		UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal,
				authnCtx.getEnteredCredential(), principal.getAuthorities());
		return token;

	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");

		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public UserType checkCredentials(ConnectionEnvironment connEnv, T authnCtx)
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {

	checkEnteredCredentials(connEnv, authnCtx);

	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), false);

	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);

	if (checkCredentials(principal, authnCtx, connEnv)) {
		return userType;
	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");

		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
/**
 * Tests whether a {@link DisabledException} is thrown when the user is not
 * active.
 */
@Test(expected=DisabledException.class)
public void authenticate_shouldThrowDisabledExceptionIfUserIsInactive() {

	// 1. Mock an authentication request object
	final String shogun2UserName = "user";
	final String correctPassword = "correctPassword";
	final User userToAuth = createUserMock(shogun2UserName, correctPassword);

	// set user as inactive
	userToAuth.setActive(false);

	// 2. Mock the auth request for the inactive user
	Authentication authRequest = mock(Authentication.class);
	when(authRequest.getName()).thenReturn(shogun2UserName);
	when(authRequest.getCredentials()).thenReturn(correctPassword);

	// 3. Mock the userDao
	when(userDao.findByAccountName(shogun2UserName)).thenReturn(userToAuth);

	// 4. Call the authenticate method with the mocked object to provoke
	// the expected DisabledException
	authProvider.authenticate(authRequest);
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Test(expected = DisabledException.class)
public void ensureLoginIsNotPossibleIfUserIsDeactivated() throws UnsupportedMemberAffiliationException,
    NamingException {

    Person person = TestDataCreator.createPerson();
    person.setPermissions(Collections.singletonList(Role.INACTIVE));

    Mockito.when(personService.getPersonByLogin(Mockito.anyString())).thenReturn(Optional.of(person));
    Mockito.when(ldapUserMapper.mapFromContext(Mockito.eq(context)))
        .thenReturn(new LdapUser(person.getLoginName(), Optional.of(person.getFirstName()),
                Optional.of(person.getLastName()), Optional.of(person.getEmail())));
    Mockito.when(ldapSyncService.syncPerson(Mockito.any(Person.class), Matchers.<Optional<String>>any(),
                Matchers.<Optional<String>>any(), Matchers.<Optional<String>>any()))
        .thenReturn(person);

    personContextMapper.mapUserFromContext(context, person.getLoginName(), null);
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
protected void onInitialize() {
	super.onInitialize();
	
	// Vérification des retours d'auth pac4J
	HttpServletRequest request = ((ServletWebRequest) RequestCycle.get().getRequest()).getContainerRequest();
	Exception exception = (Exception) request.getSession().getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
	if (exception != null) {
		if (exception instanceof DisabledException) {
			getSession().error(getString("home.identification.classic.error.userDisabled"));
		} else if (exception instanceof AuthenticationServiceException) {
			LOGGER.error("Authentication failed", exception);
			getSession().error(getString("home.identification.error.badCredentials") + exception.getMessage());
		} else {
			LOGGER.error("An unknown error occurred during the authentication process", exception);
			getSession().error(getString("home.identification.error.unknown"));
		}
		request.getSession().removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
	}
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
	log.debug("Prüfen, ob sich der Nutzer in der DB befindet...");

	if (userService.findByLogin(authentication.getName().toLowerCase()) == null) {
		log.debug("Der Nutzer " + authentication.getName() + " befindet sich nicht in der DB.");
		throw new DisabledException(authentication.getName()); // muss eine AccountStatusException sein!!
	}

	log.debug("Der Nutzer " + authentication.getName() + " befindet sich in der DB.");

	return null; // danach wird Provider gefragt (ldapAuthentication)
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Bean
public AuthenticationFailureHandler authenticationFailureHandler() {
    ExceptionMappingAuthenticationFailureHandler failureHandler = new ExceptionMappingAuthenticationFailureHandler();
    Map<String, String> failureUrlMap = new HashMap<>();
    failureUrlMap.put(BadCredentialsException.class.getName(), LoginAuthenticationFailureHandler.PASS_ERROR_URL);
    failureUrlMap.put(CaptchaException.class.getName(), LoginAuthenticationFailureHandler.CODE_ERROR_URL);
    failureUrlMap.put(AccountExpiredException.class.getName(), LoginAuthenticationFailureHandler.EXPIRED_URL);
    failureUrlMap.put(LockedException.class.getName(), LoginAuthenticationFailureHandler.LOCKED_URL);
    failureUrlMap.put(DisabledException.class.getName(), LoginAuthenticationFailureHandler.DISABLED_URL);
    failureHandler.setExceptionMappings(failureUrlMap);
    return failureHandler;
}
 

import org.springframework.security.authentication.DisabledException; //导入依赖的package包/类
@Override
public CurrentUser loadUserByUsername(String username)
        throws UsernameNotFoundException  {
    User user = userRepository.findByUsername(username);
    if (!user.isEnabled())
        throw new  DisabledException(USER_IS_DISABLED);
    return new CurrentUser(user);
}