Java LockedException类代码示例

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                    AuthenticationException exception) throws IOException, ServletException {
	Map<String, Object> result = new HashMap<>();
	result.put("isSuccess", false);
    if (exception instanceof LockedException) {
        // 如果账户被锁定
        logger.info("LoginFailHandler the user is locked!");
        result.put("msg", "该用户被锁定！");
    } else if (exception instanceof UsernameNotFoundException) {
        logger.info("LoginSuccessHandler login fail!");
        result.put("msg", "该帐号不存在！");
    } else {
        logger.info("LoginFailHandler login fail!");
        result.put("msg", "用户名或密码不正确！");
    }
    RequestUtil.responseJson(response, result);
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public void onAuthenticationFailure(HttpServletRequest request,
		HttpServletResponse response, AuthenticationException exception)
		throws IOException, ServletException {

	// Is already locked?
	if (exception != null && exception instanceof LockedException) {
		super.onAuthenticationFailure(request, response, exception);
		return;
	}
	
	LoginManager.addFailedLoginAttempt(request.getParameter("j_username"), new Date());
	
	if (ApplicationProperty.PasswordReset.isTrue() && User.findByUserName(request.getParameter("j_username")) != null)
		request.getSession().setAttribute("SUGGEST_PASSWORD_RESET", true);
	
	super.onAuthenticationFailure(request, response, exception);
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
                                    AuthenticationException e) throws IOException, ServletException {
    if (LOG.isTraceEnabled()) {
        LOG.trace("Login failed for user {}.", httpServletRequest.getParameter(SecurityConstants.USERNAME_PARAM));
    }
    final LoginStatus status = new LoginStatus(false, false, null, e.getMessage());
    if (e instanceof LockedException) {
        status.setErrorId("login.locked");
    } else if (e instanceof DisabledException) {
        status.setErrorId("login.disabled");
    } else if (e instanceof UsernameNotFoundException) {
        status.setErrorId("login.error");
    }
    mapper.writeValue(httpServletResponse.getOutputStream(), status);
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public UsernamePasswordAuthenticationToken authenticate(ConnectionEnvironment connEnv, T authnCtx) 
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException, 
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {		
	
	checkEnteredCredentials(connEnv, authnCtx);
	
	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), true);
	
	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
	
	if (checkCredentials(principal, authnCtx, connEnv)) {
		
		recordPasswordAuthenticationSuccess(principal, connEnv, getCredential(credentials), credentialsPolicy);
		UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal, 
				authnCtx.getEnteredCredential(), principal.getAuthorities());
		return token;
		
	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
		
		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public UserType checkCredentials(ConnectionEnvironment connEnv, T authnCtx) 
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException, 
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {		
	
	checkEnteredCredentials(connEnv, authnCtx);
	
	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), false);
	
	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
	
	if (checkCredentials(principal, authnCtx, connEnv)) {
		return userType;
	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
		
		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
/**
 * The method is used to extract the error message from the request
 * @param request The request that contains the exception and error message
 * @param key The key is used to find the exception attribute in the request.
 * @return Returns the error message that will be displayed to the user on the login page.
 */
private String getErrorMessage(final HttpServletRequest request, final String key) {

    final Exception exception = (Exception) request.getSession().getAttribute(key);

    String error = "";
    if (exception instanceof BadCredentialsException || exception.getCause() instanceof NullPointerException || exception.getCause() instanceof IllegalArgumentException) {
        LOGGER.debug("Invalid username or password");
        error = messageSource.getMessage("general.login.label.invalidcredentials", null, LocaleContextHolder.getLocale());
    } else if (exception instanceof LockedException) {
        LOGGER.debug("User has been locked");
        error = messageSource.getMessage("general.login.label.userlocked", null ,LocaleContextHolder.getLocale());
    } else if(exception instanceof CredentialsExpiredException){
        LOGGER.debug("User has been inactive");
        error = messageSource.getMessage("general.login.label.userinactive", null ,LocaleContextHolder.getLocale());
    } else {
        LOGGER.error("Unable to login due to unknown reasons");
        LOGGER.error(exception.getMessage(), exception);
        error = messageSource.getMessage("general.login.label.unknownreason", null ,LocaleContextHolder.getLocale());
    }

    return error;
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
/**
 * Tests the status of the LDAP details and throws an appropriate exception.
 * 
 * @param dirContextOperations
 *            The context containing user data.
 * @param username
 *            The username.
 * @throws AuthenticationException
 *             if the status would prevent logging in
 */
private void checkAccountStatus(DirContextOperations dirContextOperations, String username)
        throws AuthenticationException {
    UserDetails ldapDetails = new LdapUserDetailsMapper()
            .mapUserFromContext(dirContextOperations, username,
                    new ArrayList<GrantedAuthority>());
    if (!ldapDetails.isEnabled()) {
        throw new DisabledException("LDAP account is disabled.");
    }
    if (!ldapDetails.isAccountNonLocked()) {
        throw new LockedException("LDAP account is locked.");
    }
    if (!ldapDetails.isCredentialsNonExpired()) {
        throw new CredentialsExpiredException("Credentials for LDAP account are expired.");
    }
    if (!ldapDetails.isAccountNonExpired()) {
        throw new AccountExpiredException("LDAP account is expired.");
    }
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception ) throws IOException, ServletException
{
    final String username = request.getParameter( "j_username" );

    request.getSession().setAttribute( "username", username );

    securityService.registerFailedLogin( username );

    I18n i18n = i18nManager.getI18n();

    if ( ExceptionUtils.indexOfThrowable( exception, LockedException.class )  != -1)
    {
        request.getSession().setAttribute( "LOGIN_FAILED_MESSAGE", i18n.getString( "authentication.message.account.locked" ) );
    }
    else
    {
        request.getSession().setAttribute( "LOGIN_FAILED_MESSAGE", i18n.getString( "authentication.message.account.invalid" ) );
    }


    super.onAuthenticationFailure( request, response, exception );
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
        AuthenticationException exception) throws IOException, ServletException {

    super.onAuthenticationFailure(request, response, exception);

    if (request.getSession(false) == null && !isAllowSessionCreation()) {
        return;
    }

    request.getSession().setAttribute(
            LAST_USERNAME_KEY, request.getParameter(LoginDecisionFilter.USERNAME_PARAMETER)
    );
    request.getSession().setAttribute(
            LAST_PROVIDER_KEY,
            Strings.isNullOrEmpty(request.getParameter("provider"))
                    ? "internal"
                    : request.getParameter("provider")
    );
    request.getSession().setAttribute(IS_LOCKED, false);
    if (exception instanceof LdapAuthenticationProcessException) {
        request.getSession().setAttribute(ERROR_KEY, "login.ldap.internal.user.exists");
    } else if (exception instanceof LockedException) {
        request.getSession().setAttribute(IS_LOCKED, true);
    }
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
private String getErrorMessage(HttpServletRequest request, String key) {

		Exception exception = (Exception) request.getSession()
				.getAttribute(key);

		String error = "";
		if (exception instanceof BadCredentialsException) {
			error = "Invalid username and password!";
		} else if (exception instanceof LockedException) {
			error = exception.getMessage();
		} else {
			error = "Invalid username and password!";
		}

		return error;
	}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
/**
 * If user with given username exists and is active then authenticates and returns him. Updates the status of the
 * user when password has been expired.
 *
 * @param username username of user
 * @param authentication data used for authentication
 * @return the user information
 */
@Override
@Transactional
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) {
    MotechUser user = motechUsersDao.findByUserName(username);
    if (user == null) {
        throw new BadCredentialsException(USER_NOT_FOUND);
    } else if (!user.isActive()) {
        throw new LockedException(USER_BLOCKED);
    } else {
        if (settingService.getNumberOfDaysToChangePassword() > 0 &&
                Days.daysBetween(user.getSafeLastPasswordChange(), DateUtil.now()).getDays() >= settingService.getNumberOfDaysToChangePassword()) {
            user.setUserStatus(UserStatus.MUST_CHANGE_PASSWORD);
            motechUsersDao.update(user);
        }
        authentication.setDetails(new MotechUserProfile(user));
        return new User(user.getUserName(), user.getPassword(), user.isActive(), true, !UserStatus.MUST_CHANGE_PASSWORD.equals(user.getUserStatus()),
                !UserStatus.BLOCKED.equals(user.getUserStatus()), authoritiesService.authoritiesFor(user));
    }
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public UserDetails loadUserByUsername(String username)
		throws UsernameNotFoundException {
	Users user=usersRepository.loadUserByUsername(username);
	if (user==null){
		throw new UsernameNotFoundException("Invalid username/password");
	}
	if (user.getFailedLoginAttempts()>=maxFailedAttempts){
		Calendar cal=Calendar.getInstance();
		if (user.getLockoutTime()!=null)
		if (cal.getTimeInMillis()-user.getLockoutTime().getTimeInMillis()>=autoUnlockInterval){
			user.setLockoutTime(null);
			user.setFailedLoginAttemptsToZero();
			return user;
		}
		throw new LockedException("Your account has excceded maximum failed athentication attempts. Please wait 5 minutes to retry.");
	}
	return user;
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public UsernamePasswordAuthenticationToken authenticate(ConnectionEnvironment connEnv, T authnCtx)
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {

	checkEnteredCredentials(connEnv, authnCtx);

	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), true);

	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);

	if (checkCredentials(principal, authnCtx, connEnv)) {

		recordPasswordAuthenticationSuccess(principal, connEnv, getCredential(credentials), credentialsPolicy);
		UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal,
				authnCtx.getEnteredCredential(), principal.getAuthorities());
		return token;

	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");

		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
@Override
public UserType checkCredentials(ConnectionEnvironment connEnv, T authnCtx)
		throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
		CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {

	checkEnteredCredentials(connEnv, authnCtx);

	MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), false);

	UserType userType = principal.getUser();
	CredentialsType credentials = userType.getCredentials();
	CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);

	if (checkCredentials(principal, authnCtx, connEnv)) {
		return userType;
	} else {
		recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");

		throw new BadCredentialsException("web.security.provider.invalid");
	}
}
 

import org.springframework.security.authentication.LockedException; //导入依赖的package包/类
/**
 * Checks if account is active.
 * @param userAuth user authentication object
 * @param user user object
 * @param throwException throw or not
 * @return the authentication object if {@code user.active == true}
 */
public static UserAuthentication checkIfActive(UserAuthentication userAuth, User user, boolean throwException) {
	if (userAuth == null || user == null || user.getIdentifier() == null) {
		if (throwException) {
			throw new BadCredentialsException("Bad credentials.");
		} else {
			logger.error("Bad credentials.");
			return null;
		}
	} else if (!user.getActive()) {
		if (throwException) {
			throw new LockedException("Account " + user.getId() + " is locked.");
		} else {
			logger.error("Account {} is locked.", user.getId());
			return null;
		}
	}
	return userAuth;
}