You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by fm...@apache.org on 2012/06/12 16:53:59 UTC
svn commit: r1349384 - in /incubator/syncope/trunk:
core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java
parent/pom.xml
Author: fmartelli
Date: Tue Jun 12 14:53:59 2012
New Revision: 1349384
URL: http://svn.apache.org/viewvc?rev=1349384&view=rev
Log:
SYNCOPE-94 #comment strange behavior from HttpClient: request is sent twice in case of BadCredentialExceptions
Modified:
incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java
incubator/syncope/trunk/parent/pom.xml
Modified: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java?rev=1349384&r1=1349383&r2=1349384&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java Tue Jun 12 14:53:59 2012
@@ -28,7 +28,6 @@ import org.springframework.security.auth
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.transaction.annotation.Transactional;
import org.apache.syncope.core.audit.AuditManager;
import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
@@ -37,6 +36,7 @@ import org.apache.syncope.types.CipherAl
import org.apache.syncope.types.AuditElements.AuthenticationSubCategory;
import org.apache.syncope.types.AuditElements.Category;
import org.apache.syncope.types.AuditElements.Result;
+import org.springframework.security.authentication.DisabledException;
@Configurable
public class SyncopeAuthenticationProvider implements AuthenticationProvider {
@@ -84,47 +84,45 @@ public class SyncopeAuthenticationProvid
}
@Override
- @Transactional(noRollbackFor = {BadCredentialsException.class})
- public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
+ @Transactional(noRollbackFor = {BadCredentialsException.class, DisabledException.class})
+ public Authentication authenticate(final Authentication authentication)
+ throws AuthenticationException {
- boolean authenticated;
+ boolean authenticated = false;
SyncopeUser passwordUser = new SyncopeUser();
SyncopeUser user = null;
- if (adminUser.equals(authentication.getPrincipal())) {
- passwordUser.setPassword(authentication.getCredentials().toString(), CipherAlgorithm.MD5, 0);
+ String username = authentication.getPrincipal().toString();
+ if (adminUser.equals(username)) {
+ passwordUser.setPassword(authentication.getCredentials().toString(), CipherAlgorithm.MD5, 0);
authenticated = adminMD5Password.equalsIgnoreCase(passwordUser.getPassword());
} else {
- String username;
- try {
- username = authentication.getPrincipal().toString();
- } catch (NumberFormatException e) {
- throw new UsernameNotFoundException("Invalid username: " + authentication.getName(), e);
- }
-
user = userDAO.find(username);
- if (user == null) {
- throw new UsernameNotFoundException("Could not find user " + username);
- }
- passwordUser.setPassword(authentication.getCredentials().toString(), user.getCipherAlgoritm(), 0);
+ if (user != null) {
+ if (user.getSuspended()) {
+ throw new DisabledException("User " + user.getUsername() + " is suspended");
+ }
- authenticated = user.getPassword().equalsIgnoreCase(passwordUser.getPassword());
+ passwordUser.setPassword(authentication.getCredentials().toString(), user.getCipherAlgoritm(), 0);
+ authenticated = user.getPassword().equalsIgnoreCase(passwordUser.getPassword());
+ }
}
- Authentication result;
+ UsernamePasswordAuthenticationToken token;
- if ((user == null || !user.getSuspended()) && authenticated) {
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(authentication.
- getPrincipal(), null, userDetailsService.loadUserByUsername(
- authentication.getPrincipal().toString()).getAuthorities());
- token.setDetails(authentication.getDetails());
+ if (authenticated) {
+ token = new UsernamePasswordAuthenticationToken(
+ authentication.getPrincipal(),
+ null,
+ userDetailsService.loadUserByUsername(authentication.getPrincipal().toString()).getAuthorities());
- result = token;
+ token.setDetails(authentication.getDetails());
auditManager.audit(Category.authentication, AuthenticationSubCategory.login, Result.success,
"Successfully authenticated, with roles: " + token.getAuthorities());
+
LOG.debug("User {} successfully authenticated, with roles {}", authentication.getPrincipal(), token.
getAuthorities());
@@ -135,19 +133,25 @@ public class SyncopeAuthenticationProvid
}
} else {
- if (user != null && !user.getSuspended()) {
+ if (user != null) {
user.setFailedLogins(user.getFailedLogins() + 1);
userDAO.save(user);
}
auditManager.audit(Category.authentication, AuthenticationSubCategory.login, Result.failure,
"User " + authentication.getPrincipal() + " not authenticated");
+
LOG.debug("User {} not authenticated", authentication.getPrincipal());
- throw new BadCredentialsException("User " + authentication.getPrincipal() + " not authenticated");
+ // By using HttpComponents version 4.2 the request is sent twice in case of exception (SYNCOPE-94) ...
+ // throw new BadCredentialsException("User " + authentication.getPrincipal() + " not authenticated");
+
+ // ... this is the reason of the following code.
+ token = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), null, null);
+ token.setDetails(authentication.getDetails());
}
- return result;
+ return token;
}
@Override
Modified: incubator/syncope/trunk/parent/pom.xml
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/parent/pom.xml?rev=1349384&r1=1349383&r2=1349384&view=diff
==============================================================================
--- incubator/syncope/trunk/parent/pom.xml (original)
+++ incubator/syncope/trunk/parent/pom.xml Tue Jun 12 14:53:59 2012
@@ -241,7 +241,7 @@ under the License.
<commons-jexl.version>2.1.1</commons-jexl.version>
<commons-lang.version>2.6</commons-lang.version>
- <httpcomponents.version>4.1.3</httpcomponents.version>
+ <httpcomponents.version>4.2</httpcomponents.version>
<activiti.version>5.9</activiti.version>