Examples of org.acegisecurity.BadCredentialsException

• org.acegisecurity.BadCredentialsException
  Thrown if an authentication request is rejected because the credentials are invalid. For this exception to be thrown, it means the account is neither locked nor disabled. @author Ben Alex @version $Id: BadCredentialsException.java 2654 2008-02-18 20:44:09Z luke_t $

    }

    protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication)
        throws AuthenticationException {
        if (!StringUtils.hasLength(username)) {
            throw new BadCredentialsException(messages.getMessage("LdapAuthenticationProvider.emptyUsername",
                    "Empty Username"));
        }

        if (logger.isDebugEnabled()) {
            logger.debug("Retrieving user " + username);
        }

        String password = (String) authentication.getCredentials();
        Assert.notNull(password, "Null password was supplied in authentication token");

        if (password.length() == 0) {
            logger.debug("Rejecting empty password for user " + username);
            throw new BadCredentialsException(messages.getMessage("LdapAuthenticationProvider.emptyPassword",
                    "Empty Password"));
        }

        try {
            LdapUserDetails ldapUser = getAuthenticator().authenticate(username, password);

        if (!supports(authentication.getClass())) {
            return null;
        }

        if (this.key.hashCode() != ((AnonymousAuthenticationToken) authentication).getKeyHash()) {
            throw new BadCredentialsException(messages.getMessage("AnonymousAuthenticationProvider.incorrectKey",
                    "The presented AnonymousAuthenticationToken does not contain the expected key"));
        }

        return authentication;
    }

        String retrievedPassword = user.getPassword();

        if (retrievedPassword != null) {
            if (!verifyPassword(password, retrievedPassword)) {
                throw new BadCredentialsException(messages.getMessage(
                        "PasswordComparisonAuthenticator.badCredentials", "Bad credentials"));
            }

            return user;
        }

        if (logger.isDebugEnabled()) {
            logger.debug("Password attribute wasn't retrieved for user '" + username + "' using mapper "
                + getUserDetailsMapper() + ". Performing LDAP compare of password attribute '" + passwordAttributeName
                + "'");
        }

        String encodedPassword = passwordEncoder.encodePassword(password, null);
        byte[] passwordBytes = LdapUtils.getUtf8Bytes(encodedPassword);

        if (!ldapTemplate.compare(user.getDn(), passwordAttributeName, passwordBytes)) {
            throw new BadCredentialsException(messages.getMessage("PasswordComparisonAuthenticator.badCredentials",
                    "Bad credentials"));
        }

        return user;
    }

        }

        X509Certificate clientCertificate = (X509Certificate) authentication.getCredentials();

        if (clientCertificate == null) {
            throw new BadCredentialsException(messages.getMessage("X509AuthenticationProvider.certificateNull",
                    "Certificate is null"));
        }

        UserDetails user = userCache.getUserFromCache(clientCertificate);

            LdapUserDetails userFromSearch = getUserSearch().searchForUser(username);
            user = bindWithDn(userFromSearch.getDn(), username, password);
        }

        if (user == null) {
            throw new BadCredentialsException(
                    messages.getMessage("BindAuthenticator.badCredentials", "Bad credentials"));
        }

        return user;
    }

        if (!supports(authentication.getClass())) {
            return null;
        }

        if (this.key.hashCode() != ((RememberMeAuthenticationToken) authentication).getKeyHash()) {
            throw new BadCredentialsException(messages.getMessage("RememberMeAuthenticationProvider.incorrectKey",
                    "The presented RememberMeAuthenticationToken does not contain the expected key"));
        }

        return authentication;
    }

        AuthByAdapter token = (AuthByAdapter) authentication;

        if (token.getKeyHash() == key.hashCode()) {
            return authentication;
        } else {
            throw new BadCredentialsException(messages.getMessage("AuthByAdapterProvider.incorrectKey",
                    "The presented AuthByAdapter implementation does not contain the expected key"));
        }
    }

        try {
            return useLdapContext ? new InitialLdapContext(env, null) : new InitialDirContext(env);
        } catch (NamingException ne) {
            if ((ne instanceof javax.naming.AuthenticationException)
                    || (ne instanceof OperationNotSupportedException)) {
                throw new BadCredentialsException(messages.getMessage("DefaultIntitalDirContextFactory.badCredentials",
                        "Bad credentials"), ne);
            }

            if (ne instanceof CommunicationException) {
                throw new LdapDataAccessException(messages.getMessage(

        RunAsUserToken token = (RunAsUserToken) authentication;

        if (token.getKeyHash() == key.hashCode()) {
            return authentication;
        } else {
            throw new BadCredentialsException(messages.getMessage("RunAsImplAuthenticationProvider.incorrectKey",
                    "The presented RunAsUserToken does not contain the expected key"));
        }
    }

    public UserDetails getUserDetails(X509Certificate clientCert) throws AuthenticationException {
        String subjectDN = clientCert.getSubjectDN().getName();
        PatternMatcher matcher = new Perl5Matcher();

        if (!matcher.contains(subjectDN, subjectDNPattern)) {
            throw new BadCredentialsException(messages.getMessage("DaoX509AuthoritiesPopulator.noMatching",
                    new Object[] {subjectDN}, "No matching pattern was found in subjectDN: {0}"));
        }

        MatchResult match = matcher.getMatch();