Beispiel #1
0
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
//ORIGINAL LINE: public org.neo4j.kernel.enterprise.api.security.EnterpriseLoginContext login(java.util.Map<String,Object> authToken) throws org.neo4j.kernel.api.security.exception.InvalidAuthTokenException
        public override EnterpriseLoginContext Login(IDictionary <string, object> authToken)
        {
            try
            {
                EnterpriseLoginContext securityContext;

                ShiroAuthToken token = new ShiroAuthToken(authToken);
                AssertValidScheme(token);

                try
                {
                    securityContext = new StandardEnterpriseLoginContext(this, ( ShiroSubject )_securityManager.login(null, token));
                    AuthenticationResult authenticationResult = securityContext.Subject().AuthenticationResult;
                    if (authenticationResult == AuthenticationResult.SUCCESS)
                    {
                        if (_logSuccessfulLogin)
                        {
                            _securityLog.info(securityContext.Subject(), "logged in");
                        }
                    }
                    else if (authenticationResult == AuthenticationResult.PASSWORD_CHANGE_REQUIRED)
                    {
                        _securityLog.info(securityContext.Subject(), "logged in (password change required)");
                    }
                    else
                    {
                        string errorMessage = ((StandardEnterpriseLoginContext.NeoShiroSubject)securityContext.Subject()).AuthenticationFailureMessage;
                        _securityLog.error("[%s]: failed to log in: %s", escape(token.Principal.ToString()), errorMessage);
                    }
                    // No need to keep full Shiro authentication info around on the subject
                    ((StandardEnterpriseLoginContext.NeoShiroSubject)securityContext.Subject()).clearAuthenticationInfo();
                }
                catch (UnsupportedTokenException e)
                {
                    _securityLog.error("Unknown user failed to log in: %s", e.Message);
                    Exception cause = e.InnerException;
                    if (cause is InvalidAuthTokenException)
                    {
                        throw new InvalidAuthTokenException(cause.Message + ": " + token);
                    }
                    throw invalidToken(": " + token);
                }
                catch (ExcessiveAttemptsException)
                {
                    // NOTE: We only get this with single (internal) realm authentication
                    securityContext = new StandardEnterpriseLoginContext(this, new ShiroSubject(_securityManager, AuthenticationResult.TOO_MANY_ATTEMPTS));
                    _securityLog.error("[%s]: failed to log in: too many failed attempts", escape(token.Principal.ToString()));
                }
                catch (AuthenticationException e)
                {
                    if (e.InnerException != null && e.InnerException is AuthProviderTimeoutException)
                    {
                        Exception cause = e.InnerException.InnerException;
                        _securityLog.error("[%s]: failed to log in: auth server timeout%s", escape(token.Principal.ToString()), cause != null && cause.Message != null ? " (" + cause.Message + ")" : "");
                        throw new AuthProviderTimeoutException(e.InnerException.Message, e.InnerException);
                    }
                    else if (e.InnerException != null && e.InnerException is AuthProviderFailedException)
                    {
                        Exception cause = e.InnerException.InnerException;
                        _securityLog.error("[%s]: failed to log in: auth server connection refused%s", escape(token.Principal.ToString()), cause != null && cause.Message != null ? " (" + cause.Message + ")" : "");
                        throw new AuthProviderFailedException(e.InnerException.Message, e.InnerException);
                    }
                    securityContext = new StandardEnterpriseLoginContext(this, new ShiroSubject(_securityManager, AuthenticationResult.FAILURE));
                    Exception cause        = e.InnerException;
                    Exception causeCause   = e.InnerException != null ? e.InnerException.InnerException : null;
                    string    errorMessage = string.Format("invalid principal or credentials{0}{1}", cause != null && cause.Message != null ? " (" + cause.Message + ")" : "", causeCause != null && causeCause.Message != null ? " (" + causeCause.Message + ")" : "");
                    _securityLog.error("[%s]: failed to log in: %s", escape(token.Principal.ToString()), errorMessage);
                }

                return(securityContext);
            }
            finally
            {
                AuthToken.clearCredentials(authToken);
            }
        }
Beispiel #2
0
 public NeoShiroSubject(StandardEnterpriseLoginContext outerInstance)
 {
     this._outerInstance = outerInstance;
 }