//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
//ORIGINAL LINE: public org.neo4j.kernel.enterprise.api.security.EnterpriseLoginContext login(java.util.Map<String,Object> authToken) throws org.neo4j.kernel.api.security.exception.InvalidAuthTokenException
public override EnterpriseLoginContext Login(IDictionary <string, object> authToken)
{
try
{
EnterpriseLoginContext securityContext;
ShiroAuthToken token = new ShiroAuthToken(authToken);
AssertValidScheme(token);
try
{
securityContext = new StandardEnterpriseLoginContext(this, ( ShiroSubject )_securityManager.login(null, token));
AuthenticationResult authenticationResult = securityContext.Subject().AuthenticationResult;
if (authenticationResult == AuthenticationResult.SUCCESS)
{
if (_logSuccessfulLogin)
{
_securityLog.info(securityContext.Subject(), "logged in");
}
}
else if (authenticationResult == AuthenticationResult.PASSWORD_CHANGE_REQUIRED)
{
_securityLog.info(securityContext.Subject(), "logged in (password change required)");
}
else
{
string errorMessage = ((StandardEnterpriseLoginContext.NeoShiroSubject)securityContext.Subject()).AuthenticationFailureMessage;
_securityLog.error("[%s]: failed to log in: %s", escape(token.Principal.ToString()), errorMessage);
}
// No need to keep full Shiro authentication info around on the subject
((StandardEnterpriseLoginContext.NeoShiroSubject)securityContext.Subject()).clearAuthenticationInfo();
}
catch (UnsupportedTokenException e)
{
_securityLog.error("Unknown user failed to log in: %s", e.Message);
Exception cause = e.InnerException;
if (cause is InvalidAuthTokenException)
{
throw new InvalidAuthTokenException(cause.Message + ": " + token);
}
throw invalidToken(": " + token);
}
catch (ExcessiveAttemptsException)
{
// NOTE: We only get this with single (internal) realm authentication
securityContext = new StandardEnterpriseLoginContext(this, new ShiroSubject(_securityManager, AuthenticationResult.TOO_MANY_ATTEMPTS));
_securityLog.error("[%s]: failed to log in: too many failed attempts", escape(token.Principal.ToString()));
}
catch (AuthenticationException e)
{
if (e.InnerException != null && e.InnerException is AuthProviderTimeoutException)
{
Exception cause = e.InnerException.InnerException;
_securityLog.error("[%s]: failed to log in: auth server timeout%s", escape(token.Principal.ToString()), cause != null && cause.Message != null ? " (" + cause.Message + ")" : "");
throw new AuthProviderTimeoutException(e.InnerException.Message, e.InnerException);
}
else if (e.InnerException != null && e.InnerException is AuthProviderFailedException)
{
Exception cause = e.InnerException.InnerException;
_securityLog.error("[%s]: failed to log in: auth server connection refused%s", escape(token.Principal.ToString()), cause != null && cause.Message != null ? " (" + cause.Message + ")" : "");
throw new AuthProviderFailedException(e.InnerException.Message, e.InnerException);
}
securityContext = new StandardEnterpriseLoginContext(this, new ShiroSubject(_securityManager, AuthenticationResult.FAILURE));
Exception cause = e.InnerException;
Exception causeCause = e.InnerException != null ? e.InnerException.InnerException : null;
string errorMessage = string.Format("invalid principal or credentials{0}{1}", cause != null && cause.Message != null ? " (" + cause.Message + ")" : "", causeCause != null && causeCause.Message != null ? " (" + causeCause.Message + ")" : "");
_securityLog.error("[%s]: failed to log in: %s", escape(token.Principal.ToString()), errorMessage);
}
return(securityContext);
}
finally
{
AuthToken.clearCredentials(authToken);
}
}
public NeoShiroSubject(StandardEnterpriseLoginContext outerInstance)
{
this._outerInstance = outerInstance;
}
