Package org.graylog2.shared.security
Class ThrowingFirstSuccessfulStrategy
java.lang.Object
org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
org.apache.shiro.authc.pam.FirstSuccessfulStrategy
org.graylog2.shared.security.ThrowingFirstSuccessfulStrategy
- All Implemented Interfaces:
org.apache.shiro.authc.pam.AuthenticationStrategy
public class ThrowingFirstSuccessfulStrategy
extends org.apache.shiro.authc.pam.FirstSuccessfulStrategy
An authentication strategy pretty much the same as the
FirstSuccessfulStrategy
with the difference that it
will memoize a AuthenticationServiceUnavailableException
thrown by any attempt. It will rethrow this
exception on the final afterAllAttempts(AuthenticationToken, AuthenticationInfo)
call, if none of the
attempts were successful.
This way we can retain the fact that authentication probably failed due to a service being unavailable and not because the user's credentials were wrong.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionorg.apache.shiro.authc.AuthenticationInfo
afterAllAttempts
(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo aggregate) If none of the attempts was successful and at least one of the attempts was throwing aAuthenticationServiceUnavailableException
, we'll re-throw this exception here.org.apache.shiro.authc.AuthenticationInfo
afterAttempt
(org.apache.shiro.realm.Realm realm, org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo singleRealmInfo, org.apache.shiro.authc.AuthenticationInfo aggregateInfo, Throwable t) If the attempt failed due to anAuthenticationServiceUnavailableException
, memoize that exception.org.apache.shiro.authc.AuthenticationInfo
beforeAllAttempts
(Collection<? extends org.apache.shiro.realm.Realm> realms, org.apache.shiro.authc.AuthenticationToken token) Clear a possibleAuthenticationServiceUnavailableException
because this strategy will be re-used for multiple authentication processes.Methods inherited from class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
beforeAttempt, getStopAfterFirstSuccess, merge, setStopAfterFirstSuccess
-
Constructor Details
-
ThrowingFirstSuccessfulStrategy
public ThrowingFirstSuccessfulStrategy()
-
-
Method Details
-
beforeAllAttempts
public org.apache.shiro.authc.AuthenticationInfo beforeAllAttempts(Collection<? extends org.apache.shiro.realm.Realm> realms, org.apache.shiro.authc.AuthenticationToken token) throws org.apache.shiro.authc.AuthenticationException Clear a possibleAuthenticationServiceUnavailableException
because this strategy will be re-used for multiple authentication processes.- Specified by:
beforeAllAttempts
in interfaceorg.apache.shiro.authc.pam.AuthenticationStrategy
- Overrides:
beforeAllAttempts
in classorg.apache.shiro.authc.pam.FirstSuccessfulStrategy
- Throws:
org.apache.shiro.authc.AuthenticationException
-
afterAttempt
public org.apache.shiro.authc.AuthenticationInfo afterAttempt(org.apache.shiro.realm.Realm realm, org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo singleRealmInfo, org.apache.shiro.authc.AuthenticationInfo aggregateInfo, Throwable t) throws org.apache.shiro.authc.AuthenticationException If the attempt failed due to anAuthenticationServiceUnavailableException
, memoize that exception. Will overwrite any previously memoized exception.- Specified by:
afterAttempt
in interfaceorg.apache.shiro.authc.pam.AuthenticationStrategy
- Overrides:
afterAttempt
in classorg.apache.shiro.authc.pam.AbstractAuthenticationStrategy
- Throws:
org.apache.shiro.authc.AuthenticationException
-
afterAllAttempts
public org.apache.shiro.authc.AuthenticationInfo afterAllAttempts(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo aggregate) throws AuthenticationServiceUnavailableException If none of the attempts was successful and at least one of the attempts was throwing aAuthenticationServiceUnavailableException
, we'll re-throw this exception here.- Specified by:
afterAllAttempts
in interfaceorg.apache.shiro.authc.pam.AuthenticationStrategy
- Overrides:
afterAllAttempts
in classorg.apache.shiro.authc.pam.AbstractAuthenticationStrategy
- Throws:
AuthenticationServiceUnavailableException
- if none of the attempts was successful and at least one of them was throwing an exception of this type.
-