Package org.graylog2.shared.security

Class ThrowingFirstSuccessfulStrategy

java.lang.Object
org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
org.apache.shiro.authc.pam.FirstSuccessfulStrategy
org.graylog2.shared.security.ThrowingFirstSuccessfulStrategy
All Implemented Interfaces:
org.apache.shiro.authc.pam.AuthenticationStrategy
public class ThrowingFirstSuccessfulStrategy extends org.apache.shiro.authc.pam.FirstSuccessfulStrategy
An authentication strategy pretty much the same as the FirstSuccessfulStrategy with the difference that it will memoize a AuthenticationServiceUnavailableException thrown by any attempt. It will rethrow this exception on the final afterAllAttempts(AuthenticationToken, AuthenticationInfo) call, if none of the attempts were successful.

This way we can retain the fact that authentication probably failed due to a service being unavailable and not because the user's credentials were wrong.

  • Constructor Summary

    Constructors
    Constructor
    Description
    ThrowingFirstSuccessfulStrategy()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    org.apache.shiro.authc.AuthenticationInfo
    afterAllAttempts(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo aggregate)
    If none of the attempts was successful and at least one of the attempts was throwing a AuthenticationServiceUnavailableException, we'll re-throw this exception here.
    org.apache.shiro.authc.AuthenticationInfo
    afterAttempt(org.apache.shiro.realm.Realm realm, org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo singleRealmInfo, org.apache.shiro.authc.AuthenticationInfo aggregateInfo, Throwable t)
    If the attempt failed due to an AuthenticationServiceUnavailableException, memoize that exception.
    org.apache.shiro.authc.AuthenticationInfo
    beforeAllAttempts(Collection<? extends org.apache.shiro.realm.Realm> realms, org.apache.shiro.authc.AuthenticationToken token)
    Clear a possible AuthenticationServiceUnavailableException because this strategy will be re-used for multiple authentication processes.

    Methods inherited from class org.apache.shiro.authc.pam.FirstSuccessfulStrategy

    beforeAttempt, getStopAfterFirstSuccess, merge, setStopAfterFirstSuccess

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • ThrowingFirstSuccessfulStrategy

      public ThrowingFirstSuccessfulStrategy()

  • Method Details

    • beforeAllAttempts

      public org.apache.shiro.authc.AuthenticationInfo beforeAllAttempts(Collection<? extends org.apache.shiro.realm.Realm> realms, org.apache.shiro.authc.AuthenticationToken token) throws org.apache.shiro.authc.AuthenticationException
      Clear a possible AuthenticationServiceUnavailableException because this strategy will be re-used for multiple authentication processes.
      Specified by:
      beforeAllAttempts in interface org.apache.shiro.authc.pam.AuthenticationStrategy
      Overrides:
      beforeAllAttempts in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
      Throws:
      org.apache.shiro.authc.AuthenticationException

    • afterAttempt

      public org.apache.shiro.authc.AuthenticationInfo afterAttempt(org.apache.shiro.realm.Realm realm, org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo singleRealmInfo, org.apache.shiro.authc.AuthenticationInfo aggregateInfo, Throwable t) throws org.apache.shiro.authc.AuthenticationException
      If the attempt failed due to an AuthenticationServiceUnavailableException, memoize that exception. Will overwrite any previously memoized exception.
      Specified by:
      afterAttempt in interface org.apache.shiro.authc.pam.AuthenticationStrategy
      Overrides:
      afterAttempt in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
      Throws:
      org.apache.shiro.authc.AuthenticationException

    • afterAllAttempts

      public org.apache.shiro.authc.AuthenticationInfo afterAllAttempts(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo aggregate) throws AuthenticationServiceUnavailableException
      If none of the attempts was successful and at least one of the attempts was throwing a AuthenticationServiceUnavailableException, we'll re-throw this exception here.
      Specified by:
      afterAllAttempts in interface org.apache.shiro.authc.pam.AuthenticationStrategy
      Overrides:
      afterAllAttempts in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
      Throws:
      AuthenticationServiceUnavailableException - if none of the attempts was successful and at least one of them was throwing an exception of this type.