de.aristaflow.adept2.base.security

Class AuthenticationException

java.lang.Object

java.lang.Throwable

java.lang.Exception

de.aristaflow.adept2.base.security.AuthenticationException

All Implemented Interfaces:

java.io.Serializable

public class AuthenticationException
extends java.lang.Exception

An AuthenticationException is thrown when authenticating and the provided Agent user name and/or password are incorrect or the authentication fails due to an exception thrown by the used authentication framework. Usually no message is provided to prevent information on how to get the authentication and thus improve the chance to authenticate illegitimately.
Services encountering an AuthenticationException should check for whether this is possibly caused by an authentication attack and if so, they should take countermeasures, for instance waiting for several time before allowing the next authentication. However, only one service in the stack should take countermeasures, therefore this service should reset the flag for countermeasures.

Author:

Patrick Schmidt, Ulrich Kreher

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected boolean	countMeasReq Whether countermeasures should been taken for this authentication exception.
protected boolean	possibleAttack Whether this authentication exception is caused by wrong authentication data and therefore countermeasures may be required to prevent authentication attacks.

Constructor Summary

Constructors

Constructor and Description
AuthenticationException() Constructs a new AuthenticationException with null as detail message and the authentication being a possible attack.
AuthenticationException(boolean possibleAttack) Constructs a new AuthenticationException with null as detail message.
AuthenticationException(java.lang.String msg, boolean possibleAttack) Creates a new AuthenticationException having the designated message.
AuthenticationException(java.lang.String msg, java.lang.Throwable cause) Creates a new AuthenticationException having the designated message and cause and not being a possible attack.
AuthenticationException(java.lang.Throwable cause, boolean possibleAttack) Creates a new AuthenticationException having the designated cause.

Method Summary

Modifier and Type	Method and Description
boolean	counterMeasuresRequired() Whether this authentication exception has been raised due to wrong authentication data and thus be due to an authentication attack and therefore counter measures (e.g. an increased wait time before the next authentication try) should be taken.
void	counterMeasuresTaken() Whether counter measures have been taken.
boolean	isPossibleAttack() Whether this authentication exception has been raised due to wrong authentication data and thus be due to an authentication attack.

Methods inherited from class java.lang.Throwable

addSuppressed, fillInStackTrace, getCause, getLocalizedMessage, getMessage, getStackTrace, getSuppressed, initCause, printStackTrace, printStackTrace, printStackTrace, setStackTrace, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

possibleAttack

protected final boolean possibleAttack

Whether this authentication exception is caused by wrong authentication data and therefore countermeasures may be required to prevent authentication attacks. To avoid duplicate countermeasures, services taking these should reset the corresponding flag.

countMeasReq

protected boolean countMeasReq

Whether countermeasures should been taken for this authentication exception. If a service takes countermeasures it should reset this to prevent calling services from taking additional countermeasures.

Constructor Detail

AuthenticationException

public AuthenticationException()

Constructs a new AuthenticationException with null as detail message and the authentication being a possible attack.

AuthenticationException

public AuthenticationException(boolean possibleAttack)

Constructs a new AuthenticationException with null as detail message.

Parameters:

possibleAttack - Whether the exception is possibly an attack. This sets the corresponding flags.

AuthenticationException

public AuthenticationException(java.lang.String msg,
                               boolean possibleAttack)

Creates a new AuthenticationException having the designated message.

Parameters:

msg - Information on the occurred exception.

possibleAttack - Whether the exception is possibly an attack. This sets the corresponding flags.

AuthenticationException

public AuthenticationException(java.lang.Throwable cause,
                               boolean possibleAttack)

Creates a new AuthenticationException having the designated cause. This is used for wrapping an exception stemming from JAAS or another used authentication framework.

Parameters:

possibleAttack - Whether the exception is possibly an attack. This sets the corresponding flags.

cause - The cause for the AuthenticationException.

AuthenticationException

public AuthenticationException(java.lang.String msg,
                               java.lang.Throwable cause)

Creates a new AuthenticationException having the designated message and cause and not being a possible attack. This is used for wrapping an exception stemming from JAAS or another used authentication framework.

Parameters:

msg - Information on the occurred exception.

cause - The cause for the AuthenticationException.

Method Detail

isPossibleAttack

public boolean isPossibleAttack()

Whether this authentication exception has been raised due to wrong authentication data and thus be due to an authentication attack.

Returns:

Whether this authentication exception has been raised due to wrong authentication data and thus be due to an authentication attack.

counterMeasuresRequired

public boolean counterMeasuresRequired()

Whether this authentication exception has been raised due to wrong authentication data and thus be due to an authentication attack and therefore counter measures (e.g. an increased wait time before the next authentication try) should be taken.

Returns:

Whether countermeasures should be taken to prevent authentication attacks.

counterMeasuresTaken

public void counterMeasuresTaken()

Whether counter measures have been taken. This prevents several counter measures from different services. Therefore this method should be called by the first service that has taken countermeasures.