I have code where i'm connecting to TFS using java tfs sdk like below,
*
*Credentials credentials = new UsernamePasswordCredentials( "xxxxxx", "XXXXX"); getConnection(serverURI, credentials, maxDate, buildNo);
}
private static void getConnection(URI serverURI, final Credentials credentials, String maxDate, String buildNo)
{
TFSTeamProjectCollection tpc = null;
try{
tpc = new TFSTeamProjectCollection(serverURI, credentials);
tpc.authenticate();
}catch(Exception e){
System.out.println(e.getMessage());
}*
But its stop authenticating using username and password, what the alternative authentication type like PAT - i need code to authenticate it, please help on this.
I tested with username and password as credentials, and I can connect to TFS normally on my side.
Here is a ticket you can refer to .
Related
I'm trying to connect to an SMB server using com.hierynomus.smbj v0.10.0. Connection is ok but as soon as I try to authenticate I'm getting this exception:
com.hierynomus.mssmb2.SMBApiException: STATUS_ACCESS_DENIED (0xc0000022): Authentication failed for 'USERNAME' using com.hierynomus.smbj.auth.NtlmAuthenticator#4152d38d
at com.hierynomus.smbj.connection.Connection.authenticate(Connection.java:194)
at MyTest.smbj(MyTest.java:...)
Here is the test code to see what I'm doing:
#Test
void smbj() throws Exception {
SMBClient client = new SMBClient();
try (Connection connection = client.connect("my-smb-server.de")) {
AuthenticationContext ac = new AuthenticationContext("USERNAME", "PASSWORD".toCharArray(), "DOMAIN");
Session session = connection.authenticate(ac);
// ... do more here ...
}
}
The SMB server and connection is perfectly fine since I'm able to connect from the same machine the test is running using multiple GUI tools (e.g. ForkLift) without any customized settings.
connection.getConnectionInfo() returns this before doing the authentication:
Successfully connected to: my-smb-server.de
ConnectionInfo{
serverGuid=975b39d3-55c0-4490-84e7-80371b734ce7,
serverName='my-smb-server.de',
negotiatedProtocol=NegotiatedProtocol{dialect=SMB_2_1, maxTransactSize=8388608, maxReadSize=8388608, maxWriteSize=8388608},
clientGuid=85863c1f-0328-4c21-9a72-b3d907b23a1d,
clientCapabilities=[SMB2_GLOBAL_CAP_DFS],
serverCapabilities=[SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_LEASING, SMB2_GLOBAL_CAP_LARGE_MTU], > clientSecurityMode=0,
serverSecurityMode=3,
server='null' }
Any help is highly appreciated.
So I have a working ftp connection and I can upload files and whatnot. However currently I'm storing the pw/user as hardcoded values (which I know isn't good) and want to see if I can hide/encrypt them somehow. I would also like to encrypt the actual ftp connection if possible as well. Any information/pointers would be great!
private int ftpProcess(String serverName, String userName, String password) {
FTPClient ftp = new FTPClient();
int statusCode = 0;
try {
ftp.connect(serverName);
// was required to add this passive mode in TC8 to connect to the mainframe
ftp.enterLocalPassiveMode();
ftp.login(userName, password);
ftp.site("filetype=jes");
submitJcl(ftp, "submitTest.txt", serverName);
ftp.quit();
} catch (Exception e) {
logger.error(e);
statusCode = 3;
}
return statusCode;
}
You can encrypt values in your application.properties with Jasypt.
See the following link for a details description:
https://stackoverflow.com/a/37424296/13454816
If you are already using Spring, you could can add org.springframework.boot:spring-boot-starter-security dependency and use BCryptPasswordEncoder to encode the values:
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
String enc = encoder.encode(value);
Documentation is here:
https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.html
And this is a very helpful tutorial:
https://www.baeldung.com/spring-security-registration-password-encoding-bcrypt
Iam trying to authenticate a Java app with Cognito.
I have used for python the warrant library that worked very good. But i want to do the same in java now.
My Python function i used for authentication with the warrant library
def SRPauthentication(organizationAdmin,
password,
pool_id,
client_id,
client):
aws = AWSSRP(username=organizationAdmin,
password=password,
pool_id=pool_id,
client_id=client_id,
client=client)
tokens = aws.authenticate_user()
authorization_token= tokens['AuthenticationResult']['IdToken']
return authorization_token
with this i could easily acces some secured APIs.
Now i want to do the same with Java but i have problems.
This is my solution so far is this method:
public static void GetCreds()
{
AWSCognitoIdentityProvider identityProvider = AWSCognitoIdentityProviderClientBuilder.defaultClient();
AdminInitiateAuthRequest adminInitiateAuthRequest = new AdminInitiateAuthRequest().
withAuthFlow(AuthFlowType.USER_SRP_AUTH).
withClientId("234234234234").withUserPoolId("eu-central-1_sdfsdfdsf")
.addAuthParametersEntry("USERNAME", "UserK").
addAuthParametersEntry("PASSWORD","#######);
adminInitiateAuthRequest.getAuthFlow();
AdminInitiateAuthResult adminInitiateAuth = identityProvider.adminInitiateAuth(adminInitiateAuthRequest);
System.out.println(adminInitiateAuth.getAuthenticationResult().getIdToken());
}
When i run this i get an Exception:
Exception in thread "main" `com.amazonaws.services.cognitoidp.model.AWSCognitoIdentityProviderException: User: arn:aws:iam::XXXXXXXXXXXXXXXXX:user/khan is not authorized to perform: cognito-idp:AdminInitiateAuth on resource: arn:aws:cognito-idp:eu-central-1:XXXXXXXX:userpool/eu-central-1_XXXXXXX with an explicit deny (Service: AWSCognitoIdentityProvider; Status Code: 400; Error Code: AccessDeniedException; Request ID: 21be0b8e-adec-11e8-ad45-234234234)`
It says iam not authorized to perform this kind of instruction. So i guess iam doing something generally wrong. Because its working with my python code and in Java it recognizes my username from the credentials. The Cognito call should actually be independent from my aws credentials/useraccount right?
How to authenticate with Cognito using Java to get an Token to access secured aws services?
EDIT:
AWSCognitoIdentityProvider identityProvider = AWSCognitoIdentityProviderClientBuilder.standard()
.build();
InitiateAuthRequest adminInitiateAuthRequest = new InitiateAuthRequest()
.withAuthFlow(AuthFlowType.USER_SRP_AUTH)
.withClientId("XXXXXXXXXXXXXXXXX")
.addAuthParametersEntry("USERNAME", "user").
addAuthParametersEntry("PASSWORD","za$Lwn")
.addAuthParametersEntry("SRP_A",new AuthenticationHelper("eu-central-1XXXXXXXXX").getA().toString(16));
adminInitiateAuthRequest.getAuthFlow();
InitiateAuthResult adminInitiateAuth = identityProvider.initiateAuth(adminInitiateAuthRequest);
System.out.println(adminInitiateAuth);
I changed the AdminInitateAuthRequest to InitateAuthRequest. After that i had the Error missing SRP_A parameter that i somehow fixed with a similiar question here
And now i recive this :
{ChallengeName: PASSWORD_VERIFIER,ChallengeParameters: {SALT=877734234324234ed68300f39bc5b, SECRET_BLOCK=lrkwejrlewrjlewkjrewlrkjwerlewkjrewlrkjewrlkewjrlewkrjZ+Q==, USER_ID_FOR_SRP=user, USERNAME=user, SRP_B=43ecc1lwkerjwelrkjewlrjewrlkewjrpoipweoriwe9r873jr34h9r834hr3455f7d079d71e5012f1623ed54dd10b832792dafa3438cca3f59c0f462cbaee255d5b7c2werwerwerkjweorkjwerwerewrf5020e4f8b5452f3b89caef4a797456743602b80b5259261f90e52374adc06b456521a9026cce9c1cbe8b9ffd6040e8c1589d35546861422110ac7e38c1c93389b802a03e3e2e4a50e75d088275195f836f66e25f1a431dd56bb2},}
I have shorten the result with all the keys, but what to do next ?
Finally i could solve it with this code class.
There are multiple challenges involved in SRP authentication. The InitiateAuthRequest is one first request that is necessary.
This similiar question helped me :
stackoverflow
stackoverfow
String PerformSRPAuthentication(String username, String password) {
String authresult = null;
InitiateAuthRequest initiateAuthRequest = initiateUserSrpAuthRequest(username);
try {
AnonymousAWSCredentials awsCreds = new AnonymousAWSCredentials();
AWSCognitoIdentityProvider cognitoIdentityProvider = AWSCognitoIdentityProviderClientBuilder
.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCreds))
.withRegion(Regions.fromName(this.region))
.build();
InitiateAuthResult initiateAuthResult = cognitoIdentityProvider.initiateAuth(initiateAuthRequest);
if (ChallengeNameType.PASSWORD_VERIFIER.toString().equals(initiateAuthResult.getChallengeName())) {
RespondToAuthChallengeRequest challengeRequest = userSrpAuthRequest(initiateAuthResult, password);
RespondToAuthChallengeResult result = cognitoIdentityProvider.respondToAuthChallenge(challengeRequest);
//System.out.println(result);
System.out.println(CognitoJWTParser.getPayload(result.getAuthenticationResult().getIdToken()));
authresult = result.getAuthenticationResult().getIdToken();
}
} catch (final Exception ex) {
System.out.println("Exception" + ex);
}
return authresult;
}
private InitiateAuthRequest initiateUserSrpAuthRequest(String username) {
InitiateAuthRequest initiateAuthRequest = new InitiateAuthRequest();
initiateAuthRequest.setAuthFlow(AuthFlowType.USER_SRP_AUTH);
initiateAuthRequest.setClientId(this.clientId);
//Only to be used if the pool contains the secret key.
//initiateAuthRequest.addAuthParametersEntry("SECRET_HASH", this.calculateSecretHash(this.clientId,this.secretKey,username));
initiateAuthRequest.addAuthParametersEntry("USERNAME", username);
initiateAuthRequest.addAuthParametersEntry("SRP_A", this.getA().toString(16));
return initiateAuthRequest;
}
i have been developing a chat application using smack client library 4.1.8 and xmpp server(openfire server) but while trying to create new user using Accountmanger class it raises and exception "XMPPError: bad-request - modify"
XMPPTCPConnectionConfiguration conf = XMPPTCPConnectionConfiguration.builder()
.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled)
.setHost("127.0.0.1")
.setDebuggerEnabled(true)
.setPort(5222)
.setSendPresence(true)
.setServiceName("127.0.0.1")
.build();
AbstractXMPPConnection conn2 = new XMPPTCPConnection(conf);
//conn2.login();
conn2.connect();
AccountManager accountManager = AccountManager.getInstance(conn2);
if (accountManager.supportsAccountCreation()) {
accountManager.sensitiveOperationOverInsecureConnection(true);
accountManager.createAccount("qidus", "123456");
conn2.login("qidus", "123456");
}
} catch (SmackException | IOException | XMPPException e) {
e.printStackTrace();
}
and the exception is this
04:01:41 AM SENT (0): <iq to='127.0.0.1' id='aYej1-3' type='get'><query xmlns='jabber:iq:register'></query></iq>
04:01:41 AM RECV (0):
org.jivesoftware.smack.XMPPException$XMPPErrorException: XMPPError: bad-request - modify
at org.jivesoftware.smack.XMPPException$XMPPErrorException.ifHasErrorThenThrow(XMPPException.java:135)
at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:232)
at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:213)
at org.jivesoftware.smackx.iqregister.AccountManager.getRegistrationInfo(AccountManager.java:332)
at org.jivesoftware.smackx.iqregister.AccountManager.supportsAccountCreation(AccountManager.java:144)
at chat.Chat$1.run(Chat.java:46)
You need to set properly Service Name. You can chek your serviceName in Openfire through admin panel (127.0.0.1:9090) it's in first page in middle of the page, look for "Server Name" after login.
By default it's your machine name.
However your code will run just once: 2nd time AccountManger will throw an exception due to already registered user.
You also get this error or exception when the username which you are passing for account creation has the null value.So check your username also.
I'm beginner,
I'm writing a program which logins into my g-mail accounts and checks the messages in the Inbox.
To do this I'm using imaps ("imaps.gmail.com").
But what my problem is while logging into all the accounts, checking the messages in it one by one.
Program Reporting an error/kind of:
javax.mail.AuthenticationFailedException: [ALERT] Please log in via
your web browser: some url (Failure) imaps: xxxx#gmail.com for the
second and other accounts...
From this What I understand is I'm not closing sessions, store properly. So,Program is unable to check in the respective second and rest mail accounts..
Someone Help (With clarification)..
And the architecture of my code:
public class InboxRead {
public static boolean release = false;
private Session session = null;
public void checkInbox(String username, String password) {
// logging into account using imaps..
Properties props = System.getProperties();
props.setProperty("mail.store.protocol", "imaps");
session = Session.getDefaultInstance(props, null);
store = session.getStore("imaps");
store.connect("imap.gmail.com", username, password);
System.out.println(store);
// reading inbox... closing all folders here
store.close();
session = null;
release = true;
}
public static void main(String[] args) {
for(;;) { // gives no of accounts with credentials..
do {
String username = "xxx#gmail.com";
String password = "xxxx";
InboxRead.checkInbox(username, password);
} while(release);
}
}
}
...
Its a Google gateway thrown error. Google maintain high security in the aspect of profile access or even mail access but even that can be controlled by the user using below link Google secure control
go to that link with your google account and select "turn on" and then try to execute your program.