Added top class SecurityException for all errors that related to security

Changed from UnauthorizedException to AuthenticationException for wrong username/password
Use SecurityException for failed to tls handshake

Author: Zhen

driver/src/main/java/org/neo4j/driver/internal/cluster/Rediscovery.java

@@ -24,7 +24,7 @@
 import org.neo4j.driver.internal.util.Clock;
 import org.neo4j.driver.v1.Logger;
 import org.neo4j.driver.v1.exceptions.ServiceUnavailableException;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
+import org.neo4j.driver.v1.exceptions.SecurityException;
 
 import static java.lang.String.format;
 
@@ -76,7 +76,7 @@ public ClusterComposition lookupRoutingTable( ConnectionPool connections, Routin
                     cluster = provider.getClusterComposition( connection );
                     logger.info( "Got cluster composition %s", cluster );
                 }
-                catch( UnauthorizedException e )
+                catch( SecurityException e )
                 {
                     throw e; // terminate the discovery immediately
                 }

driver/src/main/java/org/neo4j/driver/internal/net/SocketResponseHandler.java

@@ -22,6 +22,7 @@
 import java.util.Queue;
 import java.util.concurrent.ConcurrentLinkedQueue;
 
+import org.neo4j.driver.v1.exceptions.AuthenticationException;
 import org.neo4j.driver.internal.messaging.MessageHandler;
 import org.neo4j.driver.internal.spi.Collector;
 import org.neo4j.driver.internal.summary.InternalNotification;
@@ -33,7 +34,6 @@
 import org.neo4j.driver.v1.exceptions.DatabaseException;
 import org.neo4j.driver.v1.exceptions.Neo4jException;
 import org.neo4j.driver.v1.exceptions.TransientException;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
 import org.neo4j.driver.v1.summary.Notification;
 import org.neo4j.driver.v1.summary.StatementType;
 import org.neo4j.driver.v1.util.Function;
@@ -68,7 +68,7 @@ public void handleFailureMessage( String code, String message )
             case "ClientError":
                 if( code.equalsIgnoreCase( "Neo.ClientError.Security.Unauthorized" ) )
                 {
-                    error = new UnauthorizedException( code, message );
+                    error = new AuthenticationException( code, message );
                 }
                 else
                 {

driver/src/main/java/org/neo4j/driver/internal/security/TLSSocketChannel.java

@@ -32,7 +32,7 @@
 import org.neo4j.driver.internal.util.BytePrinter;
 import org.neo4j.driver.v1.exceptions.ClientException;
 import org.neo4j.driver.v1.exceptions.ServiceUnavailableException;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
+import org.neo4j.driver.v1.exceptions.SecurityException;
 
 import static java.lang.String.format;
 import static javax.net.ssl.SSLEngineResult.HandshakeStatus.FINISHED;
@@ -82,7 +82,7 @@ public static TLSSocketChannel create( ByteChannel channel, Logger logger, SSLEn
         }
         catch ( SSLHandshakeException e )
         {
-            throw new UnauthorizedException( "Failed to establish secured connection with the server: " + e.getMessage(), e );
+            throw new SecurityException( "Failed to establish secured connection with the server: " + e.getMessage(), e );
         }
         return tlsChannel;
     }

driver/src/main/java/org/neo4j/driver/v1/exceptions/AuthenticationException.java

@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2002-2017 "Neo Technology,"
+ * Network Engine for Objects in Lund AB [http://neotechnology.com]
+ *
+ * This file is part of Neo4j.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.neo4j.driver.v1.exceptions;
+
+/**
+ * Failed to authenticate the driver to the server due to bad credentials provided.
+ * When this error happens, the error could be recovered by closing the current driver and restart a new driver with
+ * the correct credentials.
+ *
+ * @since 1.1
+ */
+public class AuthenticationException extends SecurityException
+{
+    public AuthenticationException( String code, String message )
+    {
+        super( code, message );
+    }
+}

driver/src/main/java/org/neo4j/driver/v1/exceptions/SecurityException.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2002-2017 "Neo Technology,"
+ * Network Engine for Objects in Lund AB [http://neotechnology.com]
+ *
+ * This file is part of Neo4j.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.neo4j.driver.v1.exceptions;
+
+/**
+ * Failed to communicate with the server due to security errors.
+ * When this type of error happens, the security cause of the error should be fixed to ensure the safety of your data.
+ * Restart of server/driver/cluster might be required to recover from this error.
+ * @since 1.1
+ */
+public class SecurityException extends Neo4jException
+{
+    public SecurityException( String code, String message )
+    {
+        super( code, message );
+    }
+
+    public SecurityException( String message, Throwable t )
+    {
+        super( message, t );
+    }
+}

driver/src/main/java/org/neo4j/driver/v1/exceptions/UnauthorizedException.java

@@ -27,7 +27,7 @@
 import javax.net.ssl.SSLSession;
 
 import org.neo4j.driver.v1.exceptions.ServiceUnavailableException;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
+import org.neo4j.driver.v1.exceptions.SecurityException;
 
 import static junit.framework.TestCase.fail;
 import static org.hamcrest.MatcherAssert.assertThat;
@@ -128,7 +128,7 @@ public void shouldThrowUnauthorizedIfFailedToHandshake() throws Throwable
         }
         catch( Exception e )
         {
-            assertThat( e, instanceOf( UnauthorizedException.class ) );
+            assertThat( e, instanceOf( SecurityException.class ) );
             assertThat( e.getMessage(), startsWith( "Failed to establish secured connection with the server: Failed handshake!" ) );
         }
         verify( mockedChannel, never() ).close();

driver/src/test/java/org/neo4j/driver/internal/security/TLSSocketChannelTest.java

@@ -30,7 +30,7 @@
 import org.neo4j.driver.v1.GraphDatabase;
 import org.neo4j.driver.v1.Session;
 import org.neo4j.driver.v1.Value;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
+import org.neo4j.driver.v1.exceptions.SecurityException;
 import org.neo4j.driver.v1.util.Neo4jSettings;
 import org.neo4j.driver.v1.util.TestNeo4j;
 
@@ -79,7 +79,7 @@ public void shouldGetHelpfulErrorOnInvalidCredentials() throws Throwable
         }
         catch( Throwable e )
         {
-            assertThat( e, instanceOf( UnauthorizedException.class ) );
+            assertThat( e, instanceOf( SecurityException.class ) );
             assertThat( e.getMessage(), containsString( "The client is unauthorized due to authentication failure." ) );
         }
     }

driver/src/test/java/org/neo4j/driver/v1/integration/CredentialsIT.java

@@ -42,7 +42,7 @@
 import org.neo4j.driver.v1.Logging;
 import org.neo4j.driver.v1.Session;
 import org.neo4j.driver.v1.StatementResult;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
+import org.neo4j.driver.v1.exceptions.SecurityException;
 import org.neo4j.driver.v1.util.CertificateToolTest;
 import org.neo4j.driver.v1.util.Neo4jRunner;
 import org.neo4j.driver.v1.util.Neo4jSettings;
@@ -156,7 +156,7 @@ public void shouldNotPerformTLSHandshakeWithNonSystemCert() throws Throwable
                  sslChannel = TLSSocketChannel.create(address, securityPlan, channel, logger);
                  fail( "Should have thrown exception" );
             }
-            catch ( UnauthorizedException e )
+            catch ( SecurityException e )
             {
                 assertThat( e.getMessage(), containsString( "General SSLEngine problem" ) );
                 assertThat( getRootCause( e ).getMessage(),
@@ -198,7 +198,7 @@ public void shouldFailTLSHandshakeDueToWrongCertInKnownCertsFile() throws Throwa
             sslChannel = TLSSocketChannel.create( address, securityPlan, channel, DEV_NULL_LOGGER );
             fail( "Should have thrown exception" );
         }
-        catch ( UnauthorizedException e )
+        catch ( SecurityException e )
         {
             assertThat( e.getMessage(), containsString( "General SSLEngine problem" ) );
             assertThat( getRootCause( e ).getMessage(), containsString(
@@ -249,7 +249,7 @@ public void shouldFailTLSHandshakeDueToServerCertNotSignedByKnownCA() throws Thr
             sslChannel = TLSSocketChannel.create( neo4j.address(), securityPlan, channel, mock( Logger.class ) );
             fail( "Should have thrown exception" );
         }
-        catch ( UnauthorizedException e )
+        catch ( SecurityException e )
         {
             assertThat( e.getMessage(), containsString( "General SSLEngine problem" ) );
             assertThat( getRootCause( e ).getMessage(), containsString( "No trusted certificate found" ) );

driver/src/test/java/org/neo4j/driver/v1/integration/TLSSocketChannelIT.java

@@ -51,7 +51,7 @@
 import org.neo4j.driver.v1.StatementResult;
 import org.neo4j.driver.v1.Transaction;
 import org.neo4j.driver.v1.exceptions.ClientException;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
+import org.neo4j.driver.v1.exceptions.SecurityException;
 import org.neo4j.driver.v1.types.Node;
 import org.neo4j.driver.v1.util.DaemonThreadFactory;
 import org.neo4j.driver.v1.util.cc.LocalOrRemoteClusterRule;
@@ -411,7 +411,7 @@ public void execute()
             }
             catch ( Exception e )
             {
-                assertThat( e, instanceOf( UnauthorizedException.class ) );
+                assertThat( e, instanceOf( SecurityException.class ) );
                 assertThat( e.getMessage(), containsString( "authentication failure" ) );
 
                 ArgumentCaptor<Throwable> captor = ArgumentCaptor.forClass( Throwable.class );

driver/src/test/java/org/neo4j/driver/v1/stress/CausalClusteringStressIT.java

@@ -33,7 +33,7 @@
 import org.neo4j.driver.v1.GraphDatabase;
 import org.neo4j.driver.v1.Session;
 import org.neo4j.driver.v1.StatementResult;
-import org.neo4j.driver.v1.exceptions.UnauthorizedException;
+import org.neo4j.driver.v1.exceptions.SecurityException;
 import org.neo4j.driver.v1.util.CertificateToolTest.CertificateSigningRequestGenerator;
 import org.neo4j.driver.v1.util.CertificateToolTest.SelfSignedCertificateGenerator;
 import org.neo4j.driver.v1.util.Neo4jRunner;
@@ -134,7 +134,7 @@ public void creatingSessionsShouldFail() throws Throwable
     public void iShouldGetAHelpfulErrorExplainingThatCertificateChanged( String str ) throws Throwable
     {
         assertThat( exception, notNullValue() );
-        assertThat( exception, instanceOf( UnauthorizedException.class ) );
+        assertThat( exception, instanceOf( SecurityException.class ) );
         Throwable rootCause = getRootCause( exception );
         assertThat( rootCause.toString(), containsString(
                 "Unable to connect to neo4j at `localhost:7687`, because the certificate the server uses has changed. " +
@@ -244,7 +244,7 @@ public void aRunningNeo4jDatabaseUsingACertNotSignedByTheTrustedCertificates() t
     public void iShouldGetAHelpfulErrorExplainingThatCertificatedNotSigned() throws Throwable
     {
         assertThat( exception, notNullValue() );
-        assertThat( exception, instanceOf( UnauthorizedException.class ) );
+        assertThat( exception, instanceOf( SecurityException.class ) );
         Throwable rootCause = getRootCause( exception );
         assertThat( rootCause.toString(), containsString( "Signature does not match.") );
     }