org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent Java Examples

The following examples show how to use org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: KeycloakAuthenticationProcessingFilter.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
                                        Authentication authResult) throws IOException, ServletException {
    if (authResult instanceof KeycloakAuthenticationToken && ((KeycloakAuthenticationToken) authResult).isInteractive()) {
        super.successfulAuthentication(request, response, chain, authResult);
        return;
    }

    if (log.isDebugEnabled()) {
        log.debug("Authentication success using bearer token/basic authentication. Updating SecurityContextHolder to contain: {}", authResult);
    }

    SecurityContext context = SecurityContextHolder.createEmptyContext();
    context.setAuthentication(authResult);
    SecurityContextHolder.setContext(context);

    try {
        // Fire event
        if (this.eventPublisher != null) {
            eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
        }
        chain.doFilter(request, response);
    } finally {
        SecurityContextHolder.clearContext();
    }
}
 
Example #2
Source File: IntegrationAuthenticationFilter.java    From nextreports-server with Apache License 2.0 6 votes vote down vote up
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
            Authentication authResult) throws IOException, ServletException {

        if (logger.isDebugEnabled()) {
            logger.debug("Authentication success. Updating SecurityContextHolder to contain: " + authResult);
        }

        SecurityContextHolder.getContext().setAuthentication(authResult);

        if (this.eventPublisher != null) {
            eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
        }

        removeJSessionIdCookie(request, response);
        
//        successHandler.onAuthenticationSuccess(request, response, authResult);
    }
 
Example #3
Source File: AuthenticationListener.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
@EventListener({ InteractiveAuthenticationSuccessEvent.class, AuthenticationSuccessEvent.class })
public void handleAuthenticationSuccess( AbstractAuthenticationEvent event )
{
    Authentication auth = event.getAuthentication();

    if ( TwoFactorWebAuthenticationDetails.class.isAssignableFrom( auth.getDetails().getClass() ) )
    {
        TwoFactorWebAuthenticationDetails authDetails =
            ( TwoFactorWebAuthenticationDetails ) auth.getDetails();

        log.debug( String.format( "Login attempt succeeded for remote IP: %s", authDetails.getIp() ) );
    }

    final String username = event.getAuthentication().getName();

    UserCredentials credentials = userService.getUserCredentialsByUsername( username );

    boolean readOnly = config.isReadOnlyMode();

    if ( Objects.nonNull( credentials ) && !readOnly )
    {
        credentials.updateLastLogin();
        userService.updateUserCredentials( credentials );
    }

    securityService.registerSuccessfulLogin( username );
}
 
Example #4
Source File: UserAuthSuccessfulHandler.java    From eds-starter6-jpa with Apache License 2.0 5 votes vote down vote up
@Override
@Transactional
public void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
	Object principal = event.getAuthentication().getPrincipal();
	if (principal instanceof JpaUserDetails) {
		Long userId = ((JpaUserDetails) principal).getUserDbId();

		this.jpaQueryFactory.update(QUser.user).setNull(QUser.user.lockedOutUntil)
				.setNull(QUser.user.failedLogins).where(QUser.user.id.eq(userId))
				.execute();
	}
}
 
Example #5
Source File: SessionLoginTracker.java    From fredbet with Creative Commons Attribution Share Alike 4.0 International 5 votes vote down vote up
@Override
public void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
    UserDetails userDetails = (UserDetails) event.getAuthentication().getPrincipal();
    RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
    if (requestAttributes != null) {
        final String sessionId = requestAttributes.getSessionId();
        sessionTrackingService.registerLogin(userDetails.getUsername(), sessionId);
        LOG.info("Login: user={}, sessionId={}", userDetails.getUsername(), sessionId);
    }
}
 
Example #6
Source File: AuthenticationApplicationListener.java    From website with GNU Affero General Public License v3.0 5 votes vote down vote up
@Override
public void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
	User user = AuthenticationService.currentActingUser();
	if (user != null) {
		AuthenticationLogContext authenticationLogContext = getAuthenticationLogContext(event);
		if (authenticationLogContext != null) {
			AuthenticationService.createLog(user, authenticationLogContext);
		}
	}
}
 
Example #7
Source File: SpringSecurityListener.java    From lemon with Apache License 2.0 5 votes vote down vote up
public void onApplicationEvent(ApplicationEvent event) {
    try {
        if (event instanceof InteractiveAuthenticationSuccessEvent) {
            this.logLoginSuccess(event);
        }

        if (event instanceof AuthenticationFailureBadCredentialsEvent) {
            this.logBadCredential(event);
        }

        if (event instanceof AuthenticationFailureLockedEvent) {
            this.logLocked(event);
        }

        if (event instanceof AuthenticationFailureDisabledEvent) {
            this.logDisabled(event);
        }

        if (event instanceof AuthenticationFailureExpiredEvent) {
            this.logAccountExpired(event);
        }

        if (event instanceof AuthenticationFailureCredentialsExpiredEvent) {
            this.logCredentialExpired(event);
        }
    } catch (Exception ex) {
        logger.error(ex.getMessage(), ex);
    }
}
 
Example #8
Source File: SpringSecurityListener.java    From lemon with Apache License 2.0 5 votes vote down vote up
public void logLoginSuccess(ApplicationEvent event) throws Exception {
    InteractiveAuthenticationSuccessEvent interactiveAuthenticationSuccessEvent = (InteractiveAuthenticationSuccessEvent) event;
    Authentication authentication = interactiveAuthenticationSuccessEvent
            .getAuthentication();

    String tenantId = this.getTenantId(authentication);
    Object principal = authentication.getPrincipal();
    String userId = null;

    if (principal instanceof SpringSecurityUserAuth) {
        userId = ((SpringSecurityUserAuth) principal).getId();
    } else {
        userId = authentication.getName();
    }

    AuditDTO auditDto = new AuditDTO();
    auditDto.setUserId(userId);
    auditDto.setAuditTime(new Date());
    auditDto.setAction("login");
    auditDto.setResult("success");
    auditDto.setApplication("lemon");
    auditDto.setClient(getUserIp(authentication));
    auditDto.setServer(InetAddress.getLocalHost().getHostAddress());
    auditDto.setTenantId(tenantId);
    auditConnector.log(auditDto);

    // 登录成功,再发送一个消息,以后这里的功能都要改成listener,不用直接写接口了。解耦更好一些。
    ctx.publishEvent(new LoginEvent(authentication, userId, this
            .getSessionId(authentication), "success", "default", tenantId));
}
 
Example #9
Source File: AuthenticationApplicationListener.java    From website with GNU Affero General Public License v3.0 4 votes vote down vote up
private AuthenticationLogContext getAuthenticationLogContext(InteractiveAuthenticationSuccessEvent event) {
	return eventGeneratedByClassToAuthenticationLogContextMap.get(event.getGeneratedBy());
}