org.springframework.security.web.authentication.WebAuthenticationDetails Java Examples

The following examples show how to use org.springframework.security.web.authentication.WebAuthenticationDetails. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuditEventConverter.java    From e-commerce-microservice with Apache License 2.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #2
Source File: AuditEventConverter.java    From okta-jhipster-microservices-oauth-example with Apache License 2.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #3
Source File: AuditEventConverter.java    From alchemy with Apache License 2.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string.
 *
 * @param data the data to convert.
 * @return a map of {@link String}, {@link String}.
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #4
Source File: CustomAuditEventRepositoryIT.java    From java-microservices-examples with Apache License 2.0 6 votes vote down vote up
@Test
public void testAddEventWithWebAuthenticationDetails() {
    HttpSession session = new MockHttpSession(null, "test-session-id");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setSession(session);
    request.setRemoteAddr("1.2.3.4");
    WebAuthenticationDetails details = new WebAuthenticationDetails(request);
    Map<String, Object> data = new HashMap<>();
    data.put("test-key", details);
    AuditEvent event = new AuditEvent("test-user", "test-type", data);
    customAuditEventRepository.add(event);
    List<PersistentAuditEvent> persistentAuditEvents = persistenceAuditEventRepository.findAll();
    assertThat(persistentAuditEvents).hasSize(1);
    PersistentAuditEvent persistentAuditEvent = persistentAuditEvents.get(0);
    assertThat(persistentAuditEvent.getData().get("remoteAddress")).isEqualTo("1.2.3.4");
    assertThat(persistentAuditEvent.getData().get("sessionId")).isEqualTo("test-session-id");
}
 
Example #5
Source File: AuditEventConverter.java    From java-microservices-examples with Apache License 2.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string.
 *
 * @param data the data to convert.
 * @return a map of {@link String}, {@link String}.
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #6
Source File: KnoxSSOAuthenticationFilter.java    From metron with Apache License 2.0 6 votes vote down vote up
/**
 * Builds the Spring Authentication object using the supplied user name and groups looked up from LDAP.  Groups are currently
 * mapped directly to Spring roles by converting to upper case and prepending the name with "ROLE_".
 * @param userName The username to build the Authentication object with.
 * @param httpRequest HttpServletRequest
 * @return Authentication object for the given user.
 */
protected Authentication getAuthentication(String userName, HttpServletRequest httpRequest) {
  String ldapName = LdapNameBuilder.newInstance().add(userSearchBase).add("uid", userName).build().toString();

  // Search ldap for a user's groups and convert to a Spring role
  List<GrantedAuthority> grantedAuths = ldapTemplate.search(query()
          .where("objectclass")
          .is("groupOfNames")
          .and("member")
          .is(ldapName), (AttributesMapper<String>) attrs -> (String) attrs.get("cn").get())
          .stream()
          .map(group -> String.format("%s%s", SECURITY_ROLE_PREFIX, group.toUpperCase()))
          .map(SimpleGrantedAuthority::new).collect(Collectors.toList());

  final UserDetails principal = new User(userName, "", grantedAuths);
  final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
          principal, "", grantedAuths);
  WebAuthenticationDetails webDetails = new WebAuthenticationDetails(httpRequest);
  authentication.setDetails(webDetails);
  return authentication;
}
 
Example #7
Source File: AuditEventConverter.java    From angularjs-springboot-bookstore with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (String key : data.keySet()) {
            Object object = data.get(key);

            // Extract the data that will be saved.
            if (object instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) object;
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(key, object.toString());
            }
        }
    }

    return results;
}
 
Example #8
Source File: AuditEventConverter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #9
Source File: ChoerodonAuthenticationKeyGenerator.java    From oauth-server with Apache License 2.0 6 votes vote down vote up
@Override
public String extractKey(OAuth2Authentication authentication) {
    Map<String, String> values = new LinkedHashMap<>();
    OAuth2Request authorizationRequest = authentication.getOAuth2Request();
    if (!authentication.isClientOnly()) {
        values.put(USERNAME, authentication.getName());
    }
    values.put(CLIENT_ID, authorizationRequest.getClientId());
    if (authorizationRequest.getScope() != null) {
        values.put(SCOPE, OAuth2Utils.formatParameterList(new TreeSet<>(authorizationRequest.getScope())));
    }
    Authentication auth = authentication.getUserAuthentication();
    if (auth != null && auth.getDetails() instanceof WebAuthenticationDetails) {
        String sessionId = ((WebAuthenticationDetails) auth.getDetails()).getSessionId();
        logger.info("sessionId : {}", sessionId);
        if (!StringUtils.isEmpty(sessionId)) {
            values.put(SESSION, sessionId);
        }
    }
    return generateKey(values);
}
 
Example #10
Source File: CustomAuditEventRepositoryIntTest.java    From ehcache3-samples with Apache License 2.0 6 votes vote down vote up
@Test
public void testAddEventWithWebAuthenticationDetails() {
    HttpSession session = new MockHttpSession(null, "test-session-id");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setSession(session);
    request.setRemoteAddr("1.2.3.4");
    WebAuthenticationDetails details = new WebAuthenticationDetails(request);
    Map<String, Object> data = new HashMap<>();
    data.put("test-key", details);
    AuditEvent event = new AuditEvent("test-user", "test-type", data);
    customAuditEventRepository.add(event);
    List<PersistentAuditEvent> persistentAuditEvents = persistenceAuditEventRepository.findAll();
    assertThat(persistentAuditEvents).hasSize(1);
    PersistentAuditEvent persistentAuditEvent = persistentAuditEvents.get(0);
    assertThat(persistentAuditEvent.getData().get("remoteAddress")).isEqualTo("1.2.3.4");
    assertThat(persistentAuditEvent.getData().get("sessionId")).isEqualTo("test-session-id");
}
 
Example #11
Source File: CustomAuditEventRepositoryIntTest.java    From TeamDojo with Apache License 2.0 6 votes vote down vote up
@Test
public void testAddEventWithWebAuthenticationDetails() {
    HttpSession session = new MockHttpSession(null, "test-session-id");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setSession(session);
    request.setRemoteAddr("1.2.3.4");
    WebAuthenticationDetails details = new WebAuthenticationDetails(request);
    Map<String, Object> data = new HashMap<>();
    data.put("test-key", details);
    AuditEvent event = new AuditEvent("test-user", "test-type", data);
    customAuditEventRepository.add(event);
    List<PersistentAuditEvent> persistentAuditEvents = persistenceAuditEventRepository.findAll();
    assertThat(persistentAuditEvents).hasSize(1);
    PersistentAuditEvent persistentAuditEvent = persistentAuditEvents.get(0);
    assertThat(persistentAuditEvent.getData().get("remoteAddress")).isEqualTo("1.2.3.4");
    assertThat(persistentAuditEvent.getData().get("sessionId")).isEqualTo("test-session-id");
}
 
Example #12
Source File: SpringSecurityUtils.java    From lemon with Apache License 2.0 6 votes vote down vote up
/**
 * 取得当前用户登录IP, 如果当前用户未登录则返回空字符串.
 * 
 * @return String
 */
public static String getCurrentUserIp() {
    Authentication authentication = getAuthentication();

    if (authentication == null) {
        return "";
    }

    Object details = authentication.getDetails();

    if (!(details instanceof WebAuthenticationDetails)) {
        return "";
    }

    WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;

    return webDetails.getRemoteAddress();
}
 
Example #13
Source File: AuditEventConverter.java    From Spring-5.0-Projects with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #14
Source File: CustomAuditEventRepositoryIntTest.java    From Spring-5.0-Projects with MIT License 6 votes vote down vote up
@Test
public void testAddEventWithWebAuthenticationDetails() {
    HttpSession session = new MockHttpSession(null, "test-session-id");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setSession(session);
    request.setRemoteAddr("1.2.3.4");
    WebAuthenticationDetails details = new WebAuthenticationDetails(request);
    Map<String, Object> data = new HashMap<>();
    data.put("test-key", details);
    AuditEvent event = new AuditEvent("test-user", "test-type", data);
    customAuditEventRepository.add(event);
    List<PersistentAuditEvent> persistentAuditEvents = persistenceAuditEventRepository.findAll();
    assertThat(persistentAuditEvents).hasSize(1);
    PersistentAuditEvent persistentAuditEvent = persistentAuditEvents.get(0);
    assertThat(persistentAuditEvent.getData().get("remoteAddress")).isEqualTo("1.2.3.4");
    assertThat(persistentAuditEvent.getData().get("sessionId")).isEqualTo("test-session-id");
}
 
Example #15
Source File: AuditEventConverter.java    From e-commerce-microservice with Apache License 2.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #16
Source File: AuditEventConverter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            Object object = entry.getValue();

            // Extract the data that will be saved.
            if (object instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) object;
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else if (object != null) {
                results.put(entry.getKey(), object.toString());
            } else {
                results.put(entry.getKey(), "null");
            }
        }
    }

    return results;
}
 
Example #17
Source File: CustomAuditEventRepositoryIntTest.java    From e-commerce-microservice with Apache License 2.0 6 votes vote down vote up
@Test
public void testAddEventWithWebAuthenticationDetails() {
    HttpSession session = new MockHttpSession(null, "test-session-id");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setSession(session);
    request.setRemoteAddr("1.2.3.4");
    WebAuthenticationDetails details = new WebAuthenticationDetails(request);
    Map<String, Object> data = new HashMap<>();
    data.put("test-key", details);
    AuditEvent event = new AuditEvent("test-user", "test-type", data);
    customAuditEventRepository.add(event);
    List<PersistentAuditEvent> persistentAuditEvents = persistenceAuditEventRepository.findAll();
    assertThat(persistentAuditEvents).hasSize(1);
    PersistentAuditEvent persistentAuditEvent = persistentAuditEvents.get(0);
    assertThat(persistentAuditEvent.getData().get("remoteAddress")).isEqualTo("1.2.3.4");
    assertThat(persistentAuditEvent.getData().get("sessionId")).isEqualTo("test-session-id");
}
 
Example #18
Source File: AuditEventConverter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            Object object = entry.getValue();

            // Extract the data that will be saved.
            if (object instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) object;
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else if (object != null) {
                results.put(entry.getKey(), object.toString());
            } else {
                results.put(entry.getKey(), "null");
            }
        }
    }

    return results;
}
 
Example #19
Source File: AuditEventConverter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            Object object = entry.getValue();

            // Extract the data that will be saved.
            if (object instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) object;
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else if (object != null) {
                results.put(entry.getKey(), object.toString());
            } else {
                results.put(entry.getKey(), "null");
            }
        }
    }

    return results;
}
 
Example #20
Source File: AuditEventConverter.java    From Full-Stack-Development-with-JHipster with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #21
Source File: CustomAuditEventRepositoryIntTest.java    From Full-Stack-Development-with-JHipster with MIT License 6 votes vote down vote up
@Test
public void testAddEventWithWebAuthenticationDetails() {
    HttpSession session = new MockHttpSession(null, "test-session-id");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setSession(session);
    request.setRemoteAddr("1.2.3.4");
    WebAuthenticationDetails details = new WebAuthenticationDetails(request);
    Map<String, Object> data = new HashMap<>();
    data.put("test-key", details);
    AuditEvent event = new AuditEvent("test-user", "test-type", data);
    customAuditEventRepository.add(event);
    List<PersistentAuditEvent> persistentAuditEvents = persistenceAuditEventRepository.findAll();
    assertThat(persistentAuditEvents).hasSize(1);
    PersistentAuditEvent persistentAuditEvent = persistentAuditEvents.get(0);
    assertThat(persistentAuditEvent.getData().get("remoteAddress")).isEqualTo("1.2.3.4");
    assertThat(persistentAuditEvent.getData().get("sessionId")).isEqualTo("test-session-id");
}
 
Example #22
Source File: AuditEventConverter.java    From jhipster-microservices-example with Apache License 2.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            Object object = entry.getValue();

            // Extract the data that will be saved.
            if (object instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) object;
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else if (object != null) {
                results.put(entry.getKey(), object.toString());
            } else {
                results.put(entry.getKey(), "null");
            }
        }
    }

    return results;
}
 
Example #23
Source File: CustomAuditEventRepositoryIntTest.java    From jhipster-microservices-example with Apache License 2.0 6 votes vote down vote up
@Test
public void testAddEventWithWebAuthenticationDetails() {
    HttpSession session = new MockHttpSession(null, "test-session-id");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setSession(session);
    request.setRemoteAddr("1.2.3.4");
    WebAuthenticationDetails details = new WebAuthenticationDetails(request);
    Map<String, Object> data = new HashMap<>();
    data.put("test-key", details);
    AuditEvent event = new AuditEvent("test-user", "test-type", data);
    customAuditEventRepository.add(event);
    List<PersistentAuditEvent> persistentAuditEvents = persistenceAuditEventRepository.findAll();
    assertThat(persistentAuditEvents).hasSize(1);
    PersistentAuditEvent persistentAuditEvent = persistentAuditEvents.get(0);
    assertThat(persistentAuditEvent.getData().get("remoteAddress")).isEqualTo("1.2.3.4");
    assertThat(persistentAuditEvent.getData().get("sessionId")).isEqualTo("test-session-id");
}
 
Example #24
Source File: AuditEventConverter.java    From jhipster-microservices-example with Apache License 2.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            Object object = entry.getValue();

            // Extract the data that will be saved.
            if (object instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) object;
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else if (object != null) {
                results.put(entry.getKey(), object.toString());
            } else {
                results.put(entry.getKey(), "null");
            }
        }
    }

    return results;
}
 
Example #25
Source File: CustomIpAuthenticationProvider.java    From tutorials with MIT License 6 votes vote down vote up
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
    WebAuthenticationDetails details = (WebAuthenticationDetails) auth.getDetails();
    String userIp = details.getRemoteAddress();
    if(! whitelist.contains(userIp)){
        throw new BadCredentialsException("Invalid IP Address");
    }
    final String name = auth.getName();
    final String password = auth.getCredentials().toString();
    
    if (name.equals("john") && password.equals("123")) {
    List<GrantedAuthority> authorities =new ArrayList<GrantedAuthority>();
    authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
    return new UsernamePasswordAuthenticationToken(name, password, authorities);
    }
    else{
        throw new BadCredentialsException("Invalid username or password");
    }
}
 
Example #26
Source File: AuditingRevisionListener.java    From spring-data-rest-acl with Apache License 2.0 6 votes vote down vote up
@Override
public void newRevision(Object revisionEntity) {
	AuditRevision auditedRevision = (AuditRevision) revisionEntity;
	String userName = SecurityUtil.getUsername();
	/* possible approach to get IP address of the user
	- http://stackoverflow.com/questions/12786123/ip-filter-using-spring-security
	- http://forum.springsource.org/showthread.php?18071-pass-ip-address-to-authentication-provider
	*/
	
	WebAuthenticationDetails auth = (WebAuthenticationDetails) 
			SecurityContextHolder.getContext().getAuthentication().getDetails();
	if(auth != null) {
		String ipAddress = auth.getRemoteAddress();
		auditedRevision.setIpAddress(ipAddress);
	}
	
	auditedRevision.setUsername(userName);
}
 
Example #27
Source File: AuditEventConverter.java    From jhipster-ribbon-hystrix with GNU General Public License v3.0 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (String key : data.keySet()) {
            Object object = data.get(key);

            // Extract the data that will be saved.
            if (object instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) object;
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else if (object != null) {
                results.put(key, object.toString());
            } else {
                results.put(key, "null");
            }
        }
    }

    return results;
}
 
Example #28
Source File: LoginAttemptListener.java    From zhcet-web with Apache License 2.0 6 votes vote down vote up
@EventListener
public void auditEventHappened(AuditApplicationEvent auditApplicationEvent) {
    AuditEvent auditEvent = auditApplicationEvent.getAuditEvent();

    StringBuilder stringBuilder = new StringBuilder();
    stringBuilder.append("Principal ").append(auditEvent.getPrincipal()).append(" - ").append(auditEvent.getType());
    stringBuilder.append("\n  Authorities: ").append(auditEvent.getData().get("authorities"));

    WebAuthenticationDetails details = (WebAuthenticationDetails) auditEvent.getData().get("details");

    loginAttemptService.loginAttempt(auditEvent);

    if (details != null) {
        stringBuilder.append("\n  Remote IP address: ").append(details.getRemoteAddress());
        stringBuilder.append("\n  Session ID: ").append(details.getSessionId());
    }
    stringBuilder.append("\n  Request URL: ").append(auditEvent.getData().get("requestUrl"));
    stringBuilder.append("\n  Source: ").append(auditEvent.getData().get("source"));

    String message = stringBuilder.toString();
    if (auditEvent.getType().equals(AuthenticationAuditListener.AUTHENTICATION_FAILURE)) {
        log.warn(message);
    } else {
        log.info(message);
    }
}
 
Example #29
Source File: AuditEventConverter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Internal conversion. This method will allow to save additional data.
 * By default, it will save the object as string
 *
 * @param data the data to convert
 * @return a map of String, String
 */
public Map<String, String> convertDataToStrings(Map<String, Object> data) {
    Map<String, String> results = new HashMap<>();

    if (data != null) {
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            // Extract the data that will be saved.
            if (entry.getValue() instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails authenticationDetails = (WebAuthenticationDetails) entry.getValue();
                results.put("remoteAddress", authenticationDetails.getRemoteAddress());
                results.put("sessionId", authenticationDetails.getSessionId());
            } else {
                results.put(entry.getKey(), Objects.toString(entry.getValue()));
            }
        }
    }
    return results;
}
 
Example #30
Source File: AuditService.java    From galeb with Apache License 2.0 6 votes vote down vote up
public void logAccess(String role, Set<String> roles, boolean result, String entityClass, String action, Object criteria, AuditType auditType) {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    Object detailsObj = authentication.getDetails();
    String remoteAddr = null;
    Account account = (Account) authentication.getPrincipal();
    if (detailsObj instanceof WebAuthenticationDetails) {
        remoteAddr = ((WebAuthenticationDetails) detailsObj).getRemoteAddress();
    }
    if (detailsObj instanceof OAuth2AuthenticationDetails) {
        remoteAddr = ((OAuth2AuthenticationDetails) detailsObj).getRemoteAddress();
    }
    register(String.format("[%s/%s/%s]: %s%s %s %s",
            entityClass,
            action,
            criteria instanceof AbstractEntity ? ((AbstractEntity)criteria).getId() : criteria,
            account.getUsername() + (remoteAddr != null ? "/" + remoteAddr : ""),
            showRoles ? " (roles: " + String.join(",", roles) + ")" : "",
            auditType == AuditType.ROLE ? auditType.getMsg() + role + "?" : auditType.getMsg(),
            result));
}