@Override
public void onApplicationEvent(ApplicationEvent event) {
// shop key unknow
String k =
(String)
servletContext.getAttribute("Z" + "G" + "S" + "H" + "O" + "P" + "_" + "K" + "E" + "Y");
String shopkey = EncryptUtils.dencrypt(k);
if (!StringUtils.containsIgnoreCase(shopkey, "z" + "g" + "s" + "h" + "o" + "p")) {
throw new RuntimeException();
}
// 登录成功:记录登录IP、清除登录失败次数
if (event instanceof AuthenticationSuccessEvent) {
AuthenticationSuccessEvent authEvent = (AuthenticationSuccessEvent) event;
Authentication authentication = (Authentication) authEvent.getSource();
String loginIp = ((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress();
Admin admin = (Admin) authentication.getPrincipal();
admin.setLoginIp(loginIp);
admin.setLoginDate(new Date());
SystemConfig systemConfig = SystemConfigUtils.getSystemConfig();
if (systemConfig.getIsLoginFailureLock() == false) {
return;
}
admin.setLoginFailureCount(0);
adminService.update(admin);
}
// 登录失败:增加登录失败次数
if (event instanceof AuthenticationFailureBadCredentialsEvent) {
AuthenticationFailureBadCredentialsEvent authEvent =
(AuthenticationFailureBadCredentialsEvent) event;
Authentication authentication = (Authentication) authEvent.getSource();
String loginUsername = authentication.getName();
SystemConfig systemConfig = SystemConfigUtils.getSystemConfig();
if (systemConfig.getIsLoginFailureLock() == false) {
return;
}
Admin admin = adminService.get("username", loginUsername);
if (admin != null) {
int loginFailureCount = admin.getLoginFailureCount() + 1;
if (loginFailureCount >= systemConfig.getLoginFailureLockCount()) {
admin.setIsAccountLocked(true);
admin.setLockedDate(new Date());
}
admin.setLoginFailureCount(loginFailureCount);
adminService.update(admin);
}
}
}
@Override
@Transactional
public void onApplicationEvent(AuthenticationFailureBadCredentialsEvent event) {
Object principal = event.getAuthentication().getPrincipal();
if (principal instanceof String) {
User user =
new JPAQuery(entityManager)
.from(QUser.user)
.where(QUser.user.userName.eq((String) principal))
.singleResult(QUser.user);
if (user != null) {
if (user.getFailedLogins() == null) {
user.setFailedLogins(1);
} else {
user.setFailedLogins(user.getFailedLogins() + 1);
}
if (user.getFailedLogins() > 10) {
user.setLockedOut(DateTime.now().plusMinutes(10));
}
} else {
LogManager.getLogger(UserAuthenticationErrorHandler.class)
.error("Unknown user login attempt: {}", principal);
}
}
}
@Override
public void onApplicationEvent(ApplicationEvent event) {
if (event instanceof AbstractUaaEvent) {
((AbstractUaaEvent) event).process(uaaAuditService);
} else if (event instanceof AuthenticationFailureBadCredentialsEvent) {
AuthenticationFailureBadCredentialsEvent bce =
(AuthenticationFailureBadCredentialsEvent) event;
String principal = bce.getAuthentication().getName();
UaaAuthenticationDetails details =
(UaaAuthenticationDetails) bce.getAuthentication().getDetails();
if (bce.getException() instanceof UsernameNotFoundException) {
uaaAuditService.principalNotFound(principal, details);
} else {
uaaAuditService.principalAuthenticationFailure(principal, details);
}
}
}
public void testAuthenticationFailureEvent() throws Exception {
String userName = "******";
String ip = "1.2.3.4";
String sessionId = "it tastes just like our regular coffee";
HttpServletRequest request = createMock(HttpServletRequest.class);
HttpSession session = createMock(HttpSession.class);
expect(request.getRemoteAddr()).andReturn(ip);
expect(request.getSession(false)).andReturn(session);
expect(session.getId()).andReturn(sessionId);
replay(request, session);
WebAuthenticationDetails details = new WebAuthenticationDetails(request);
verify(request, session);
org.springframework.security.core.Authentication authentication =
new TestingDetailsAuthenticationToken(
userName, "cheesiness", new GrantedAuthority[0], details);
AuthenticationFailureBadCredentialsEvent authEvent =
new AuthenticationFailureBadCredentialsEvent(
authentication, new BadCredentialsException("you are bad!"));
SecurityAuthenticationEventOnmsEventBuilder builder =
new SecurityAuthenticationEventOnmsEventBuilder();
builder.setEventProxy(m_eventProxy);
builder.afterPropertiesSet();
EventBuilder eventBuilder =
new EventBuilder(SecurityAuthenticationEventOnmsEventBuilder.FAILURE_UEI, "OpenNMS.WebUI");
eventBuilder.addParam("user", userName);
eventBuilder.addParam("ip", ip);
eventBuilder.addParam("exceptionName", authEvent.getException().getClass().getSimpleName());
eventBuilder.addParam("exceptionMessage", authEvent.getException().getMessage());
m_eventProxy.send(EventEquals.eqEvent(eventBuilder.getEvent()));
m_mocks.replayAll();
builder.onApplicationEvent(authEvent);
m_mocks.verifyAll();
}
