Java UsernamePasswordAuthenticationFilter示例

示例#1

文件： SecurityConfig.java 项目： andrecooper/todolist

 @Bean
 public UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter() {
   UsernamePasswordAuthenticationFilter upaf = new UsernamePasswordAuthenticationFilter();
   upaf.setSessionAuthenticationStrategy(sessionFixationProtectionStrategy());
   try {
     upaf.setAuthenticationManager(authenticationManager());
   } catch (Exception e) {
     e.printStackTrace();
   }
   return upaf;
 }

示例#2

文件： GeoServerUserNamePasswordAuthenticationFilter.java 项目： hyl87/geoserver

  @Override
  public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException {
    super.initializeFromConfig(config);

    pathInfos = GeoServerSecurityFilterChain.FORM_LOGIN_CHAIN.split(",");

    UsernamePasswordAuthenticationFilterConfig upConfig =
        (UsernamePasswordAuthenticationFilterConfig) config;

    aep = new LoginUrlAuthenticationEntryPoint(URL_LOGIN_FORM);
    aep.setForceHttps(false);
    try {
      aep.afterPropertiesSet();
    } catch (Exception e2) {
      throw new IOException(e2);
    }

    RememberMeServices rms = securityManager.getRememberMeService();

    // add login filter
    UsernamePasswordAuthenticationFilter filter =
        new UsernamePasswordAuthenticationFilter() {
          @Override
          protected boolean requiresAuthentication(
              HttpServletRequest request, HttpServletResponse response) {

            for (String pathInfo : pathInfos) {
              if (getRequestPath(request).startsWith(pathInfo)) return true;
            }
            return false;
          }
        };

    filter.setPasswordParameter(upConfig.getPasswordParameterName());
    filter.setUsernameParameter(upConfig.getUsernameParameterName());
    filter.setAuthenticationManager(getSecurityManager());

    filter.setRememberMeServices(rms);
    GeoServerWebAuthenticationDetailsSource s = new GeoServerWebAuthenticationDetailsSource();
    filter.setAuthenticationDetailsSource(s);

    filter.setAllowSessionCreation(false);
    // filter.setFilterProcessesUrl(URL_FOR_LOGIN);

    SimpleUrlAuthenticationSuccessHandler successHandler =
        new SimpleUrlAuthenticationSuccessHandler();
    successHandler.setDefaultTargetUrl(URL_LOGIN_SUCCCESS);
    filter.setAuthenticationSuccessHandler(successHandler);

    SimpleUrlAuthenticationFailureHandler failureHandler =
        new SimpleUrlAuthenticationFailureHandler();
    // TODO, check this when using encrypting of URL parameters
    failureHandler.setDefaultFailureUrl(URL_LOGIN_FAILURE);
    filter.setAuthenticationFailureHandler(failureHandler);

    // filter.afterPropertiesSet();
    getNestedFilters().add(filter);
  }

示例#3

文件： UserNameCachingAuthenticationFailureHandler.java 项目： KVladislav/TicketManager

  @Override
  public void onAuthenticationFailure(
      HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
      throws IOException, ServletException {

    super.onAuthenticationFailure(request, response, exception);

    String usernameParameter = usernamePasswordAuthenticationFilter.getUsernameParameter();
    String lastUserName = request.getParameter(usernameParameter);

    HttpSession session = request.getSession(false);
    if (session != null || isAllowSessionCreation()) {
      request.getSession().setAttribute("error", "Пользователь/пароль не найден!");
      request.getSession().setAttribute(LAST_USERNAME_KEY, lastUserName);
    }
  }

示例#4

文件： JAMWikiAuthenticationProcessingFilter.java 项目： yren/jamwiki

 /** Override the parent method to update the last login date on successful authentication. */
 protected void successfulAuthentication(
     HttpServletRequest request,
     HttpServletResponse response,
     FilterChain chain,
     Authentication auth)
     throws IOException, ServletException {
   super.successfulAuthentication(request, response, chain, auth);
   Object principal = auth.getPrincipal();
   // find authenticated username
   String username = null;
   if (principal instanceof UserDetails) {
     // using custom authentication with Spring Security UserDetail service
     username = ((UserDetails) principal).getUsername();
   } else if (principal instanceof String) {
     // external authentication returns only username
     username = String.valueOf(principal);
   }
   if (username != null) {
     try {
       WikiUser wikiUser = WikiBase.getDataHandler().lookupWikiUser(username);
       if (wikiUser != null) {
         wikiUser.setLastLoginDate(new Timestamp(System.currentTimeMillis()));
         WikiBase.getDataHandler().writeWikiUser(wikiUser, wikiUser.getUsername(), "");
         // update password reset challenge fields, just in case
         wikiUser.setChallengeValue(null);
         wikiUser.setChallengeDate(null);
         wikiUser.setChallengeIp(null);
         wikiUser.setChallengeTries(0);
         WikiBase.getDataHandler().updatePwResetChallengeData(wikiUser);
       }
     } catch (WikiException e) {
       // log but do not throw - failure to update last login date is non-fatal
       logger.error("Failure while updating last login date for " + username, e);
     }
   }
 }

示例#5

文件： DefaultUsernamePasswordAuthenticationFilter.java 项目： patterncat/ironrhino

 public void unsuccess(
     HttpServletRequest request, HttpServletResponse response, AuthenticationException failed)
     throws IOException, ServletException {
   super.unsuccessfulAuthentication(request, response, failed);
 }

示例#6

文件： DefaultUsernamePasswordAuthenticationFilter.java 项目： patterncat/ironrhino

 public void success(
     HttpServletRequest request, HttpServletResponse response, Authentication authResult)
     throws IOException, ServletException {
   super.successfulAuthentication(request, response, null, authResult);
 }