@Bean public UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter() { UsernamePasswordAuthenticationFilter upaf = new UsernamePasswordAuthenticationFilter(); upaf.setSessionAuthenticationStrategy(sessionFixationProtectionStrategy()); try { upaf.setAuthenticationManager(authenticationManager()); } catch (Exception e) { e.printStackTrace(); } return upaf; }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { super.initializeFromConfig(config); pathInfos = GeoServerSecurityFilterChain.FORM_LOGIN_CHAIN.split(","); UsernamePasswordAuthenticationFilterConfig upConfig = (UsernamePasswordAuthenticationFilterConfig) config; aep = new LoginUrlAuthenticationEntryPoint(URL_LOGIN_FORM); aep.setForceHttps(false); try { aep.afterPropertiesSet(); } catch (Exception e2) { throw new IOException(e2); } RememberMeServices rms = securityManager.getRememberMeService(); // add login filter UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter() { @Override protected boolean requiresAuthentication( HttpServletRequest request, HttpServletResponse response) { for (String pathInfo : pathInfos) { if (getRequestPath(request).startsWith(pathInfo)) return true; } return false; } }; filter.setPasswordParameter(upConfig.getPasswordParameterName()); filter.setUsernameParameter(upConfig.getUsernameParameterName()); filter.setAuthenticationManager(getSecurityManager()); filter.setRememberMeServices(rms); GeoServerWebAuthenticationDetailsSource s = new GeoServerWebAuthenticationDetailsSource(); filter.setAuthenticationDetailsSource(s); filter.setAllowSessionCreation(false); // filter.setFilterProcessesUrl(URL_FOR_LOGIN); SimpleUrlAuthenticationSuccessHandler successHandler = new SimpleUrlAuthenticationSuccessHandler(); successHandler.setDefaultTargetUrl(URL_LOGIN_SUCCCESS); filter.setAuthenticationSuccessHandler(successHandler); SimpleUrlAuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler(); // TODO, check this when using encrypting of URL parameters failureHandler.setDefaultFailureUrl(URL_LOGIN_FAILURE); filter.setAuthenticationFailureHandler(failureHandler); // filter.afterPropertiesSet(); getNestedFilters().add(filter); }
@Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { super.onAuthenticationFailure(request, response, exception); String usernameParameter = usernamePasswordAuthenticationFilter.getUsernameParameter(); String lastUserName = request.getParameter(usernameParameter); HttpSession session = request.getSession(false); if (session != null || isAllowSessionCreation()) { request.getSession().setAttribute("error", "Пользователь/пароль не найден!"); request.getSession().setAttribute(LAST_USERNAME_KEY, lastUserName); } }
/** Override the parent method to update the last login date on successful authentication. */ protected void successfulAuthentication( HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication auth) throws IOException, ServletException { super.successfulAuthentication(request, response, chain, auth); Object principal = auth.getPrincipal(); // find authenticated username String username = null; if (principal instanceof UserDetails) { // using custom authentication with Spring Security UserDetail service username = ((UserDetails) principal).getUsername(); } else if (principal instanceof String) { // external authentication returns only username username = String.valueOf(principal); } if (username != null) { try { WikiUser wikiUser = WikiBase.getDataHandler().lookupWikiUser(username); if (wikiUser != null) { wikiUser.setLastLoginDate(new Timestamp(System.currentTimeMillis())); WikiBase.getDataHandler().writeWikiUser(wikiUser, wikiUser.getUsername(), ""); // update password reset challenge fields, just in case wikiUser.setChallengeValue(null); wikiUser.setChallengeDate(null); wikiUser.setChallengeIp(null); wikiUser.setChallengeTries(0); WikiBase.getDataHandler().updatePwResetChallengeData(wikiUser); } } catch (WikiException e) { // log but do not throw - failure to update last login date is non-fatal logger.error("Failure while updating last login date for " + username, e); } } }
public void unsuccess( HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException { super.unsuccessfulAuthentication(request, response, failed); }
public void success( HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException, ServletException { super.successfulAuthentication(request, response, null, authResult); }