public UaaAuthenticationDetails(HttpServletRequest request, String clientId) { WebAuthenticationDetails webAuthenticationDetails = new WebAuthenticationDetails(request); this.origin = webAuthenticationDetails.getRemoteAddress(); this.sessionId = webAuthenticationDetails.getSessionId(); if (clientId == null) { this.clientId = request.getParameter("client_id"); if(!StringUtils.hasText(this.clientId)) { String authHeader = request.getHeader("Authorization"); if(StringUtils.hasText(authHeader) && authHeader.startsWith("Basic ")) { String decodedCredentials = new String(Base64.decode(authHeader.substring("Basic ".length()))); String[] split = decodedCredentials.split(":"); if (split == null || split.length == 0) throw new BadCredentialsException("Invalid basic authentication token"); this.clientId = split[0]; } } } else { this.clientId = clientId; } this.addNew = Boolean.parseBoolean(request.getParameter(ADD_NEW)); this.loginHint = UaaLoginHint.parseRequestParameter(request.getParameter("login_hint")); this.parameterMap = request.getParameterMap(); }
@Override public String toString() { StringBuilder result = new StringBuilder(); result.append(super.toString()); result.append("ServiceUrl: "); result.append(serviceUrl); return result.toString(); }
@Override public boolean equals(Object obj) { if (this == obj) { return true; } if (!super.equals(obj) || !(obj instanceof DefaultServiceAuthenticationDetails)) { return false; } ServiceAuthenticationDetails that = (ServiceAuthenticationDetails) obj; return serviceUrl.equals(that.getServiceUrl()); }
WebAuthenticationDetails details = (WebAuthenticationDetails)SecurityContextHolder.getContext().getAuthentication().getDetails(); String ip = details.getRemoteAddress();
@Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append(super.toString()).append(": "); sb.append("RemoteIpAddress: ").append(this.getRemoteAddress()).append("; "); sb.append("SessionId: ").append(this.getSessionId()); return sb.toString(); } }
verify(validator, times(2)).validate(ticket, serviceUrl); token.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest())); try { cap.authenticate(token);
@Override public int hashCode() { final int prime = 31; int result = super.hashCode(); result = prime * result + serviceUrl.hashCode(); return result; }
/** * @return Currently logged in user's session id. */ protected String getLoggedInUserSessionId() { return ((WebAuthenticationDetails)SecurityContextHolder.getContext().getAuthentication().getDetails()).getSessionId(); }
Authentication auth = SecurityContextHolder.getContext().getAuthentication(); WebAuthenticationDetails details = (WebAuthenticationDetails) auth.getDetails(); String ipAddress = details.getRemoteAddress();
@Override public boolean equals(Object obj) { if (obj instanceof WebAuthenticationDetails) { WebAuthenticationDetails rhs = (WebAuthenticationDetails) obj; if ((remoteAddress == null) && (rhs.getRemoteAddress() != null)) { return false; } if ((remoteAddress != null) && (rhs.getRemoteAddress() == null)) { return false; } if (remoteAddress != null) { if (!remoteAddress.equals(rhs.getRemoteAddress())) { return false; } } if ((sessionId == null) && (rhs.getSessionId() != null)) { return false; } if ((sessionId != null) && (rhs.getSessionId() == null)) { return false; } if (sessionId != null) { if (!sessionId.equals(rhs.getSessionId())) { return false; } } return true; } return false; }
/** * Builds the Spring Authentication object using the supplied user name and groups looked up from LDAP. Groups are currently * mapped directly to Spring roles by converting to upper case and prepending the name with "ROLE_". * @param userName The username to build the Authentication object with. * @param httpRequest HttpServletRequest * @return Authentication object for the given user. */ protected Authentication getAuthentication(String userName, HttpServletRequest httpRequest) { String ldapName = LdapNameBuilder.newInstance().add(userSearchBase).add("uid", userName).build().toString(); // Search ldap for a user's groups and convert to a Spring role List<GrantedAuthority> grantedAuths = ldapTemplate.search(query() .where("objectclass") .is("groupOfNames") .and("member") .is(ldapName), (AttributesMapper<String>) attrs -> (String) attrs.get("cn").get()) .stream() .map(group -> String.format("%s%s", SECURITY_ROLE_PREFIX, group.toUpperCase())) .map(SimpleGrantedAuthority::new).collect(Collectors.toList()); final UserDetails principal = new User(userName, "", grantedAuths); final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( principal, "", grantedAuths); WebAuthenticationDetails webDetails = new WebAuthenticationDetails(httpRequest); authentication.setDetails(webDetails); return authentication; }
@Override public int hashCode() { final int prime = 31; int result = super.hashCode(); result = prime * result + serviceUrl.hashCode(); return result; }
Object authenticationDetails = userAuthentication.getDetails(); if (authenticationDetails instanceof WebAuthenticationDetails) { detail.setSessionId(((WebAuthenticationDetails) authenticationDetails).getSessionId());
public class AuthenticationAttemptLoggerListener implements ApplicationListener<AbstractAuthenticationEvent> { private final Logger logger = LoggerFactory.getLogger(AuthenticationAttemptLoggerListener.class) public void onApplicationEvent(AbstractAuthenticationEvent event) { Authentication auth = event.getAuthentication(); WebAuthenticationDetails details = (WebAuthenticationDetails) auth.getDetails(); String ipAddress = details.getRemoteAddress(); if (event instanceof AbstractAuthenticationFailureEvent) { logger.warn("Unsuccesful authentication attemped from: {}", ipAddress); } else { logger.info("Succesful authentication attemped from: {}", ipAddress); } }
@Override public void onApplicationEvent(AbstractSubProtocolEvent ev) { if(ev instanceof SessionSubscribeEvent) { sendHistoryToNewSubscriber(ev); } else if(ev instanceof SessionConnectEvent || ev instanceof SessionDisconnectEvent) { Authentication user = (Authentication)ev.getUser(); Object details = user.getDetails(); String sessionId = null; String address = null; if(details instanceof WebAuthenticationDetails) { WebAuthenticationDetails wad = (WebAuthenticationDetails) details; address = wad.getRemoteAddress(); sessionId = wad.getSessionId(); } if(ev instanceof SessionDisconnectEvent) { log.info("WebSocket user \"{}\" was disconnected from {} with HTTP session: {}", user.getName(), address, sessionId); } else { log.info("WebSocket user \"{}\" was connected from {} with HTTP session: {}", user.getName(), address, sessionId); } } }
/** * @param context the {@code HttpServletRequest} object. * @return the {@code WebAuthenticationDetails} containing information about the * current request */ public WebAuthenticationDetails buildDetails(HttpServletRequest context) { return new WebAuthenticationDetails(context); } }
@Override public String toString() { StringBuilder result = new StringBuilder(); result.append(super.toString()); result.append("ServiceUrl: "); result.append(serviceUrl); return result.toString(); }
@Override public int hashCode() { return Objects.hashCode(super.hashCode(), filteredIp); } }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (!(o instanceof HydraWebAuthenticationDetails)) { return false; } if (!super.equals(o)) { return false; } HydraWebAuthenticationDetails that = (HydraWebAuthenticationDetails) o; return Objects.equal(filteredIp, that.filteredIp); }
@Override public void onApplicationEvent(final AuthenticationFailureBadCredentialsEvent event) { final String userName = (String) event.getAuthentication().getPrincipal(); final Object details = event.getAuthentication().getDetails(); if ((details != null) && (details instanceof WebAuthenticationDetails)) { final WebAuthenticationDetails wad = (WebAuthenticationDetails) details; // This can be picked up by fail2ban http://www.fail2ban.org/ LOG.warn("Failed login attempt for username={} from IP={}", userName, wad.getRemoteAddress()); } lockoutManager.handleFailedLogin(userName); } }