API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 23rd, 2017
125
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.96 KB | None | 0 0
raw download clone embed print report
  1. public ShopAdminDTO login(String userEmail, String password) throws EmailAddressNotFoundException {
  2.  
  3. LOGGER.debug("Login request for " + userEmail);
  4.  
  5. // Create and initialize user details object for Spring Security authentication mechanism.
  6. ShopAdminUserDetails userDetails = new ShopAdminUserDetails(userEmail, password, true, true, true, true, new ArrayList<GrantedAuthority>());
  7.  
  8. // Create authentication object for the Spring SecurityContext
  9. Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, password, new ArrayList<GrantedAuthority>());
  10.  
  11. boolean requiresEmailActivation = this.shopAdminValidationTokenRepository.getRequiresEmailValidation(userEmail);
  12.  
  13. if(requiresEmailActivation == true) {
  14.  
  15. LOGGER.info("Login denied: Email is not validated yet.");
  16.  
  17. // IMPORTANT NOTE: We throw an EmailNotFoundException instead of a
  18. // PleaseValidateYourEmailFirstException in order to NOT reveal
  19. // that this email exists. So: Do not "FIX" this!
  20. throw new EmailAddressNotFoundException();
  21. }
  22.  
  23. LOGGER.debug("Email appears validated.");
  24.  
  25. try {
  26. // Execute authentication chain to try user authentication
  27. auth = this.adminAuthenticationProvider.authenticate(auth);
  28. } catch(BadCredentialsException e) {
  29. // FIXME Login: We could/should count and limit login attempts here?
  30. LOGGER.info("Bad credentials found for: " + userEmail);
  31. throw e;
  32. }
  33.  
  34. LOGGER.info("User successfully authenticated [userEmail="+userEmail+"]");
  35.  
  36. // Set the authentication to the SecurityContext, the user is now logged in
  37. SecurityContext securityContext = SecurityContextHolder.getContext();
  38. securityContext.setAuthentication(auth);
  39.  
  40.  
  41. // Finally load the user data
  42. ShopAdminDTO shopAdminDto = this.shopAdminRepository.findByUserEmail(userEmail);
  43. return shopAdminDto;
  44. }
  45.  
  46. <!-- //////////////////////////////////////////////////////////////////////////////// -->
  47. <!-- // BEGIN Spring Security -->
  48.  
  49. <sec:http pattern="/**" auto-config="true" use-expressions="true"/>
  50.  
  51. <bean id="httpSessionSecurityContextRepository" class='org.springframework.security.web.context.HttpSessionSecurityContextRepository'>
  52. <property name='allowSessionCreation' value='false' />
  53. </bean>
  54.  
  55. <bean id="securityContextPersistenceFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
  56. <constructor-arg ref="httpSessionSecurityContextRepository" />
  57. </bean>
  58.  
  59. <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
  60. <constructor-arg>
  61. <list>
  62. <sec:filter-chain pattern="/**" filters="securityContextPersistenceFilter" />
  63. </list>
  64. </constructor-arg>
  65. </bean>
  66.  
  67. <bean id="authenticationListener" class="com.mz.server.web.auth.CustomAuthenticationListener"/>
  68.  
  69. <bean id="authenticationProvider" class="com.mz.server.web.auth.CustomAuthenticationProvider"/>
  70.  
  71. <bean id="userDetailsService" class="com.mz.server.web.service.CustomUserDetailsService"/>
  72.  
  73. <sec:authentication-manager alias="authenticationManager">
  74. <sec:authentication-provider ref="authenticationProvider"/>
  75. </sec:authentication-manager>
  76.  
  77. <bean id="permissionEvaluator"
  78. class="com.mz.server.web.auth.permission.CustomPermissionEvaluator">
  79. <constructor-arg index="0">
  80. <map key-type="java.lang.String"
  81. value-type="com.mz.server.web.auth.permission.Permission">
  82. <entry key="isTest" value-ref="testPermission"/>
  83. </map>
  84. </constructor-arg>
  85. </bean>
  86.  
  87. <bean id="testPermission" class="com.mz.server.web.auth.permission.TestPermission">
  88. </bean>
  89.  
  90. <bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
  91. <property name="permissionEvaluator" ref="permissionEvaluator"/>
  92. </bean>
  93.  
  94. <sec:global-method-security
  95. authentication-manager-ref="authenticationManager"
  96. pre-post-annotations="enabled">
  97. <sec:expression-handler ref="expressionHandler"/>
  98. </sec:global-method-security>
  99.  
  100. <!-- // END Spring Security -->
  101. <!-- //////////////////////////////////////////////////////////////////////////////// -->
  102.  
  103. if (debug) {
  104. logger.debug("Secure object: " + object + "; Attributes: " + attributes);
  105. }
  106.  
  107. if (SecurityContextHolder.getContext().getAuthentication() == null) {
  108. credentialsNotFound(messages.getMessage(
  109. "AbstractSecurityInterceptor.authenticationNotFound",
  110. "An Authentication object was not found in the SecurityContext"),
  111. object, attributes);
  112. }
  113.  
  114. Authentication authenticated = authenticateIfRequired();
  115.  
  116. [http-bio-8080-exec-4] DEBUG com.mz.server.servlet.LoginServletImpl - Login request by userId: user@gmx.at
  117. [http-bio-8080-exec-4] DEBUG com.mz.server.service.LoginService - Login request for user@gmx.at
  118. [http-bio-8080-exec-4] DEBUG com.mz.server.service.LoginService - Email appears validated.. authenticating..
  119. [http-bio-8080-exec-4] INFO com.mz.server.spring.auth.AdminAuthenticationProvider - authenticate(), User email: user@gmx.at
  120. [http-bio-8080-exec-4] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - findByUserEmail(): user@gmx.at
  121. [http-bio-8080-exec-4] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - User found.
  122. [http-bio-8080-exec-4] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - Loading password salt for user@gmx.at
  123. [http-bio-8080-exec-4] INFO com.mz.server.repository.jooq.shop.ShopAdminRepository - Checking password for user@gmx.at
  124. [http-bio-8080-exec-4] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - Password valid.
  125. [http-bio-8080-exec-4] DEBUG com.mz.server.spring.auth.CustomUserAuthentication - getPrincipal()
  126. [http-bio-8080-exec-4] DEBUG com.mz.server.spring.auth.CustomUserAuthentication - Setting user com.mz.server.spring.auth.ShopAdminUserDetails@8ac733b2: Username: user@gmx.at; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Not granted any authorities to 'authenticated'.
  127. [http-bio-8080-exec-4] INFO com.mz.server.service.LoginService - User successfully authenticated [userEmail=user@gmx.at]
  128. [http-bio-8080-exec-4] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - findByUserEmail(): user@gmx.at
  129. [http-bio-8080-exec-4] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - User found.
  130. [http-bio-8080-exec-6] DEBUG com.mz.server.servlet.shop.ShopServletImpl - Requested available shops.
  131. [http-bio-8080-exec-6] INFO com.mz.server.servlet.shop.ShopServletImpl -
  132. [http-bio-8080-exec-6] INFO com.mz.server.servlet.shop.ShopServletImpl -
  133. [http-bio-8080-exec-6] INFO com.mz.server.servlet.shop.ShopServletImpl - SPRING_SECURITY_CONTEXT: org.springframework.security.core.context.SecurityContextImpl@259bee56: Authentication: com.mz.server.spring.auth.CustomUserAuthentication@259bee56
  134. [http-bio-8080-exec-6] INFO com.mz.server.servlet.shop.ShopServletImpl -
  135. [http-bio-8080-exec-6] INFO com.mz.server.servlet.shop.ShopServletImpl -
  136. [http-bio-8080-exec-6] DEBUG org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor - Secure object: ReflectiveMethodInvocation: public java.util.List com.mz.server.service.ShopService.getAvailableShops(); target is of class [com.mz.server.service.ShopService]; Attributes: [[authorize: 'isAuthenticated()', filter: 'null', filterTarget: 'null']]
  137. [http-bio-8080-exec-6] DEBUG com.mz.server.spring.auth.CustomHttpSessionListener - AuthenticationCredentialsNotFoundEvent
  138. Jun 09, 2016 8:06:42 PM org.apache.catalina.core.ApplicationContext log
  139. SEVERE: Exception while dispatching incoming RPC call
  140. com.google.gwt.user.server.rpc.UnexpectedException: Service method 'public abstract java.util.List com.mz.shared.web.service.shop.ShopServlet.getAvailableShops()' threw an unexpected exception: org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext
  141. at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure(RPC.java:416)
  142. at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:605)
  143. ....
  144.  
  145. [http-bio-8080-exec-7] DEBUG com.mz.server.servlet.LoginServletImpl - Login request by userId: user@gmx.at
  146. [http-bio-8080-exec-7] DEBUG com.mz.server.service.LoginService - Login request for user@gmx.at
  147. [http-bio-8080-exec-7] DEBUG com.mz.server.service.LoginService - Email appears validated.. authenticating..
  148. [http-bio-8080-exec-7] INFO com.mz.server.spring.auth.AdminAuthenticationProvider - authenticate(), User email: user@gmx.at
  149. [http-bio-8080-exec-7] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - findByUserEmail(): user@gmx.at
  150. [http-bio-8080-exec-7] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - User found.
  151. [http-bio-8080-exec-7] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - Loading password salt for user@gmx.at
  152. [http-bio-8080-exec-7] INFO com.mz.server.repository.jooq.shop.ShopAdminRepository - Checking password for user@gmx.at
  153. [http-bio-8080-exec-7] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - Password valid.
  154. [http-bio-8080-exec-7] DEBUG com.mz.server.spring.auth.CustomUserAuthentication - getPrincipal()
  155. [http-bio-8080-exec-7] DEBUG com.mz.server.spring.auth.CustomUserAuthentication - Setting user com.mz.server.spring.auth.ShopAdminUserDetails@8ac733b2: Username: user@gmx.at; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Not granted any authorities to 'authenticated'.
  156. [http-bio-8080-exec-7] INFO com.mz.server.service.LoginService - User successfully authenticated [userEmail=user@gmx.at]
  157. [http-bio-8080-exec-7] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - findByUserEmail(): user@gmx.at
  158. [http-bio-8080-exec-7] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - User found.
  159. [http-bio-8080-exec-7] DEBUG com.mz.server.servlet.shop.ShopServletImpl - Requested available shops.
  160. [http-bio-8080-exec-7] INFO com.mz.server.servlet.shop.ShopServletImpl -
  161. [http-bio-8080-exec-7] INFO com.mz.server.servlet.shop.ShopServletImpl -
  162. [http-bio-8080-exec-7] INFO com.mz.server.servlet.shop.ShopServletImpl - SPRING_SECURITY_CONTEXT: org.springframework.security.core.context.SecurityContextImpl@1ea22883: Authentication: com.mz.server.spring.auth.CustomUserAuthentication@1ea22883
  163. [http-bio-8080-exec-7] INFO com.mz.server.servlet.shop.ShopServletImpl -
  164. [http-bio-8080-exec-7] INFO com.mz.server.servlet.shop.ShopServletImpl -
  165. [http-bio-8080-exec-7] DEBUG org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor - Secure object: ReflectiveMethodInvocation: public java.util.List com.mz.server.service.ShopService.getAvailableShops(); target is of class [com.mz.server.service.ShopService]; Attributes: [[authorize: 'isAuthenticated()', filter: 'null', filterTarget: 'null']]
  166. [http-bio-8080-exec-7] DEBUG com.mz.server.spring.auth.CustomUserAuthentication - isAuthenticate(): true
  167. [http-bio-8080-exec-7] DEBUG org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor - Previously Authenticated: com.mz.server.spring.auth.CustomUserAuthentication@1ea22883
  168. [http-bio-8080-exec-7] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter@653fccd, returned: 1
  169. [http-bio-8080-exec-7] DEBUG org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor - Authorization successful
  170. [http-bio-8080-exec-7] DEBUG org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor - RunAsManager did not change Authentication object
  171. [http-bio-8080-exec-7] DEBUG com.mz.server.service.ShopService - Getting available shops for ..
  172. [http-bio-8080-exec-7] DEBUG com.mz.server.spring.auth.CustomUserAuthentication - getPrincipal()
  173. [http-bio-8080-exec-7] DEBUG com.mz.server.service.ShopService - user@gmx.at
  174. [http-bio-8080-exec-7] DEBUG com.mz.server.repository.jooq.shop.ShopAdminRepository - Fetching shops for shop_admin_id 1
  175.  
  176. <?xml version="1.0" encoding="UTF-8"?>
  177. <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  178. xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee"
  179. xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
  180. version="3.0">
  181.  
  182. <display-name>mz | life</display-name>
  183.  
  184. <welcome-file-list>
  185. <welcome-file>index.html</welcome-file>
  186. </welcome-file-list>
  187.  
  188. <filter>
  189. <filter-name>springSecurityFilterChain</filter-name>
  190. <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  191. </filter>
  192.  
  193. <filter-mapping>
  194. <filter-name>springSecurityFilterChain</filter-name>
  195. <url-pattern>/**</url-pattern>
  196. </filter-mapping>
  197.  
  198. <listener>
  199. <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
  200. </listener>
  201.  
  202. <listener>
  203. <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
  204. </listener>
  205.  
  206. <listener>
  207. <listener-class>com.mz.server.BootstrappingServerConfig</listener-class>
  208. </listener>
  209.  
  210. <!-- -->
  211.  
  212. <servlet>
  213. <servlet-name>application</servlet-name>
  214. <servlet-class>com.mz.server.servlet.app.ApplicationDataServletImpl</servlet-class>
  215. </servlet>
  216. <servlet-mapping>
  217. <servlet-name>application</servlet-name>
  218. <url-pattern>/app/application</url-pattern>
  219. </servlet-mapping>
  220.  
  221. <!-- -->
  222.  
  223. <servlet>
  224. <servlet-name>login</servlet-name>
  225. <servlet-class>com.mz.server.servlet.LoginServletImpl</servlet-class>
  226. </servlet>
  227. <servlet-mapping>
  228. <servlet-name>login</servlet-name>
  229. <url-pattern>/app/login</url-pattern>
  230. </servlet-mapping>
  231.  
  232. <!-- -->
  233.  
  234. <servlet>
  235. <servlet-name>shop</servlet-name>
  236. <servlet-class>com.mz.server.servlet.shop.ShopServletImpl</servlet-class>
  237. </servlet>
  238. <servlet-mapping>
  239. <servlet-name>shop</servlet-name>
  240. <url-pattern>/app/shop</url-pattern>
  241. </servlet-mapping>
  242.  
  243. <!-- -->
  244.  
  245. <servlet>
  246. <servlet-name>shopadmin</servlet-name>
  247. <servlet-class>com.mz.server.servlet.shop.ShopAdminServletImpl</servlet-class>
  248. </servlet>
  249. <servlet-mapping>
  250. <servlet-name>shopadmin</servlet-name>
  251. <url-pattern>/app/shopadmin</url-pattern>
  252. </servlet-mapping>
  253.  
  254. <!--
  255. XSRF-Token Servlet
  256. -->
  257.  
  258. <servlet>
  259. <servlet-name>xsrf</servlet-name>
  260. <servlet-class>com.google.gwt.user.server.rpc.XsrfTokenServiceServlet</servlet-class>
  261. </servlet>
  262.  
  263. <servlet-mapping>
  264. <servlet-name>xsrf</servlet-name>
  265. <url-pattern>/app/xsrf</url-pattern>
  266. </servlet-mapping>
  267.  
  268. <!--
  269. This is the name of the session cookie set by the Servlet container (e.g. Tomcat or Jetty)
  270. -->
  271. <context-param>
  272. <param-name>gwt.xsrf.session_cookie_name</param-name>
  273. <param-value>JSESSIONID</param-value>
  274. </context-param>
  275.  
  276. <!-- -->
  277.  
  278. <servlet>
  279. <servlet-name>mobile-restapi</servlet-name>
  280. <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
  281. <load-on-startup>1</load-on-startup>
  282. </servlet>
  283.  
  284. <servlet-mapping>
  285. <servlet-name>mobile-restapi</servlet-name>
  286. <url-pattern>/app/restapi/*</url-pattern>
  287. </servlet-mapping>
  288.  
  289. <!-- -->
  290.  
  291. <servlet>
  292. <servlet-name>web-restapi</servlet-name>
  293. <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
  294. <init-param>
  295. <param-name>contextConfigLocation</param-name>
  296. <param-value>/WEB-INF/classes/context/applicationContext-restapi.xml</param-value>
  297. </init-param>
  298. <load-on-startup>1</load-on-startup>
  299. </servlet>
  300. <servlet-mapping>
  301. <servlet-name>web-restapi</servlet-name>
  302. <url-pattern>/rest/*</url-pattern>
  303. </servlet-mapping>
  304.  
  305. <context-param>
  306. <param-name>contextConfigLocation</param-name>
  307. <param-value>
  308. /WEB-INF/classes/context/root-context.xml
  309. </param-value>
  310. </context-param>
  311.  
  312.  
  313. </web-app>
  314.  
  315. Runnable originalRunnable = new Runnable() {
  316. public void run() {
  317. // invoke secured service
  318. }
  319. };
  320. SecurityContext context = SecurityContextHolder.getContext();
  321. DelegatingSecurityContextRunnable wrappedRunnable =
  322. new DelegatingSecurityContextRunnable(originalRunnable, context);
  323.  
  324. new Thread(wrappedRunnable).start();
  325.  
  326. <filter>
  327. <filter-name>springSecurityFilterChain</filter-name>
  328. <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  329. </filter>
  330.  
  331. <filter-mapping>
  332. <filter-name>springSecurityFilterChain</filter-name>
  333. <url-pattern>/**</url-pattern>
  334. </filter-mapping>
  335.  
  336. <filter>
  337. <filter-name>springSecurityFilterChain</filter-name>
  338. <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  339. </filter>
  340.  
  341. <filter-mapping>
  342. <filter-name>springSecurityFilterChain</filter-name>
  343. <url-pattern>/*</url-pattern>
  344. </filter-mapping>
  345.  
  346. <sec:http pattern="/**" auto-config="true" use-expressions="true" />
  347.  
  348. <alias name="filterChainProxy" alias="springSecurityFilterChain"/>
  349.  
  350. <beans xmlns="http://www.springframework.org/schema/beans"
  351.  
  352. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  353.  
  354. xmlns:sec="http://www.springframework.org/schema/security"
  355.  
  356. xsi:schemaLocation="http://www.springframework.org/schema/beans
  357. http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
  358. http://www.springframework.org/schema/security
  359. http://www.springframework.org/schema/security/spring-security-4.0.xsd"
  360. >
  361.  
  362. <!-- Imports -->
  363. <import resource="applicationContext-spring-acl.xml"/>
  364.  
  365. <bean id="authenticationListener" class="com.mahlzeit.server.spring.auth.CustomAuthenticationListener"/>
  366.  
  367. <bean id="httpSessionListener" class="com.mahlzeit.server.spring.auth.CustomHttpSessionListener"/>
  368.  
  369. <bean id="adminAuthenticationProvider" class="com.mahlzeit.server.spring.auth.AdminAuthenticationProvider">
  370. <constructor-arg ref="dslContext" />
  371. </bean>
  372.  
  373. <bean id="userDetailsService" class="com.mahlzeit.server.service.CustomUserDetailsService"/>
  374.  
  375. <sec:authentication-manager alias="authenticationManager">
  376. <sec:authentication-provider ref="adminAuthenticationProvider"/>
  377. </sec:authentication-manager>
  378.  
  379. <!-- Filter Chain -->
  380.  
  381. <bean id="httpSessionSecurityContextRepository" class='org.springframework.security.web.context.HttpSessionSecurityContextRepository'/>
  382.  
  383. <bean id="securityContextPersistenceFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
  384. <constructor-arg ref="httpSessionSecurityContextRepository" />
  385. </bean>
  386.  
  387. <alias name="filterChainProxy" alias="springSecurityFilterChain"/>
  388.  
  389. <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
  390. <constructor-arg>
  391. <list>
  392. <sec:filter-chain pattern="/**" filters="securityContextPersistenceFilter" />
  393. </list>
  394. </constructor-arg>
  395. </bean>
  396.  
  397. </beans>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!