API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 14th, 2017
71
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.47 KB | None | 0 0
raw download clone embed print report
  1. @Service("userDetailsService")
  2. public class UserServiceImpl implements UserService , UserDetailsService {
  3.  
  4. @Autowired
  5. private UserDAO userDAO;
  6.  
  7. public void setUserDAO(UserDAO userDAO) {
  8. this.userDAO = userDAO;
  9. }
  10.  
  11. @Override
  12. public User getUser(String login) {
  13. return userDAO.getUser(login);
  14. }
  15.  
  16. @Override
  17. public UserDetails loadUserByUsername(String login) throws UsernameNotFoundException {
  18.  
  19. com.arpu.model.User domainUser = userDAO.getUser(login);
  20.  
  21. boolean enabled = true;
  22. boolean accountNonExpired = true;
  23. boolean credentialsNonExpired = true;
  24. boolean accountNonLocked = true;
  25.  
  26.  
  27.  
  28. return new org.springframework.security.core.userdetails.User(
  29. domainUser.getLogin(),
  30. domainUser.getPassword(),
  31. enabled,
  32. accountNonExpired,
  33. credentialsNonExpired,
  34. accountNonLocked,
  35. getAuthorities(domainUser.getRole().getId())
  36. );
  37. }
  38. public Collection<? extends GrantedAuthority> getAuthorities(Integer role) {
  39. List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
  40. return authList;
  41. }
  42.  
  43. public List<String> getRoles(Integer role) {
  44.  
  45. List<String> roles = new ArrayList<String>();
  46.  
  47. if (role.intValue() == 1) {
  48. roles.add("ROLE_ADMIN");
  49. } else if (role.intValue() == 2) {
  50. roles.add("ROLE_USER");
  51. }
  52. return roles;
  53. }
  54.  
  55. public static List<GrantedAuthority> getGrantedAuthorities(List<String> roles) {
  56. List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
  57.  
  58. for (String role : roles) {
  59. authorities.add(new SimpleGrantedAuthority(role));
  60. }
  61. return authorities;
  62. }
  63.  
  64. }
  65.  
  66. public class UserDAOImpl implements UserDAO{
  67.  
  68. private static final Logger logger = LoggerFactory.getLogger(UserDAOImpl.class);
  69.  
  70. @Autowired
  71. private SessionFactory sessionFactory;
  72.  
  73. private Session openSession() {
  74. return sessionFactory.getCurrentSession();
  75. }
  76.  
  77. public void setSessionFactory(SessionFactory sessionFactory) {
  78. this.sessionFactory = sessionFactory;
  79. }
  80.  
  81. @Override
  82. public User getUser(String login) {
  83. List<User> userList = new ArrayList<User>();
  84. Query query = openSession().createQuery("from users where login = :login");
  85. query.setParameter("login", login);
  86. userList = query.list();
  87. if (userList.size() > 0)
  88. {
  89. logger.debug("User loaded successfully, user Details=" + userList.get(0));
  90. return userList.get(0);
  91. }
  92. else
  93. return null;
  94. }
  95.  
  96. }
  97.  
  98. <?xml version="1.0" encoding="UTF-8"?>
  99. <beans:beans xmlns="http://www.springframework.org/schema/security"
  100. xmlns:beans="http://www.springframework.org/schema/beans"
  101. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  102. xsi:schemaLocation="http://www.springframework.org/schema/beans
  103. http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
  104. http://www.springframework.org/schema/security
  105. http://www.springframework.org/schema/security/spring-security-3.2.xsd">
  106.  
  107. <http auto-config="true" use-expressions="true">
  108. <intercept-url pattern="/login" access="permitAll" />
  109. <intercept-url pattern="/logout" access="permitAll" />
  110. <intercept-url pattern="/accessdenied" access="permitAll" />
  111. <intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
  112. <form-login login-page="/login" username-parameter="username" password-parameter="password" default-target-url="/view" authentication-failure-url="/accessdenied" />
  113. <logout logout-success-url="/logout" />
  114. </http>
  115.  
  116.  
  117. <authentication-manager alias="authenticationManager">
  118. <authentication-provider user-service-ref="userDetailsService">
  119. </authentication-provider>
  120. </authentication-manager>
  121.  
  122.  
  123. <beans:bean id="userDetailsService" class="com.arpu.service.UserServiceImpl">
  124. </beans:bean>
  125.  
  126.  
  127.  
  128. </beans:beans>
  129.  
  130. <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
  131. <%@ taglib uri="http://www.springframework.org/tags/form" prefix="form" %>
  132. <%@ taglib uri="http://www.springframework.org/tags" prefix="spring" %>
  133.  
  134. <html>
  135. <body>
  136. <h1 id="banner">Login to IMDB</h1>
  137. <form name="f" action="<c:url value='j_spring_security_check'/>"
  138. method="POST">
  139. <table>
  140. <tr>
  141. <td>Username:</td>
  142. <td><input type='text' name='username' /></td>
  143. </tr>
  144. <tr>
  145. <td>Password:</td>
  146. <td><input type='password' name='password'></td>
  147. </tr>
  148.  
  149. <tr>
  150. <td colspan="2">&nbsp;</td>
  151. </tr>
  152. <tr>
  153. <td colspan='2'><input name="Sign In" type="submit">&nbsp;<input name="reset" type="reset"></td>
  154. </tr>
  155. </table>
  156. </form>
  157. </body>
  158. </html>
  159.  
  160. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
  161. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
  162. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@38d408bb. A new one will be created.
  163. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
  164. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /j_spring_security_check at position 3 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
  165. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /j_spring_security_check at position 4 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
  166. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.UsernamePasswordAuthenticationFilter - Request is to process authentication
  167. Info: 2017-08-14 15:37:29 DEBUG o.s.s.authentication.ProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
  168. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.UsernamePasswordAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException
  169. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.UsernamePasswordAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication
  170. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.UsernamePasswordAuthenticationFilter - Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@1f4498b0
  171. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.SimpleUrlAuthenticationFailureHandler - Redirecting to /accessdenied
  172. Info: 2017-08-14 15:37:29 DEBUG o.s.s.web.DefaultRedirectStrategy - Redirecting to '/IMDBweb/accessdenied'
  173. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
  174. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
  175. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 1 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
  176. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
  177. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@38d408bb. A new one will be created.
  178. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 2 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
  179. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 3 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
  180. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 4 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
  181. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
  182. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
  183. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.s.DefaultSavedRequest - pathInfo: both null (property equals)
  184. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.s.DefaultSavedRequest - queryString: both null (property equals)
  185. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.s.DefaultSavedRequest - requestURI: arg1=/IMDBweb/; arg2=/IMDBweb/accessdenied (property not equals)
  186. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.s.HttpSessionRequestCache - saved request doesn't match
  187. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
  188. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
  189. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 0f65173179310d79e2dc682c85d7; Granted Authorities: ROLE_ANONYMOUS'
  190. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
  191. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
  192. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
  193. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/accessdenied'; against '/login'
  194. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/accessdenied'; against '/logout'
  195. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/accessdenied'; against '/accessdenied'
  196. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /accessdenied; Attributes: [permitAll]
  197. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 0f65173179310d79e2dc682c85d7; Granted Authorities: ROLE_ANONYMOUS
  198. Info: 2017-08-14 15:37:29 DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@28e7e24a, returned: 1
  199. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Authorization successful
  200. Info: 2017-08-14 15:37:29 DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - RunAsManager did not change Authentication object
  201. Info: 2017-08-14 15:37:29 DEBUG o.s.security.web.FilterChainProxy - /accessdenied reached end of additional filter chain; proceeding with original chain
  202. Info: 2017-08-14 15:37:29 DEBUG o.s.web.servlet.DispatcherServlet - DispatcherServlet with name 'appServlet' processing GET request for [/IMDBweb/accessdenied]
  203. Info: 2017-08-14 15:37:29 DEBUG o.s.w.s.m.m.a.RequestMappingHandlerMapping - Looking up handler method for path /accessdenied
  204. Info: 2017-08-14 15:37:29 DEBUG o.s.w.s.m.m.a.RequestMappingHandlerMapping - Returning handler method [public java.lang.String com.arpu.controller.UserController.loginerror(org.springframework.ui.ModelMap)]
  205. Info: 2017-08-14 15:37:29 DEBUG o.s.b.f.s.DefaultListableBeanFactory - Returning cached instance of singleton bean 'userController'
  206. Info: 2017-08-14 15:37:29 DEBUG o.s.web.servlet.DispatcherServlet - Last-Modified value for [/IMDBweb/accessdenied] is: -1
  207. Info: 2017-08-14 15:37:29 DEBUG o.s.b.f.s.DefaultListableBeanFactory - Invoking afterPropertiesSet() on bean with name 'denied'
  208. Info: 2017-08-14 15:37:29 DEBUG o.s.b.f.s.DefaultListableBeanFactory - Returning cached instance of singleton bean 'org.springframework.transaction.config.internalTransactionAdvisor'
  209. Info: 2017-08-14 15:37:29 DEBUG o.s.web.servlet.DispatcherServlet - Rendering view [org.springframework.web.servlet.view.JstlView: name 'denied'; URL [/WEB-INF/views/denied.jsp]] in DispatcherServlet with name 'appServlet'
  210. Info: 2017-08-14 15:37:29 DEBUG o.s.web.servlet.view.JstlView - Added model object 'error' of type [java.lang.String] to request in view with name 'denied'
  211. Info: 2017-08-14 15:37:29 DEBUG o.s.web.servlet.view.JstlView - Forwarding to resource [/WEB-INF/views/denied.jsp] in InternalResourceView 'denied'
  212. Info: 2017-08-14 15:37:30 DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
  213. Info: 2017-08-14 15:37:30 DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
  214. Info: 2017-08-14 15:37:30 DEBUG o.s.web.servlet.DispatcherServlet - Successfully completed request
  215. Info: 2017-08-14 15:37:30 DEBUG o.s.s.w.a.ExceptionTranslationFilter - Chain processed normally
  216. Info: 2017-08-14 15:37:30 DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!