API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 21st, 2017
73
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.03 KB | None | 0 0
raw download clone embed print report
  1. @Component("authenticationDetailSource")
  2. public class RealmAuthenticationDetailsSource extends WebAuthenticationDetailsSource {
  3. @Override
  4. public WebAuthenticationDetails buildDetails(HttpServletRequest context) {
  5. return new RealmAuthenticationDetails(context);
  6. }
  7. }
  8.  
  9. public class RealmAuthenticationDetails extends WebAuthenticationDetails {
  10. private final String realm;
  11.  
  12. public RealmAuthenticationDetails(HttpServletRequest context) {
  13. super(context);
  14. String realm = context.getParameter("realm");
  15. this.realm = realm != null ? realm : "";
  16. }
  17.  
  18. public String getRealm() {
  19. return realm;
  20. }
  21. }
  22.  
  23. @Service("authenticationProvider")
  24. public class RealmAuthenticationProvider extends DaoAuthenticationProvider {
  25. @Autowired
  26. private RealmedUserDetailsService userDetailsService;
  27.  
  28. @Autowired
  29. private PasswordEncoder passwordEncoder;
  30.  
  31. @PostConstruct
  32. private void initialize() {
  33. setUserDetailsService(userDetailsService);
  34. setPasswordEncoder(passwordEncoder);
  35. }
  36.  
  37. @Override
  38. public Authentication authenticate(Authentication authentication) throws AuthenticationException {
  39. RealmAuthenticationDetails details = (RealmAuthenticationDetails) authentication.getDetails();
  40.  
  41. String username = authentication.getName();
  42. String password = authentication.getCredentials().toString();
  43. String realm = details.getRealm();
  44.  
  45. User user = (User) userDetailsService.loadUserByUsernameAndRealm(username, realm);
  46. if (user == null) {
  47. throw new BadCredentialsException("Username not found");
  48. }
  49.  
  50. if (!passwordEncoder.matches(password, user.getPassword())) {
  51. throw new BadCredentialsException("Wrong password");
  52. }
  53.  
  54. return new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
  55. }
  56. }
  57.  
  58. @Service("userDetailsService")
  59. public class RealmedUserDetailsService extends JdbcDaoImpl {
  60. private final boolean enableGroups = true;
  61. private final boolean enableAuthorities = false;
  62. private final String rolePrefix = "ROLE_";
  63. private final String usersByUsernameQuery
  64. = "select login, password, enabled from employee where login = ?";
  65. private final String usersByUsernameAndRealmQuery
  66. = "select login, password, enabled from employee "
  67. + "where login = ? and realm = ?";
  68. private final String authoritiesByUsernameQuery
  69. = "select e.login, g.authority_name from groups_employee as m2m "
  70. + "inner join employee as e on e.id = m2m.members_id "
  71. + "inner join groups as g on g.id = m2m.groups_id "
  72. + "where e.login = ?";
  73. private final String authoritiesByUsernameAndRealmQuery
  74. = "select e.login, g.authority_name from groups_employee as m2m "
  75. + "inner join employee as e on e.id = m2m.members_id "
  76. + "inner join groups as g on g.id = m2m.groups_id "
  77. + "where e.login = ? and g.realm = ?";
  78. private final String groupAuthoritiesByUsernameQuery
  79. = "select e.login, g.name, g.authority_name from groups_employee as m2m "
  80. + "inner join employee as e on e.id = m2m.members_id "
  81. + "inner join groups as g on g.id = m2m.groups_id "
  82. + "where e.login = ?";
  83. private final String groupAuthoritiesByUsernameAndRealmQuery
  84. = "select e.login, g.name, g.authority_name from groups_employee as m2m "
  85. + "inner join employee as e on e.id = m2m.members_id "
  86. + "inner join groups as g on g.id = m2m.groups_id "
  87. + "where e.login = ? and g.realm = ?";
  88.  
  89. @Autowired
  90. private DataSource dataSource;
  91.  
  92. protected void initialize() {
  93. setEnableGroups(enableGroups);
  94. setEnableAuthorities(enableAuthorities);
  95. setRolePrefix(rolePrefix);
  96. setUsersByUsernameQuery(usersByUsernameQuery);
  97. setAuthoritiesByUsernameQuery(authoritiesByUsernameQuery);
  98. setGroupAuthoritiesByUsernameQuery(groupAuthoritiesByUsernameQuery);
  99. setDataSource(dataSource);
  100. }
  101.  
  102. public UserDetails loadUserByUsernameAndRealm(String username, String realm) {
  103. List<UserDetails> users = loadUsersByUsernameAndRealm(username, realm);
  104. if (users.size() == 0) {
  105. throw new UsernameNotFoundException("Username not found");
  106. }
  107. UserDetails user = users.get(0);
  108.  
  109. List<GrantedAuthority> authorities = loadGroupAuthoritiesForRealm(user.getUsername(), realm);
  110.  
  111. return createUserDetails(username, user, authorities);
  112. }
  113.  
  114. protected List<UserDetails> loadUsersByUsernameAndRealm(String username, String realm) {
  115. return getJdbcTemplate().query(usersByUsernameAndRealmQuery, new String[] { username, realm },
  116. new RowMapper<UserDetails>() {
  117. public UserDetails mapRow(ResultSet rs, int rowNum) throws SQLException {
  118. String username = rs.getString(1);
  119. String password = rs.getString(2);
  120. boolean enabled = rs.getBoolean(3);
  121. boolean accountNonExpired = true;
  122. boolean credentialsNonExpired = true;
  123. boolean accountNonLocked = true;
  124.  
  125. return new User(username, password, enabled, accountNonExpired, credentialsNonExpired,
  126. accountNonLocked, AuthorityUtils.NO_AUTHORITIES);
  127. }
  128. }
  129. );
  130. }
  131.  
  132. protected List<GrantedAuthority> loadGroupAuthoritiesForRealm(String username, String realm) {
  133. return getJdbcTemplate().query(groupAuthoritiesByUsernameAndRealmQuery, new String[] { username, realm },
  134. new RowMapper<GrantedAuthority>() {
  135. public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
  136. String roleName = getRolePrefix() + rs.getString(3);
  137. return new SimpleGrantedAuthority(roleName);
  138. }
  139. }
  140. );
  141. }
  142. }
  143.  
  144. <beans:beans xmlns="http://www.springframework.org/schema/security"
  145. xmlns:beans="http://www.springframework.org/schema/beans"
  146. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  147. xsi:schemaLocation="http://www.springframework.org/schema/beans
  148. http://www.springframework.org/schema/beans/spring-beans.xsd
  149. http://www.springframework.org/schema/security
  150. http://www.springframework.org/schema/security/spring-security.xsd">
  151.  
  152. <http use-expressions="true" request-matcher="regex">
  153. <intercept-url pattern="/admin/.*" access="hasRole('ROLE_ADMIN')" />
  154.  
  155. <form-login
  156. login-page="/auth/login"
  157. authentication-failure-url="/auth/login?fail"
  158. default-target-url="/"
  159. login-processing-url="/auth/login"
  160. authentication-details-source-ref="authenticationDetailSource" />
  161.  
  162. <logout
  163. logout-url="/auth/logout"
  164. logout-success-url="/" />
  165. </http>
  166.  
  167. <global-method-security pre-post-annotations="enabled"/>
  168.  
  169. <authentication-manager>
  170. <authentication-provider ref="authenticationProvider" />
  171. </authentication-manager>
  172.  
  173. <beans:bean name="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
  174. </beans:beans>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!