@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { if (event instanceof AuthenticationSuccessEvent) { log.debug("Authentication OK: {}", event.getAuthentication().getName()); // Activity log Object details = event.getAuthentication().getDetails(); String params = null; if (details instanceof WebAuthenticationDetails) { WebAuthenticationDetails wad = (WebAuthenticationDetails) details; params = wad.getRemoteAddress(); } else if (GenericHolder.get() != null) { params = (String) GenericHolder.get(); } UserActivity.log(event.getAuthentication().getName(), "LOGIN", null, null, params); } else if (event instanceof AuthenticationFailureBadCredentialsEvent) { log.info("Authentication ERROR: {}", event.getAuthentication().getName()); } }
@Override public void onApplicationEvent(AbstractAuthenticationEvent appEvent) { String currentUserName = extractUserName(appEvent); if (currentUserName == null || isLockMechanismDisabled()) { return; } if (appEvent instanceof AuthenticationSuccessEvent && accessCounter.containsKey(currentUserName) && accessCounter.get(currentUserName) < maxLoginFailures) { accessCounter.remove(currentUserName); lastFailedLogin.remove(currentUserName); } if (appEvent instanceof AuthenticationFailureBadCredentialsEvent) { if (accessCounter.containsKey(currentUserName)) { accessCounter.put(currentUserName, accessCounter.get(currentUserName) + 1); } else { accessCounter.put(currentUserName, 1); } lastFailedLogin.put(currentUserName, new Date()); } }
private String extractUserName(AbstractAuthenticationEvent appEvent) { if (appEvent.getSource() != null && appEvent.getSource() instanceof InternalAuthentication) { InternalAuthentication internalAuth = (InternalAuthentication) appEvent.getSource(); if (internalAuth.getPrincipal() != null) { if (internalAuth.getPrincipal() instanceof User) { User user = (User) internalAuth.getPrincipal(); return user.getUserName(); } if (internalAuth.getPrincipal() instanceof String) { return (String) internalAuth.getPrincipal(); } } } return null; }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { final StringBuilder builder = new StringBuilder(); builder.append("Authentication event "); builder.append(event.getClass().getSimpleName()); builder.append(": "); builder.append(event.getAuthentication().getName()); builder.append("; details: "); builder.append(event.getAuthentication().getDetails()); if (event instanceof AbstractAuthenticationFailureEvent) { builder.append("; exception: "); builder.append(((AbstractAuthenticationFailureEvent) event) .getException().getMessage()); } LOG.warn(builder.toString()); }
@Override @Transactional(propagation = Propagation.REQUIRES_NEW) public void onApplicationEvent(AbstractAuthenticationEvent event) { logToAuditService(event); emitLogMessage(event); storeLogMessage(event); }
private static void emitLogMessage(AbstractAuthenticationEvent event) { final StringBuilder builder = new StringBuilder(); builder.append("Authentication event "); builder.append(ClassUtils.getShortName(event.getClass())); builder.append(": "); builder.append(event.getAuthentication().getName()); if (event instanceof AbstractAuthenticationFailureEvent) { builder.append("; exception: "); builder.append(((AbstractAuthenticationFailureEvent) event).getException().getMessage()); } LOG.warn(builder.toString()); }
private void storeLogMessage(final AbstractAuthenticationEvent event) { try { if (event instanceof InteractiveAuthenticationSuccessEvent) { accountAuditService.auditLoginSuccessEvent(InteractiveAuthenticationSuccessEvent.class.cast(event)); } else if (event instanceof AuthenticationSuccessEvent) { accountAuditService.auditLoginSuccessEvent(AuthenticationSuccessEvent.class.cast(event)); } else if (event instanceof AbstractAuthenticationFailureEvent) { accountAuditService.auditLoginFailureEvent(AbstractAuthenticationFailureEvent.class.cast(event)); } } catch (Exception ex) { LOG.error("Failed to audit authentication event in database", ex); } }
private void logToAuditService(AbstractAuthenticationEvent event) { if (event instanceof AuthenticationSuccessEvent) { final Authentication authentication = event.getAuthentication(); final ImmutableMap.Builder<String, Object> extra = auditService.extra("remoteAddress", getRemoteAddress(authentication)); addGrantedAuthorities(authentication, extra); addSource(event, extra); auditService.log("loginSuccess", authentication.getName(), extra.build()); } }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { if (event instanceof AbstractAuthenticationFailureEvent) { onAuthenticationFailureEvent((AbstractAuthenticationFailureEvent) event); } else if (this.webListener != null && this.webListener.accepts(event)) { this.webListener.process(this, event); } else if (event instanceof AuthenticationSuccessEvent) { onAuthenticationSuccessEvent((AuthenticationSuccessEvent) event); } }
public void process(AuthenticationAuditListener listener, AbstractAuthenticationEvent input) { if (listener != null) { AuthenticationSwitchUserEvent event = (AuthenticationSwitchUserEvent) input; Map<String, Object> data = new HashMap<String, Object>(); if (event.getAuthentication().getDetails() != null) { data.put("details", event.getAuthentication().getDetails()); } data.put("target", event.getTargetUser().getUsername()); listener.publish(new AuditEvent(event.getAuthentication().getName(), "AUTHENTICATION_SWITCH", data)); } }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { Authentication source = event.getAuthentication(); if (event instanceof AbstractAuthenticationFailureEvent) { Exception e = ((AbstractAuthenticationFailureEvent) event).getException(); log.info(String.format("Authentication failure [user: %s] [error: %s]", source.getName(), e.getMessage())); } else if (event instanceof AuthenticationSuccessEvent) { String userName = source.getName(); log.info(String.format("User logged in [user: %s]", userName)); eventService.post(EventType.Login.toString(), userName, null); } }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { if (event instanceof AbstractAuthenticationFailureEvent) { onAuthenticationFailureEvent((AbstractAuthenticationFailureEvent) event); } else if (this.webListener != null && this.webListener.accepts(event)) { this.webListener.process(this, event); } else { onAuthenticationEvent(event); } }
private void onAuthenticationEvent(AbstractAuthenticationEvent event) { Map<String, Object> data = new HashMap<String, Object>(); if (event.getAuthentication().getDetails() != null) { data.put("details", event.getAuthentication().getDetails()); } publish(new AuditEvent(event.getAuthentication().getName(), "AUTHENTICATION_SUCCESS", data)); }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { // Authentication success if (event instanceof AuthenticationSuccessEvent) { handleAuthenticationSuccessEvent((AuthenticationSuccessEvent) event); } // Authentication failure if (event instanceof AbstractAuthenticationFailureEvent) { handleAuthenticationFailureEvent((AbstractAuthenticationFailureEvent) event); } // Authentication clear if (event instanceof AuthenticationCleanedEvent) { handleAuthenticationCleanedEvent((AuthenticationCleanedEvent) event); } }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { Authentication authentication = event.getAuthentication(); if (event instanceof AuthenticationSuccessEvent) { ResourceOwnerPasswordResourceDetails resource = getResourceOwnerPasswordResourceDetails(); resource.setScope(Arrays.asList("words")); resource.setUsername(authentication.getName()); resource.setPassword(authentication.getCredentials().toString()); try { OAuth2AccessToken accessToken = accessTokenProvider.obtainAccessToken(resource, new DefaultAccessTokenRequest()); log.debug("Access token request succeeded for user: '{}', new token is '{}'" , resource.getUsername() , accessToken.getValue()); if (authentication instanceof AbstractAuthenticationToken && authentication.getDetails() instanceof CustomAuthenticationDetails) { ((CustomAuthenticationDetails) ((AbstractAuthenticationToken) authentication).getDetails()) .setBearer(accessToken.getValue()); log.debug("Access token was added to authentication as details"); } else if (log.isDebugEnabled()) { log.debug("Access token could not be added to authentication as details"); } } catch (Exception e) { log.error("Access token request failed for user: '" + resource.getUsername() + "'", e); } } if (authentication instanceof CredentialsContainer) { // Authentication is complete. Remove credentials and other secret data from authentication ((CredentialsContainer)authentication).eraseCredentials(); } }
private EventBuilder createEvent(String uei, AbstractAuthenticationEvent authEvent) { EventBuilder builder = new EventBuilder(uei, "OpenNMS.WebUI"); builder.setTime(new Date(authEvent.getTimestamp())); org.springframework.security.core.Authentication auth = authEvent.getAuthentication(); if (auth != null && auth.getName() != null) { builder.addParam("user", WebSecurityUtils.sanitizeString(auth.getName())); } if (auth != null && auth.getDetails() != null && auth.getDetails() instanceof WebAuthenticationDetails) { WebAuthenticationDetails webDetails = (WebAuthenticationDetails) auth.getDetails(); if (webDetails.getRemoteAddress() != null) { builder.addParam("ip", webDetails.getRemoteAddress()); } } return builder; }
private String getLines(AbstractAuthenticationEvent event){ final StringBuilder builder = new StringBuilder(); if(event!=null){ builder.append("Authentication Log("); builder.append(ClassUtils.getShortName(event.getClass())); builder.append("): "); builder.append(getLines(event.getAuthentication())); } return builder.toString(); }
private static void addSource(AbstractAuthenticationEvent event, ImmutableMap.Builder<String, Object> extra) { extra.put("source", event.getSource().getClass().getSimpleName()); }
public boolean accepts(AbstractAuthenticationEvent event) { return event instanceof AuthenticationSwitchUserEvent; }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { this.event = event; }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { if (log.isDebugEnabled()) { log.debug("Authentication Event:[" + event.toString() + "]"); } }
@Override public void onApplicationEvent(AbstractAuthenticationEvent event) { authlogger.write(event); }
public void write(AbstractAuthenticationEvent event){ log.info(getLines(event)); }