diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/security/AuthenticationAuditListener.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/security/AuthenticationAuditListener.java index 87ff5f6fb0d..072c81c71b5 100644 --- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/security/AuthenticationAuditListener.java +++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/security/AuthenticationAuditListener.java @@ -1,5 +1,5 @@ /* - * Copyright 2012-2015 the original author or authors. + * Copyright 2012-2016 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -61,6 +61,9 @@ public class AuthenticationAuditListener extends AbstractAuthenticationAuditList Map data = new HashMap(); data.put("type", event.getException().getClass().getName()); data.put("message", event.getException().getMessage()); + if (event.getAuthentication().getDetails() != null) { + data.put("details", event.getAuthentication().getDetails()); + } publish(new AuditEvent(event.getAuthentication().getName(), "AUTHENTICATION_FAILURE", data)); } diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/security/AuthenticationAuditListenerTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/security/AuthenticationAuditListenerTests.java index aca33b18031..216b06fbd9b 100644 --- a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/security/AuthenticationAuditListenerTests.java +++ b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/security/AuthenticationAuditListenerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2012-2015 the original author or authors. + * Copyright 2012-2016 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,7 +18,9 @@ package org.springframework.boot.actuate.security; import org.junit.Before; import org.junit.Test; +import org.mockito.ArgumentCaptor; +import org.springframework.boot.actuate.audit.listener.AuditApplicationEvent; import org.springframework.context.ApplicationEvent; import org.springframework.context.ApplicationEventPublisher; import org.springframework.security.authentication.BadCredentialsException; @@ -30,6 +32,8 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent; +import static org.hamcrest.Matchers.hasEntry; +import static org.junit.Assert.assertThat; import static org.mockito.Matchers.anyObject; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.never; @@ -82,4 +86,18 @@ public class AuthenticationAuditListenerTests { verify(this.publisher).publishEvent((ApplicationEvent) anyObject()); } + @Test + public void testDetailsAreIncludedInAuditEvent() throws Exception { + Object details = new Object(); + UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( + "user", "password"); + authentication.setDetails(details); + this.listener.onApplicationEvent(new AuthenticationFailureExpiredEvent( + authentication, new BadCredentialsException("Bad user"))); + ArgumentCaptor auditApplicationEvent = ArgumentCaptor + .forClass(AuditApplicationEvent.class); + verify(this.publisher).publishEvent(auditApplicationEvent.capture()); + assertThat(auditApplicationEvent.getValue().getAuditEvent().getData(), + hasEntry("details", details)); + } }