root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 5 Packages Projects Releases Wiki Activity

SEC-912: Added callback methods to BasicProcessingFilter for successful and unsuccessful authentication.

This commit is contained in:
Luke Taylor 2008-07-12 17:40:39 +00:00
parent 697c7c5f48
commit a56c13fb22
1 changed files with 24 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
core/src/main/java/org/springframework/security/ui/basicauth/BasicProcessingFilter.java
View File

@ -35,6 +35,7 @@ import org.springframework.security.ui.WebAuthenticationDetailsSource;
import org.springframework.security.ui.AuthenticationEntryPoint; import org.springframework.security.ui.AuthenticationEntryPoint;
import org.springframework.security.ui.FilterChainOrder; import org.springframework.security.ui.FilterChainOrder;
import org.springframework.security.ui.SpringSecurityFilter; import org.springframework.security.ui.SpringSecurityFilter;
import org.springframework.security.ui.rememberme.NullRememberMeServices;
import org.springframework.security.ui.rememberme.RememberMeServices; import org.springframework.security.ui.rememberme.RememberMeServices;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -91,7 +92,7 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource(); private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource();
private AuthenticationEntryPoint authenticationEntryPoint; private AuthenticationEntryPoint authenticationEntryPoint;
private AuthenticationManager authenticationManager; private AuthenticationManager authenticationManager;
private RememberMeServices rememberMeServices; private RememberMeServices rememberMeServices = new NullRememberMeServices();
private boolean ignoreFailure = false; private boolean ignoreFailure = false;
private String credentialsCharset = "UTF-8"; private String credentialsCharset = "UTF-8";
@ -105,10 +106,10 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
} }
} }
public void doFilterHttp(HttpServletRequest httpRequest, HttpServletResponse httpResponse, FilterChain chain) public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws IOException, ServletException { throws IOException, ServletException {
String header = httpRequest.getHeader("Authorization"); String header = request.getHeader("Authorization");
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Authorization header: " + header); logger.debug("Authorization header: " + header);
@ -116,7 +117,7 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
if ((header != null) && header.startsWith("Basic ")) { if ((header != null) && header.startsWith("Basic ")) {
byte[] base64Token = header.substring(6).getBytes("UTF-8"); byte[] base64Token = header.substring(6).getBytes("UTF-8");
String token = new String(Base64.decodeBase64(base64Token), getCredentialsCharset(httpRequest)); String token = new String(Base64.decodeBase64(base64Token), getCredentialsCharset(request));
String username = ""; String username = "";
String password = ""; String password = "";
@ -130,7 +131,7 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
if (authenticationIsRequired(username)) { if (authenticationIsRequired(username)) {
UsernamePasswordAuthenticationToken authRequest = UsernamePasswordAuthenticationToken authRequest =
new UsernamePasswordAuthenticationToken(username, password); new UsernamePasswordAuthenticationToken(username, password);
authRequest.setDetails(authenticationDetailsSource.buildDetails(httpRequest)); authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
Authentication authResult; Authentication authResult;
@ -144,14 +145,14 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
SecurityContextHolder.getContext().setAuthentication(null); SecurityContextHolder.getContext().setAuthentication(null);
if (rememberMeServices != null) { rememberMeServices.loginFail(request, response);
rememberMeServices.loginFail(httpRequest, httpResponse);
} onUnsuccessfulAuthentication(request, response, failed);
if (ignoreFailure) { if (ignoreFailure) {
chain.doFilter(httpRequest, httpResponse); chain.doFilter(request, response);
} else { } else {
authenticationEntryPoint.commence(httpRequest, httpResponse, failed); authenticationEntryPoint.commence(request, response, failed);
} }
return; return;
@ -164,13 +165,13 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
SecurityContextHolder.getContext().setAuthentication(authResult); SecurityContextHolder.getContext().setAuthentication(authResult);
if (rememberMeServices != null) { rememberMeServices.loginSuccess(request, response, authResult);
rememberMeServices.loginSuccess(httpRequest, httpResponse, authResult);
} onSuccessfulAuthentication(request, response, authResult);
} }
} }
chain.doFilter(httpRequest, httpResponse); chain.doFilter(request, response);
} }
private boolean authenticationIsRequired(String username) { private boolean authenticationIsRequired(String username) {
@ -203,6 +204,14 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
return false; return false;
} }
protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
Authentication authResult) throws IOException {
}
protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
AuthenticationException failed) throws IOException {
}
protected AuthenticationEntryPoint getAuthenticationEntryPoint() { protected AuthenticationEntryPoint getAuthenticationEntryPoint() {
return authenticationEntryPoint; return authenticationEntryPoint;
} }
@ -233,6 +242,7 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
} }
public void setRememberMeServices(RememberMeServices rememberMeServices) { public void setRememberMeServices(RememberMeServices rememberMeServices) {
Assert.notNull(rememberMeServices, "rememberMeServices cannot be null");
this.rememberMeServices = rememberMeServices; this.rememberMeServices = rememberMeServices;
} }