Store additional information about the authentication request.

core/src/main/java/org/acegisecurity/Authentication.java

@@ -71,6 +71,15 @@ public interface Authentication extends Principal {
      */
     public Object getCredentials();
 
+    /**
+     * Stores additional details about the authentication request. These might
+     * be an IP address, certificate serial number etc.
+     *
+     * @return additional details about the authentication request, or
+     *         <code>null</code> if not used
+     */
+    public Object getDetails();
+
     /**
      * The identity of the principal being authenticated. This is usually a
      * username. Callers are expected to populate the principal.

core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java

@@ -27,6 +27,16 @@ import net.sf.acegisecurity.Authentication;
 public abstract class AbstractAuthenticationToken implements Authentication {
     //~ Methods ================================================================
 
+    /**
+     * Subclasses should override if they wish to provide additional details
+     * about the authentication event.
+     *
+     * @return always <code>null</code>
+     */
+    public Object getDetails() {
+        return null;
+    }
+
     public String getName() {
         return this.getPrincipal().toString();
     }
@@ -68,6 +78,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
         sb.append("Username: " + this.getPrincipal() + "; ");
         sb.append("Password: [PROTECTED]; ");
         sb.append("Authenticated: " + this.isAuthenticated() + "; ");
+        sb.append("Details: " + this.getDetails() + "; ");
 
         if (this.getAuthorities() != null) {
             sb.append("Granted Authorities: ");

core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java

@@ -40,6 +40,7 @@ public class UsernamePasswordAuthenticationToken
     private Object principal;
     private GrantedAuthority[] authorities;
     private boolean authenticated = false;
+    private String details = null;
 
     //~ Constructors ===========================================================
 
@@ -85,4 +86,12 @@ public class UsernamePasswordAuthenticationToken
     public Object getPrincipal() {
         return this.principal;
     }
+
+	public Object getDetails() {
+		return details;
+	}
+
+	public void setDetails(String details) {
+		this.details = details;
+	}
 }

core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java

@@ -169,6 +169,7 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
 
             UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
                     password);
+            authRequest.setDetails(httpRequest.getRemoteAddr());
 
             Authentication authResult;
 

core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilter.java

@@ -103,6 +103,7 @@ public class CasProcessingFilter extends AbstractProcessingFilter {
 
         UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
                 password);
+        authRequest.setDetails(request.getRemoteAddr());
 
         return this.getAuthenticationManager().authenticate(authRequest);
     }

core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java

@@ -77,6 +77,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
 
         UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
                 password);
+        authRequest.setDetails(request.getRemoteAddr());
 
         return this.getAuthenticationManager().authenticate(authRequest);
     }