diff --git a/core/src/main/java/org/acegisecurity/Authentication.java b/core/src/main/java/org/acegisecurity/Authentication.java
index 3f9c815e62..bbb3013cd1 100644
--- a/core/src/main/java/org/acegisecurity/Authentication.java
+++ b/core/src/main/java/org/acegisecurity/Authentication.java
@@ -71,6 +71,15 @@ public interface Authentication extends Principal {
*/
public Object getCredentials();
+ /**
+ * Stores additional details about the authentication request. These might
+ * be an IP address, certificate serial number etc.
+ *
+ * @return additional details about the authentication request, or
+ * null if not used
+ */
+ public Object getDetails();
+
/**
* The identity of the principal being authenticated. This is usually a
* username. Callers are expected to populate the principal.
diff --git a/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java
index d8d09ce443..962773adfc 100644
--- a/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java
+++ b/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java
@@ -27,6 +27,16 @@ import net.sf.acegisecurity.Authentication;
public abstract class AbstractAuthenticationToken implements Authentication {
//~ Methods ================================================================
+ /**
+ * Subclasses should override if they wish to provide additional details
+ * about the authentication event.
+ *
+ * @return always null
+ */
+ public Object getDetails() {
+ return null;
+ }
+
public String getName() {
return this.getPrincipal().toString();
}
@@ -68,6 +78,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
sb.append("Username: " + this.getPrincipal() + "; ");
sb.append("Password: [PROTECTED]; ");
sb.append("Authenticated: " + this.isAuthenticated() + "; ");
+ sb.append("Details: " + this.getDetails() + "; ");
if (this.getAuthorities() != null) {
sb.append("Granted Authorities: ");
diff --git a/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java
index 204fa6b743..78b9874e40 100644
--- a/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java
+++ b/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java
@@ -40,6 +40,7 @@ public class UsernamePasswordAuthenticationToken
private Object principal;
private GrantedAuthority[] authorities;
private boolean authenticated = false;
+ private String details = null;
//~ Constructors ===========================================================
@@ -85,4 +86,12 @@ public class UsernamePasswordAuthenticationToken
public Object getPrincipal() {
return this.principal;
}
+
+ public Object getDetails() {
+ return details;
+ }
+
+ public void setDetails(String details) {
+ this.details = details;
+ }
}
diff --git a/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java
index 1107970f9a..bfc754a26b 100644
--- a/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java
@@ -169,6 +169,7 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
password);
+ authRequest.setDetails(httpRequest.getRemoteAddr());
Authentication authResult;
diff --git a/core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilter.java
index 07ebb07287..68009b9ae7 100644
--- a/core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilter.java
@@ -103,6 +103,7 @@ public class CasProcessingFilter extends AbstractProcessingFilter {
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
password);
+ authRequest.setDetails(request.getRemoteAddr());
return this.getAuthenticationManager().authenticate(authRequest);
}
diff --git a/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java
index 4d0b7d0f0b..4fc2d85677 100644
--- a/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java
@@ -77,6 +77,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
password);
+ authRequest.setDetails(request.getRemoteAddr());
return this.getAuthenticationManager().authenticate(authRequest);
}