Use WebAuthenticationDetails for Authentication.getDetails() by default.
This commit is contained in:
parent
436d37c166
commit
e52f3eacb1
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -345,9 +345,7 @@ public class DaoAuthenticationProvider implements AuthenticationProvider,
|
||||||
* Creates a successful {@link Authentication} object.
|
* Creates a successful {@link Authentication} object.
|
||||||
*
|
*
|
||||||
* <P>
|
* <P>
|
||||||
* Protected so subclasses can override. This might be required if multiple
|
* Protected so subclasses can override.
|
||||||
* credentials need to be placed into a custom <code>Authentication</code>
|
|
||||||
* object, such as a password as well as a ZIP code.
|
|
||||||
* </p>
|
* </p>
|
||||||
*
|
*
|
||||||
* <P>
|
* <P>
|
||||||
|
|
|
@ -0,0 +1,96 @@
|
||||||
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package net.sf.acegisecurity.ui;
|
||||||
|
|
||||||
|
import java.io.Serializable;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A holder of selected HTTP details related to a web authentication request.
|
||||||
|
*
|
||||||
|
* @author Ben Alex
|
||||||
|
* @version $Id$
|
||||||
|
*/
|
||||||
|
public class WebAuthenticationDetails implements Serializable {
|
||||||
|
//~ Instance fields ========================================================
|
||||||
|
|
||||||
|
private String remoteAddress;
|
||||||
|
private String sessionId;
|
||||||
|
|
||||||
|
//~ Constructors ===========================================================
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Constructor.
|
||||||
|
*
|
||||||
|
* <p>
|
||||||
|
* NB: This constructor will cause a <code>HttpSession</code> to be created
|
||||||
|
* (this is considered reasonable as all Acegi Security authentication
|
||||||
|
* requests rely on <code>HttpSession</code> to store the
|
||||||
|
* <code>Authentication</code> between requests
|
||||||
|
* </p>
|
||||||
|
*
|
||||||
|
* @param request that the authentication request was received from
|
||||||
|
*/
|
||||||
|
public WebAuthenticationDetails(HttpServletRequest request) {
|
||||||
|
this.remoteAddress = request.getRemoteAddr();
|
||||||
|
this.sessionId = request.getSession().getId();
|
||||||
|
doPopulateAdditionalInformation(request);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected WebAuthenticationDetails() {
|
||||||
|
throw new IllegalArgumentException("Cannot use default constructor");
|
||||||
|
}
|
||||||
|
|
||||||
|
//~ Methods ================================================================
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Indicates the TCP/IP address the authentication request was received
|
||||||
|
* from.
|
||||||
|
*
|
||||||
|
* @return the address
|
||||||
|
*/
|
||||||
|
public String getRemoteAddress() {
|
||||||
|
return remoteAddress;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Indicates the <code>HttpSession</code> id the authentication request was
|
||||||
|
* received from.
|
||||||
|
*
|
||||||
|
* @return the session ID
|
||||||
|
*/
|
||||||
|
public String getSessionId() {
|
||||||
|
return sessionId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String toString() {
|
||||||
|
StringBuffer sb = new StringBuffer();
|
||||||
|
sb.append(super.toString() + ": ");
|
||||||
|
sb.append("RemoteIpAddress: " + this.getRemoteAddress() + "; ");
|
||||||
|
sb.append("SessionId: " + this.getSessionId());
|
||||||
|
|
||||||
|
return sb.toString();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provided so that subclasses can populate additional information.
|
||||||
|
*
|
||||||
|
* @param request that the authentication request was received from
|
||||||
|
*/
|
||||||
|
protected void doPopulateAdditionalInformation(HttpServletRequest request) {}
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -20,6 +20,7 @@ import net.sf.acegisecurity.AuthenticationException;
|
||||||
import net.sf.acegisecurity.AuthenticationManager;
|
import net.sf.acegisecurity.AuthenticationManager;
|
||||||
import net.sf.acegisecurity.intercept.web.AuthenticationEntryPoint;
|
import net.sf.acegisecurity.intercept.web.AuthenticationEntryPoint;
|
||||||
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
||||||
|
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
|
||||||
import net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter;
|
import net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter;
|
||||||
|
|
||||||
import org.apache.commons.codec.binary.Base64;
|
import org.apache.commons.codec.binary.Base64;
|
||||||
|
@ -168,7 +169,7 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
|
||||||
|
|
||||||
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
|
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
|
||||||
password);
|
password);
|
||||||
authRequest.setDetails(httpRequest.getRemoteAddr());
|
authRequest.setDetails(new WebAuthenticationDetails(httpRequest));
|
||||||
|
|
||||||
Authentication authResult;
|
Authentication authResult;
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -19,6 +19,7 @@ import net.sf.acegisecurity.Authentication;
|
||||||
import net.sf.acegisecurity.AuthenticationException;
|
import net.sf.acegisecurity.AuthenticationException;
|
||||||
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
||||||
import net.sf.acegisecurity.ui.AbstractProcessingFilter;
|
import net.sf.acegisecurity.ui.AbstractProcessingFilter;
|
||||||
|
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
|
||||||
|
|
||||||
import javax.servlet.FilterConfig;
|
import javax.servlet.FilterConfig;
|
||||||
import javax.servlet.ServletException;
|
import javax.servlet.ServletException;
|
||||||
|
@ -103,7 +104,7 @@ public class CasProcessingFilter extends AbstractProcessingFilter {
|
||||||
|
|
||||||
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
|
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
|
||||||
password);
|
password);
|
||||||
authRequest.setDetails(request.getRemoteAddr());
|
authRequest.setDetails(new WebAuthenticationDetails(request));
|
||||||
|
|
||||||
return this.getAuthenticationManager().authenticate(authRequest);
|
return this.getAuthenticationManager().authenticate(authRequest);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -19,6 +19,7 @@ import net.sf.acegisecurity.Authentication;
|
||||||
import net.sf.acegisecurity.AuthenticationException;
|
import net.sf.acegisecurity.AuthenticationException;
|
||||||
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
||||||
import net.sf.acegisecurity.ui.AbstractProcessingFilter;
|
import net.sf.acegisecurity.ui.AbstractProcessingFilter;
|
||||||
|
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
|
||||||
|
|
||||||
import javax.servlet.FilterConfig;
|
import javax.servlet.FilterConfig;
|
||||||
import javax.servlet.ServletException;
|
import javax.servlet.ServletException;
|
||||||
|
@ -66,7 +67,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
|
||||||
public Authentication attemptAuthentication(HttpServletRequest request)
|
public Authentication attemptAuthentication(HttpServletRequest request)
|
||||||
throws AuthenticationException {
|
throws AuthenticationException {
|
||||||
String username = request.getParameter(ACEGI_SECURITY_FORM_USERNAME_KEY);
|
String username = request.getParameter(ACEGI_SECURITY_FORM_USERNAME_KEY);
|
||||||
String password = request.getParameter(ACEGI_SECURITY_FORM_PASSWORD_KEY);
|
String password = obtainPassword(request);
|
||||||
|
|
||||||
if (username == null) {
|
if (username == null) {
|
||||||
username = "";
|
username = "";
|
||||||
|
@ -93,8 +94,8 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Provided so that subclasses may configure what is put into the
|
* Provided so that subclasses may configure what is put into the
|
||||||
* authentication request's details property. Default implementation
|
* authentication request's details property. The default implementation
|
||||||
* simply sets the IP address of the servlet request.
|
* simply constructs {@link WebAuthenticationDetails}.
|
||||||
*
|
*
|
||||||
* @param request that an authentication request is being created for
|
* @param request that an authentication request is being created for
|
||||||
* @param authRequest the authentication request object that should have
|
* @param authRequest the authentication request object that should have
|
||||||
|
@ -102,6 +103,28 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
|
||||||
*/
|
*/
|
||||||
protected void setDetails(HttpServletRequest request,
|
protected void setDetails(HttpServletRequest request,
|
||||||
UsernamePasswordAuthenticationToken authRequest) {
|
UsernamePasswordAuthenticationToken authRequest) {
|
||||||
authRequest.setDetails(request.getRemoteAddr());
|
authRequest.setDetails(new WebAuthenticationDetails(request));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enables subclasses to override the composition of the password, such as
|
||||||
|
* by including additional values and a separator.
|
||||||
|
*
|
||||||
|
* <p>
|
||||||
|
* This might be used for example if a postcode/zipcode was required in
|
||||||
|
* addition to the password. A delimiter such as a pipe (|) should be used
|
||||||
|
* to separate the password and extended value(s). The
|
||||||
|
* <code>AuthenticationDao</code> will need to generate the expected
|
||||||
|
* password in a corresponding manner.
|
||||||
|
* </p>
|
||||||
|
*
|
||||||
|
* @param request so that request attributes can be retrieved
|
||||||
|
*
|
||||||
|
* @return the password that will be presented in the
|
||||||
|
* <code>Authentication</code> request token to the
|
||||||
|
* <code>AuthenticationManager</code>
|
||||||
|
*/
|
||||||
|
protected String obtainPassword(HttpServletRequest request) {
|
||||||
|
return request.getParameter(ACEGI_SECURITY_FORM_PASSWORD_KEY);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -55,7 +55,7 @@ public class MockHttpSession implements HttpSession {
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getId() {
|
public String getId() {
|
||||||
throw new UnsupportedOperationException("mock method not implemented");
|
return "3984594856968";
|
||||||
}
|
}
|
||||||
|
|
||||||
public long getLastAccessedTime() {
|
public long getLastAccessedTime() {
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -21,6 +21,7 @@ import net.sf.acegisecurity.Authentication;
|
||||||
import net.sf.acegisecurity.MockAuthenticationManager;
|
import net.sf.acegisecurity.MockAuthenticationManager;
|
||||||
import net.sf.acegisecurity.MockHttpServletRequest;
|
import net.sf.acegisecurity.MockHttpServletRequest;
|
||||||
import net.sf.acegisecurity.MockHttpSession;
|
import net.sf.acegisecurity.MockHttpSession;
|
||||||
|
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -72,7 +73,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||||
|
|
||||||
Authentication result = filter.attemptAuthentication(request);
|
Authentication result = filter.attemptAuthentication(request);
|
||||||
assertTrue(result != null);
|
assertTrue(result != null);
|
||||||
assertEquals("127.0.0.1", result.getDetails());
|
assertEquals("127.0.0.1",
|
||||||
|
((WebAuthenticationDetails) result.getDetails()).getRemoteAddress());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testNullPasswordHandledGracefully() throws Exception {
|
public void testNullPasswordHandledGracefully() throws Exception {
|
||||||
|
|
|
@ -43,6 +43,8 @@
|
||||||
<action dev="benalex" type="add">FilterChainProxy added to significantly simplify web.xml configuration of Acegi Security</action>
|
<action dev="benalex" type="add">FilterChainProxy added to significantly simplify web.xml configuration of Acegi Security</action>
|
||||||
<action dev="benalex" type="update">FilterToBeanProxy now addresses lifecycle mismatch (IoC container vs servlet container) issue</action>
|
<action dev="benalex" type="update">FilterToBeanProxy now addresses lifecycle mismatch (IoC container vs servlet container) issue</action>
|
||||||
<action dev="benalex" type="add">Additional debug-level logging</action>
|
<action dev="benalex" type="add">Additional debug-level logging</action>
|
||||||
|
<action dev="benalex" type="add">AuthenticationProcessingFilter now provides hook for extra credentials (eg postcodes)</action>
|
||||||
|
<action dev="benalex" type="add">New WebAuthenticationDetails class now used by processing filters for Authentication.setDetails()</action>
|
||||||
</release>
|
</release>
|
||||||
<release version="0.7.0" date="2005-01-16">
|
<release version="0.7.0" date="2005-01-16">
|
||||||
<action dev="carlossg" type="add">Major CVS repository restructure to support Maven and eliminate libraries</action>
|
<action dev="carlossg" type="add">Major CVS repository restructure to support Maven and eliminate libraries</action>
|
||||||
|
|
Loading…
Reference in New Issue