下面列出了怎么用org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent的API类实例代码及写法,或者点击链接到github查看源代码。
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
Authentication authResult) throws IOException, ServletException {
if (authResult instanceof KeycloakAuthenticationToken && ((KeycloakAuthenticationToken) authResult).isInteractive()) {
super.successfulAuthentication(request, response, chain, authResult);
return;
}
if (log.isDebugEnabled()) {
log.debug("Authentication success using bearer token/basic authentication. Updating SecurityContextHolder to contain: {}", authResult);
}
SecurityContext context = SecurityContextHolder.createEmptyContext();
context.setAuthentication(authResult);
SecurityContextHolder.setContext(context);
try {
// Fire event
if (this.eventPublisher != null) {
eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
}
chain.doFilter(request, response);
} finally {
SecurityContextHolder.clearContext();
}
}
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
Authentication authResult) throws IOException, ServletException {
if (logger.isDebugEnabled()) {
logger.debug("Authentication success. Updating SecurityContextHolder to contain: " + authResult);
}
SecurityContextHolder.getContext().setAuthentication(authResult);
if (this.eventPublisher != null) {
eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
}
removeJSessionIdCookie(request, response);
// successHandler.onAuthenticationSuccess(request, response, authResult);
}
@EventListener({ InteractiveAuthenticationSuccessEvent.class, AuthenticationSuccessEvent.class })
public void handleAuthenticationSuccess( AbstractAuthenticationEvent event )
{
Authentication auth = event.getAuthentication();
if ( TwoFactorWebAuthenticationDetails.class.isAssignableFrom( auth.getDetails().getClass() ) )
{
TwoFactorWebAuthenticationDetails authDetails =
( TwoFactorWebAuthenticationDetails ) auth.getDetails();
log.debug( String.format( "Login attempt succeeded for remote IP: %s", authDetails.getIp() ) );
}
final String username = event.getAuthentication().getName();
UserCredentials credentials = userService.getUserCredentialsByUsername( username );
boolean readOnly = config.isReadOnlyMode();
if ( Objects.nonNull( credentials ) && !readOnly )
{
credentials.updateLastLogin();
userService.updateUserCredentials( credentials );
}
securityService.registerSuccessfulLogin( username );
}
@Override
@Transactional
public void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
Object principal = event.getAuthentication().getPrincipal();
if (principal instanceof JpaUserDetails) {
Long userId = ((JpaUserDetails) principal).getUserDbId();
this.jpaQueryFactory.update(QUser.user).setNull(QUser.user.lockedOutUntil)
.setNull(QUser.user.failedLogins).where(QUser.user.id.eq(userId))
.execute();
}
}
@Override
public void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
UserDetails userDetails = (UserDetails) event.getAuthentication().getPrincipal();
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
if (requestAttributes != null) {
final String sessionId = requestAttributes.getSessionId();
sessionTrackingService.registerLogin(userDetails.getUsername(), sessionId);
LOG.info("Login: user={}, sessionId={}", userDetails.getUsername(), sessionId);
}
}
@Override
public void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
User user = AuthenticationService.currentActingUser();
if (user != null) {
AuthenticationLogContext authenticationLogContext = getAuthenticationLogContext(event);
if (authenticationLogContext != null) {
AuthenticationService.createLog(user, authenticationLogContext);
}
}
}
public void onApplicationEvent(ApplicationEvent event) {
try {
if (event instanceof InteractiveAuthenticationSuccessEvent) {
this.logLoginSuccess(event);
}
if (event instanceof AuthenticationFailureBadCredentialsEvent) {
this.logBadCredential(event);
}
if (event instanceof AuthenticationFailureLockedEvent) {
this.logLocked(event);
}
if (event instanceof AuthenticationFailureDisabledEvent) {
this.logDisabled(event);
}
if (event instanceof AuthenticationFailureExpiredEvent) {
this.logAccountExpired(event);
}
if (event instanceof AuthenticationFailureCredentialsExpiredEvent) {
this.logCredentialExpired(event);
}
} catch (Exception ex) {
logger.error(ex.getMessage(), ex);
}
}
public void logLoginSuccess(ApplicationEvent event) throws Exception {
InteractiveAuthenticationSuccessEvent interactiveAuthenticationSuccessEvent = (InteractiveAuthenticationSuccessEvent) event;
Authentication authentication = interactiveAuthenticationSuccessEvent
.getAuthentication();
String tenantId = this.getTenantId(authentication);
Object principal = authentication.getPrincipal();
String userId = null;
if (principal instanceof SpringSecurityUserAuth) {
userId = ((SpringSecurityUserAuth) principal).getId();
} else {
userId = authentication.getName();
}
AuditDTO auditDto = new AuditDTO();
auditDto.setUserId(userId);
auditDto.setAuditTime(new Date());
auditDto.setAction("login");
auditDto.setResult("success");
auditDto.setApplication("lemon");
auditDto.setClient(getUserIp(authentication));
auditDto.setServer(InetAddress.getLocalHost().getHostAddress());
auditDto.setTenantId(tenantId);
auditConnector.log(auditDto);
// 登录成功,再发送一个消息,以后这里的功能都要改成listener,不用直接写接口了。解耦更好一些。
ctx.publishEvent(new LoginEvent(authentication, userId, this
.getSessionId(authentication), "success", "default", tenantId));
}
private AuthenticationLogContext getAuthenticationLogContext(InteractiveAuthenticationSuccessEvent event) {
return eventGeneratedByClassToAuthenticationLogContextMap.get(event.getGeneratedBy());
}