Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Authentication is done by LDAP but you want to lock the ldap user after he logged in.</p> <p>If you use spring 2.5 you can make your custom implementation of a <a href="http://www.jarvana.com/jarvana/view/org/springframework/spring/2.5.6/spring-2.5.6-sources.jar!/org/springframework/beans/factory/InitializingBean.java?format=ok" rel="nofollow">InitializingBean</a> and check if principal is a LDAP user:</p> <pre><code>public abstract class EventListener implements InitializingBean { Log log = LogFactory.getLog(this.getClass()); EventDispatcher eventDispatcher; // Spring will call this method after auto- // wiring is complete. public void afterPropertiesSet() throws Exception { // let us register this instance with // event dispatcher eventDispatcher.registerListener(this); } /** * Implementation of this method checks whether the given event can be * handled in this class. This method will be called by the event * dispatcher. * * @param event * the event to handle * @return true if the implementing subclass can handle the event */ public abstract boolean canHandle(Object event); /** * This method is executed by the event dispatcher with the event object. * * @param event * the event to handle */ public abstract void handle(Object event); public void setEventDispatcher(EventDispatcher eventDispatcher) { this.eventDispatcher = eventDispatcher; } } </code></pre> <p>And next implement this custom handle on your loginFailureEventListener (map this listener in your xml)</p> <pre><code> public class LoginSuccessEventlistener extends EventListener { @Override public boolean canHandle(Object event) { return event instanceof AuthenticationFailureBadCredentialsEvent; } @Override public void handle(Object event) { AuthenticationFailureBadCredentialsEvent loginFailureEvent = (AuthenticationFailureBadCredentialsEvent) event; Object name = loginFailureEvent.getAuthentication().getPrincipal(); if(principal instanceof org.springframework.security.userdetails.ldap.LdapUserDetailsImpl){ out.("LDAPUser: " + user.getUsername() + " failed login"); //do you thing here } } } </code></pre> <p>binding in XML:</p> <pre><code>&lt;b:bean id="loginFailureEventListener" class="com.foo.bar.support.event.LoginFailureEventListener"&gt; &lt;b:property name="eventDispatcher" ref="eventDispatcher"/&gt; &lt;/b:bean&gt; </code></pre> <p><strong>EDIT:</strong> You can extend <code>AuthenticationProcessingFilter</code> and override the <code>onUnsuccessfulAuthentication</code> method:</p> <pre><code>public class CustomAuthenticationProcessingFilter extends AuthenticationProcessingFilter { private LoginDao loginDao; @Override protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException { super.onSuccessfulAuthentication(request, response, authResult); request.getSession().setAttribute("wrong", -1); } protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { super.onUnsuccessfulAuthentication(request, response, authException); String username = (String) authException.getAuthentication().getPrincipal(); if(username.length() &gt; 0){ Login login = loginDao.read(username); if(login != null){ request.getSession().setAttribute("wrong", login.getFailedLoginAttempts()); request.getSession().setAttribute("attempts", Login.MAX_FAILED_LOGIN_ATTEMPTS); }else{ request.getSession().setAttribute("wrong", 100); } }else{ request.getSession().setAttribute("wrong", -1); } } public void setLoginDao(LoginDao loginDao) { this.loginDao = loginDao; } } </code></pre> <p>Binning in XML:</p> <pre><code>&lt;!-- Custom AuthenticationProcessingFilter with Callbacks --&gt; &lt;authentication-manager alias="authenticationManagerAlias"/&gt; &lt;b:bean id="authenticationProcessingFilter" name="authenticationProcessingFilter" class="com.foo.bat.support.event.CustomAuthenticationProcessingFilter"&gt; &lt;b:property name="authenticationManager" ref="authenticationManagerAlias"/&gt; &lt;b:property name="authenticationFailureUrl" value="/login.do"/&gt; &lt;b:property name="filterProcessesUrl" value="/j_spring_security_check"/&gt; &lt;b:property name="defaultTargetUrl" value="/index.html"/&gt; &lt;!-- loginDao is a HibernateDao that reads logins an write wrong attempts to DB --&gt; &lt;b:property name="loginDao"&gt;&lt;b:ref bean="loginDao"/&gt;&lt;/b:property&gt; &lt;custom-filter position="AUTHENTICATION_PROCESSING_FILTER" /&gt; &lt;/b:bean&gt; </code></pre> <p>Now you can put this filter in your filterChainProxy</p> <p>Look here for inspiration <a href="http://www.harinair.com/2010/02/spring-acegi-security-account-lockout/" rel="nofollow">http://www.harinair.com/2010/02/spring-acegi-security-account-lockout/</a></p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload