Java Code Examples for org.springframework.security.web.authentication.WebAuthenticationDetails#getRemoteAddress()

@Override
public void onApplicationEvent(AbstractSubProtocolEvent ev) {
    if(ev instanceof SessionSubscribeEvent) {
        sendHistoryToNewSubscriber(ev);
    } else if(ev instanceof SessionConnectEvent || ev instanceof SessionDisconnectEvent) {
        Authentication user = (Authentication)ev.getUser();
        Object details = user.getDetails();
        String sessionId = null;
        String address = null;
        if(details instanceof WebAuthenticationDetails) {
            WebAuthenticationDetails wad = (WebAuthenticationDetails) details;
            address = wad.getRemoteAddress();
            sessionId = wad.getSessionId();
        }
        if(ev instanceof SessionDisconnectEvent) {
            log.info("WebSocket user \"{}\" was disconnected from {} with HTTP session: {}", user.getName(), address, sessionId);
        } else {
            log.info("WebSocket user \"{}\" was connected from {} with HTTP session: {}", user.getName(), address, sessionId);
        }
    }
}
 

/**
 * Get current user's IP address.
 *
 * @return IP
 */
public static String getCurrentUserIp() {
  Authentication authentication = getAuthentication();
  if (authentication == null) {
    return "";
  }
  Object details = authentication.getDetails();
  if (details instanceof OAuth2AuthenticationDetails) {
    OAuth2AuthenticationDetails oAuth2AuthenticationDetails = (OAuth2AuthenticationDetails) details;
    return oAuth2AuthenticationDetails.getRemoteAddress();
  }
  if (details instanceof WebAuthenticationDetails) {
    WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;
    return webDetails.getRemoteAddress();
  }
  return "";
}
 

protected void process(
    AuthenticationFailureBadCredentialsEvent authFailEvent) {
Authentication auth = authFailEvent.getAuthentication();
WebAuthenticationDetails details = (WebAuthenticationDetails) auth
	.getDetails();
String remoteAddress = details != null ? details.getRemoteAddress()
	: "";
String sessionId = details != null ? details.getSessionId() : "";

logger.info("Login Unsuccessful:" + auth.getName() + " | Ip Address:"
	+ remoteAddress + " | Bad Credentials");

sessionMgr.processFailureLogin(
	XXAuthSession.AUTH_STATUS_WRONG_PASSWORD,
	XXAuthSession.AUTH_TYPE_PASSWORD, auth.getName(),
	remoteAddress, sessionId);
   }
 

protected void process(AuthenticationFailureDisabledEvent authFailEvent) {
Authentication auth = authFailEvent.getAuthentication();
WebAuthenticationDetails details = (WebAuthenticationDetails) auth
	.getDetails();
String remoteAddress = details != null ? details.getRemoteAddress()
	: "";
String sessionId = details != null ? details.getSessionId() : "";

logger.info("Login Unsuccessful:" + auth.getName() + " | Ip Address:"
	+ remoteAddress);

sessionMgr.processFailureLogin(XXAuthSession.AUTH_STATUS_DISABLED,
	XXAuthSession.AUTH_TYPE_PASSWORD, auth.getName(),
	remoteAddress, sessionId);

   }
 

@Override
public void newRevision(Object revisionEntity) {
	AuditRevision auditedRevision = (AuditRevision) revisionEntity;
	String userName = SecurityUtil.getUsername();
	/* possible approach to get IP address of the user
	- http://stackoverflow.com/questions/12786123/ip-filter-using-spring-security
	- http://forum.springsource.org/showthread.php?18071-pass-ip-address-to-authentication-provider
	*/
	
	WebAuthenticationDetails auth = (WebAuthenticationDetails) 
			SecurityContextHolder.getContext().getAuthentication().getDetails();
	if(auth != null) {
		String ipAddress = auth.getRemoteAddress();
		auditedRevision.setIpAddress(ipAddress);
	}
	
	auditedRevision.setUsername(userName);
}
 

/**
 * 取得当前用户登录IP, 如果当前用户未登录则返回空字符串.
 * 
 * @return String
 */
public static String getCurrentUserIp() {
    Authentication authentication = getAuthentication();

    if (authentication == null) {
        return "";
    }

    Object details = authentication.getDetails();

    if (!(details instanceof WebAuthenticationDetails)) {
        return "";
    }

    WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;

    return webDetails.getRemoteAddress();
}
 

@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
    WebAuthenticationDetails details = (WebAuthenticationDetails) auth.getDetails();
    String userIp = details.getRemoteAddress();
    if(! whitelist.contains(userIp)){
        throw new BadCredentialsException("Invalid IP Address");
    }
    final String name = auth.getName();
    final String password = auth.getCredentials().toString();
    
    if (name.equals("john") && password.equals("123")) {
    List<GrantedAuthority> authorities =new ArrayList<GrantedAuthority>();
    authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
    return new UsernamePasswordAuthenticationToken(name, password, authorities);
    }
    else{
        throw new BadCredentialsException("Invalid username or password");
    }
}
 

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
	if (event instanceof AuthenticationSuccessEvent) {
		log.debug("Authentication OK: {}", event.getAuthentication().getName());

		// Activity log
		Object details = event.getAuthentication().getDetails();
		String params = null;

		if (details instanceof WebAuthenticationDetails) {
			WebAuthenticationDetails wad = (WebAuthenticationDetails) details;
			params = wad.getRemoteAddress();
		} else if (GenericHolder.get() != null) {
			params = (String) GenericHolder.get();
		}

		// AUTOMATION - POST
		Map<String, Object> env = new HashMap<>();
		env.put(AutomationUtils.USER, event.getAuthentication().getName());
		try {
			AutomationManager.getInstance().fireEvent(AutomationRule.EVENT_USER_LOGIN, AutomationRule.AT_POST, env);
		} catch (Exception e) {
			log.info("Automation ERROR: {}", e.getCause());
		}

		UserActivity.log(event.getAuthentication().getName(), "LOGIN", null, null, params);
	} else if (event instanceof AuthenticationFailureBadCredentialsEvent) {
		log.info("Authentication ERROR: {}", event.getAuthentication().getName());
	}
}
 

public Message(MessageType type, String message)
{
   this.type = type;
   this.message = message;

   SecurityContext context = SecurityContextHolder.getContext ();
   if (context == null)
   {
      return;
   }
   Authentication auth =
      SecurityContextHolder.getContext ().getAuthentication ();
   if (auth == null)
   {
      return;
   }
   String user;
   if (auth.getDetails () instanceof WebAuthenticationDetails)
   {
      WebAuthenticationDetails details =
            (WebAuthenticationDetails) auth.getDetails ();
      user = "["+((User)auth.getPrincipal ()).getUsername () +
            " @ "+details.getRemoteAddress ()+"] ";
   }
   else
   {
      user = "["+auth.getPrincipal ().toString () + "] ";
   }
   this.message = user + message;
}
 

public boolean equals(Object obj) {
  if (obj instanceof WebAuthenticationDetails) {
    WebAuthenticationDetails rhs = (WebAuthenticationDetails) obj;

    if ((remoteAddress == null) && (rhs.getRemoteAddress() != null)) {
      return false;
    }

    if ((remoteAddress != null) && (rhs.getRemoteAddress() == null)) {
      return false;
    }

    if (remoteAddress != null) {
      if (!remoteAddress.equals(rhs.getRemoteAddress())) {
        return false;
      }
    }

    if ((sessionId == null) && (rhs.getSessionId() != null)) {
      return false;
    }

    if ((sessionId != null) && (rhs.getSessionId() == null)) {
      return false;
    }

    if (sessionId != null) {
      if (!sessionId.equals(rhs.getSessionId())) {
        return false;
      }
    }

    return true;
  }

  return false;
}
 

protected void process(AuthenticationSuccessEvent authSuccessEvent) {
Authentication auth = authSuccessEvent.getAuthentication();
WebAuthenticationDetails details = (WebAuthenticationDetails) auth
	.getDetails();
String remoteAddress = details != null ? details.getRemoteAddress()
	: "";
String sessionId = details != null ? details.getSessionId() : "";

Calendar cal = Calendar.getInstance();
logger.info("Login Successful:" + auth.getName() + " | Ip Address:"
		+ remoteAddress + " | sessionId=" + sessionId +  " | Epoch=" +cal.getTimeInMillis() );

// success logins are processed further in
// AKASecurityContextFormationFilter
   }
 

public String getUserIp(Authentication authentication) {
    if (authentication == null) {
        return "";
    }

    Object details = authentication.getDetails();

    if (!(details instanceof WebAuthenticationDetails)) {
        return "";
    }

    WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;

    return webDetails.getRemoteAddress();
}
 

public String getUserIp(Authentication authentication) {
    if (authentication == null) {
        return "";
    }

    Object details = authentication.getDetails();

    if (!(details instanceof WebAuthenticationDetails)) {
        return "";
    }

    WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;

    return webDetails.getRemoteAddress();
}
 

/**
 *
 * @return
 *      the ip of the connected client
 */
protected String getClientIpAddress() {
    WebAuthenticationDetails details =
            (WebAuthenticationDetails)SecurityContextHolder.getContext().getAuthentication().getDetails();
    return details.getRemoteAddress();
}