acegiを拡張して検証コードなどをサポート
主に汎用書き換え拡張authenticationProcessingFilterクラスで実現され、もちろんオープンソースフレームワークJCaptchaで検証コードを生成する
public class AuthenticationProcessingFilter implements Filter, InitializingBean, ApplicationEventPublisherAware {
public static final String ACEGI_SAVED_REQUEST_KEY = "ACEGI_SAVED_REQUEST_KEY";
public static final String ACEGI_SECURITY_LAST_EXCEPTION_KEY = "ACEGI_SECURITY_LAST_EXCEPTION";
public static final String ACEGI_SECURITY_FORM_USERNAME_KEY = "j_username";
public static final String ACEGI_SECURITY_FORM_PASSWORD_KEY = "j_password";
public static final String ACEGI_SECURITY_LAST_USERNAME_KEY = "ACEGI_SECURITY_LAST_USERNAME";
private ApplicationEventPublisher eventPublisher;
private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl();
private AuthenticationManager authenticationManager;
private String authenticationFailureUrl;
private String defaultTargetUrl;
private String filterProcessesUrl = getDefaultFilterProcessesUrl();
private boolean alwaysUseDefaultTargetUrl = false;
private RememberMeServices rememberMeServices = new NullRememberMeServices();
protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
private Properties exceptionMappings = new Properties();
private boolean continueChainBeforeSuccessfulAuthentication = false;
public boolean isContinueChainBeforeSuccessfulAuthentication() {
return continueChainBeforeSuccessfulAuthentication;
}
public void setContinueChainBeforeSuccessfulAuthentication(
boolean continueChainBeforeSuccessfulAuthentication) {
this.continueChainBeforeSuccessfulAuthentication = continueChainBeforeSuccessfulAuthentication;
}
public String getDefaultFilterProcessesUrl() {
return "/j_acegi_security_check";
}
public void destroy() {}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
if (!(request instanceof HttpServletRequest)) {
throw new ServletException("Can only process HttpServletRequest");
}
if (!(response instanceof HttpServletResponse)) {
throw new ServletException("Can only process HttpServletResponse");
}
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String username = obtainUsername(httpRequest);
String password = obtainPassword(httpRequest);
if (username == null) {
username = "";
}
if (password == null) {
password = "";
}
if (requiresAuthentication(httpRequest, httpResponse)) {
Authentication authResult;
try {
//
if(!onPreAuthentication(httpRequest, httpResponse)){
httpRequest.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY,
username);
throw new AuthenticationCodeException(" !");
}
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
password);
setDetails(httpRequest, authRequest);
httpRequest.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY,username);
authResult = this.getAuthenticationManager().authenticate(authRequest);
// Authentication success
if (continueChainBeforeSuccessfulAuthentication) {
filterChain.doFilter(httpRequest, httpResponse);
}
//
successfulAuthentication(httpRequest, httpResponse, authResult);
String targetUrl = alwaysUseDefaultTargetUrl ? null : obtainFullRequestUrl(httpRequest);
if (targetUrl == null) {
targetUrl = getDefaultTargetUrl();
}
if (!targetUrl.startsWith("http://") && !targetUrl.startsWith("https://")) {
targetUrl = httpRequest.getContextPath() + targetUrl;
}
httpResponse.sendRedirect(httpResponse.encodeRedirectURL(targetUrl));
return ;
} catch (AuthenticationException failed) {
// Authentication failed
unsuccessfulAuthentication(httpRequest, httpResponse, failed);
String failureUrl = exceptionMappings.getProperty(failed.getClass().getName(), authenticationFailureUrl);
if (!failureUrl.startsWith("http://") && !failureUrl.startsWith("https://")) {
failureUrl = httpRequest.getContextPath() + failureUrl;
}
httpResponse.sendRedirect(httpResponse.encodeRedirectURL(failureUrl));
return;
}
}
filterChain.doFilter(request, response);
}
public Authentication attemptAuthentication(HttpServletRequest request,HttpServletResponse response)
throws AuthenticationException, IOException{
String username = obtainUsername(request);
String password = obtainPassword(request);
// System.out.println("username: "+username +" passward:"+password) ;
if (username == null) {
username = "";
}
if (password == null) {
password = "";
}
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
password);
setDetails(request, authRequest);
request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY,
username);
return this.getAuthenticationManager().authenticate(authRequest);
}
protected void setDetails(HttpServletRequest request,
UsernamePasswordAuthenticationToken authRequest) {
authRequest.setDetails(new WebAuthenticationDetails(request));
}
protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) {
String uri = request.getRequestURI();
int pathParamIndex = uri.indexOf(';');
if (pathParamIndex > 0) {
uri = uri.substring(0, pathParamIndex);
}
return uri.endsWith(request.getContextPath() + filterProcessesUrl);
}
public void init(FilterConfig arg0) throws ServletException {}
public void afterPropertiesSet() throws Exception {}
public void setApplicationEventPublisher(ApplicationEventPublisher context) {
this.eventPublisher = context;
}
public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
this.authenticationDetailsSource = authenticationDetailsSource;
}
public boolean isAlwaysUseDefaultTargetUrl() {
return alwaysUseDefaultTargetUrl;
}
public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl) {
this.alwaysUseDefaultTargetUrl = alwaysUseDefaultTargetUrl;
}
public String getAuthenticationFailureUrl() {
return authenticationFailureUrl;
}
public void setAuthenticationFailureUrl(String authenticationFailureUrl) {
this.authenticationFailureUrl = authenticationFailureUrl;
}
public String getDefaultTargetUrl() {
return defaultTargetUrl;
}
public void setDefaultTargetUrl(String defaultTargetUrl) {
this.defaultTargetUrl = defaultTargetUrl;
}
public String getFilterProcessesUrl() {
return filterProcessesUrl;
}
public void setFilterProcessesUrl(String filterProcessesUrl) {
this.filterProcessesUrl = filterProcessesUrl;
}
protected String obtainPassword(HttpServletRequest request) {
String password=request.getParameter(ACEGI_SECURITY_FORM_PASSWORD_KEY);
if(password!=null){
return MD5.toMD5(request.getParameter(ACEGI_SECURITY_FORM_PASSWORD_KEY));
}
return password;
}
protected String obtainUsername(HttpServletRequest request) {
return request.getParameter(ACEGI_SECURITY_FORM_USERNAME_KEY);
}
//
protected boolean onPreAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException, IOException {
String randNum=request.getParameter("randNum");
String rand=(String)request.getSession().getAttribute("rand");
if(rand.equals(randNum)){
return true;
}
return false;
}
//
protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
Authentication authResult) throws IOException {}
protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
AuthenticationException failed) throws IOException {}
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
Authentication authResult) throws IOException {
//logger.info("Authentication success: " + authResult.toString());
SecurityContextHolder.getContext().setAuthentication(authResult);
onSuccessfulAuthentication(request, response, authResult);
rememberMeServices.loginSuccess(request, response, authResult);
// Fire event
if (this.eventPublisher != null) {
eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
}
}
protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
AuthenticationException failed) throws IOException {
SecurityContextHolder.getContext().setAuthentication(null);
//logger.info("Updated SecurityContextHolder to contain null Authentication");
try {
request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed);
} catch (Exception ignored) {}
onUnsuccessfulAuthentication(request, response, failed);
rememberMeServices.loginFail(request, response);
}
public static String obtainFullRequestUrl(HttpServletRequest request) {
SavedRequest savedRequest = (SavedRequest) request.getSession()
.getAttribute(ACEGI_SAVED_REQUEST_KEY);
return (savedRequest == null) ? null : savedRequest.getFullRequestUrl();
}
public Properties getExceptionMappings() {
return exceptionMappings;
}
public void setExceptionMappings(Properties exceptionMappings) {
this.exceptionMappings = exceptionMappings;
}
public MessageSourceAccessor getMessages() {
return messages;
}
public void setMessages(MessageSourceAccessor messages) {
this.messages = messages;
}
public RememberMeServices getRememberMeServices() {
return rememberMeServices;
}
public void setRememberMeServices(RememberMeServices rememberMeServices) {
this.rememberMeServices = rememberMeServices;
}
public ApplicationEventPublisher getEventPublisher() {
return eventPublisher;
}
public void setEventPublisher(ApplicationEventPublisher eventPublisher) {
this.eventPublisher = eventPublisher;
}
public AuthenticationDetailsSource getAuthenticationDetailsSource() {
return authenticationDetailsSource;
}
public AuthenticationManager getAuthenticationManager() {
return authenticationManager;
}
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
this.authenticationManager = authenticationManager;
}
}