dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #26874
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 13306: logging for expired accounts
------------------------------------------------------------
revno: 13306
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2013-12-18 14:58:51 +0100
message:
logging for expired accounts
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java
dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java 2013-08-23 15:56:19 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java 2013-12-18 13:58:51 +0000
@@ -38,4 +38,6 @@
void registerLogout( String username );
void registerLoginFailure( String username, String ip );
+
+ void registerLoginExpired( String username, String ip );
}
=== modified file 'dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java'
--- dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java 2013-08-23 16:00:30 +0000
+++ dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java 2013-12-18 13:58:51 +0000
@@ -30,7 +30,6 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.springframework.transaction.annotation.Transactional;
/**
* @author Saptarshi Purkayastha
@@ -58,9 +57,14 @@
}
@Override
- @Transactional
public void registerLoginFailure( String username, String ip )
{
log.info( "Login failure for user: '" + username + "', ip: '" + ip + "'" );
}
+
+ @Override
+ public void registerLoginExpired( String username, String ip )
+ {
+ log.info( "Login failure (account expired) for user: '" + username + "', ip: '" + ip + "'" );
+ }
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java 2013-08-23 16:05:01 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java 2013-12-18 13:58:51 +0000
@@ -78,10 +78,8 @@
throw new UsernameNotFoundException( "Username does not exist" );
}
- User user = new User( credentials.getUsername(), credentials.getPassword(),
+ return new User( credentials.getUsername(), credentials.getPassword(),
!credentials.isDisabled(), true, true, true, getGrantedAuthorities( credentials ) );
-
- return user;
}
// -------------------------------------------------------------------------
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java 2013-08-23 16:05:01 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java 2013-12-18 13:58:51 +0000
@@ -33,6 +33,7 @@
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
+import org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
@@ -49,12 +50,12 @@
// -------------------------------------------------------------------------
private UserAuditService userAuditService;
-
+
public void setUserAuditService( UserAuditService userAuditService )
{
this.userAuditService = userAuditService;
}
-
+
private UserService userService;
public void setUserService( UserService userService )
@@ -69,27 +70,35 @@
public void onApplicationEvent( ApplicationEvent applicationEvent )
{
Assert.notNull( applicationEvent );
-
+
if ( applicationEvent instanceof AuthenticationSuccessEvent )
{
AuthenticationSuccessEvent event = (AuthenticationSuccessEvent) applicationEvent;
-
+
String username = ((UserDetails) event.getAuthentication().getPrincipal()).getUsername();
WebAuthenticationDetails details = (WebAuthenticationDetails) event.getAuthentication().getDetails();
-
+
String ip = details != null ? details.getRemoteAddress() : "";
-
+
userAuditService.registerLoginSuccess( username, ip );
-
+
userService.setLastLogin( username );
}
+ else if ( applicationEvent instanceof AuthenticationFailureExpiredEvent )
+ {
+ AuthenticationFailureExpiredEvent event = (AuthenticationFailureExpiredEvent) applicationEvent;
+
+ WebAuthenticationDetails details = (WebAuthenticationDetails) event.getAuthentication().getDetails();
+
+ userAuditService.registerLoginExpired( (String) event.getAuthentication().getPrincipal(), details.getRemoteAddress() );
+ }
else if ( applicationEvent instanceof AbstractAuthenticationFailureEvent )
{
AbstractAuthenticationFailureEvent event = (AbstractAuthenticationFailureEvent) applicationEvent;
WebAuthenticationDetails details = (WebAuthenticationDetails) event.getAuthentication().getDetails();
-
+
userAuditService.registerLoginFailure( (String) event.getAuthentication().getPrincipal(), details.getRemoteAddress() );
}
}
