← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 13306: logging for expired accounts

 

------------------------------------------------------------
revno: 13306
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2013-12-18 14:58:51 +0100
message:
  logging for expired accounts
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java
  dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java	2013-08-23 15:56:19 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/useraudit/UserAuditService.java	2013-12-18 13:58:51 +0000
@@ -38,4 +38,6 @@
     void registerLogout( String username );
     
     void registerLoginFailure( String username, String ip );
+
+    void registerLoginExpired( String username, String ip );
 }

=== modified file 'dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java'
--- dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java	2013-08-23 16:00:30 +0000
+++ dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/useraudit/DefaultUserAuditService.java	2013-12-18 13:58:51 +0000
@@ -30,7 +30,6 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.transaction.annotation.Transactional;
 
 /**
  * @author Saptarshi Purkayastha
@@ -58,9 +57,14 @@
     }
 
     @Override
-    @Transactional
     public void registerLoginFailure( String username, String ip )
     {
         log.info( "Login failure for user: '" + username + "', ip: '" + ip + "'" );
     }
+
+    @Override
+    public void registerLoginExpired( String username, String ip )
+    {
+        log.info( "Login failure (account expired) for user: '" + username + "', ip: '" + ip + "'" );
+    }
 }

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java	2013-08-23 16:05:01 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java	2013-12-18 13:58:51 +0000
@@ -78,10 +78,8 @@
             throw new UsernameNotFoundException( "Username does not exist" );
         }
 
-        User user = new User( credentials.getUsername(), credentials.getPassword(), 
+        return new User( credentials.getUsername(), credentials.getPassword(),
             !credentials.isDisabled(), true, true, true, getGrantedAuthorities( credentials ) );
-        
-        return user;
     }
 
     // -------------------------------------------------------------------------

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java	2013-08-23 16:05:01 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/listener/AuthenticationListener.java	2013-12-18 13:58:51 +0000
@@ -33,6 +33,7 @@
 import org.springframework.context.ApplicationEvent;
 import org.springframework.context.ApplicationListener;
 import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
+import org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent;
 import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.web.authentication.WebAuthenticationDetails;
@@ -49,12 +50,12 @@
     // -------------------------------------------------------------------------
 
     private UserAuditService userAuditService;
-    
+
     public void setUserAuditService( UserAuditService userAuditService )
     {
         this.userAuditService = userAuditService;
     }
-    
+
     private UserService userService;
 
     public void setUserService( UserService userService )
@@ -69,27 +70,35 @@
     public void onApplicationEvent( ApplicationEvent applicationEvent )
     {
         Assert.notNull( applicationEvent );
-        
+
         if ( applicationEvent instanceof AuthenticationSuccessEvent )
         {
             AuthenticationSuccessEvent event = (AuthenticationSuccessEvent) applicationEvent;
-            
+
             String username = ((UserDetails) event.getAuthentication().getPrincipal()).getUsername();
 
             WebAuthenticationDetails details = (WebAuthenticationDetails) event.getAuthentication().getDetails();
-            
+
             String ip = details != null ? details.getRemoteAddress() : "";
-            
+
             userAuditService.registerLoginSuccess( username, ip );
-            
+
             userService.setLastLogin( username );
         }
+        else if ( applicationEvent instanceof AuthenticationFailureExpiredEvent )
+        {
+            AuthenticationFailureExpiredEvent event = (AuthenticationFailureExpiredEvent) applicationEvent;
+
+            WebAuthenticationDetails details = (WebAuthenticationDetails) event.getAuthentication().getDetails();
+
+            userAuditService.registerLoginExpired( (String) event.getAuthentication().getPrincipal(), details.getRemoteAddress() );
+        }
         else if ( applicationEvent instanceof AbstractAuthenticationFailureEvent )
         {
             AbstractAuthenticationFailureEvent event = (AbstractAuthenticationFailureEvent) applicationEvent;
 
             WebAuthenticationDetails details = (WebAuthenticationDetails) event.getAuthentication().getDetails();
-            
+
             userAuditService.registerLoginFailure( (String) event.getAuthentication().getPrincipal(), details.getRemoteAddress() );
         }
     }