Apereo-Learning-Analytics-Initiative /
OpenLRW
| @@ 35-82 (lines=48) @@ | ||
| 32 | * |
|
| 33 | * Aug 3, 2016 |
|
| 34 | */ |
|
| 35 | public class AjaxLoginProcessingFilter extends AbstractAuthenticationProcessingFilter { |
|
| 36 | private static Logger logger = LoggerFactory.getLogger(AjaxLoginProcessingFilter.class); |
|
| 37 | ||
| 38 | private final AuthenticationSuccessHandler successHandler; |
|
| 39 | private final AuthenticationFailureHandler failureHandler; |
|
| 40 | ||
| 41 | private final ObjectMapper objectMapper; |
|
| 42 | ||
| 43 | public AjaxLoginProcessingFilter(String defaultProcessUrl, AuthenticationSuccessHandler successHandler, |
|
| 44 | AuthenticationFailureHandler failureHandler, ObjectMapper mapper) { |
|
| 45 | super(defaultProcessUrl); |
|
| 46 | this.successHandler = successHandler; |
|
| 47 | this.failureHandler = failureHandler; |
|
| 48 | this.objectMapper = mapper; |
|
| 49 | } |
|
| 50 | ||
| 51 | @Override |
|
| 52 | public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) |
|
| 53 | throws AuthenticationException, IOException, ServletException { |
|
| 54 | if (!HttpMethod.POST.name().equals(request.getMethod()) || !WebUtil.isAjax(request)) { |
|
| 55 | if(logger.isDebugEnabled()) { |
|
| 56 | logger.debug("Authentication method not supported. Request method: " + request.getMethod()); |
|
| 57 | } |
|
| 58 | throw new AuthMethodNotSupportedException("Authentication method not supported"); |
|
| 59 | } |
|
| 60 | ||
| 61 | LoginRequest loginRequest = objectMapper.readValue(request.getReader(), LoginRequest.class); |
|
| 62 | ||
| 63 | if (StringUtils.isBlank(loginRequest.getUsername()) || StringUtils.isBlank(loginRequest.getPassword())) { |
|
| 64 | throw new AuthenticationServiceException("Username or Password not provided"); |
|
| 65 | } |
|
| 66 | ||
| 67 | UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword()); |
|
| 68 | ||
| 69 | return this.getAuthenticationManager().authenticate(token); |
|
| 70 | } |
|
| 71 | ||
| 72 | @Override |
|
| 73 | protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, |
|
| 74 | Authentication authResult) throws IOException, ServletException { |
|
| 75 | successHandler.onAuthenticationSuccess(request, response, authResult); |
|
| 76 | } |
|
| 77 | ||
| 78 | @Override |
|
| 79 | protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, |
|
| 80 | AuthenticationException failed) throws IOException, ServletException { |
|
| 81 | SecurityContextHolder.clearContext(); |
|
| 82 | failureHandler.onAuthenticationFailure(request, response, failed); |
|
| 83 | } |
|
| 84 | } |
|
| 85 | ||
| @@ 29-76 (lines=48) @@ | ||
| 26 | ||
| 27 | import com.fasterxml.jackson.databind.ObjectMapper; |
|
| 28 | ||
| 29 | public class AdminUserProcessingFilter extends AbstractAuthenticationProcessingFilter { |
|
| 30 | private static Logger logger = LoggerFactory.getLogger(AjaxLoginProcessingFilter.class); |
|
| 31 | ||
| 32 | private final AuthenticationSuccessHandler successHandler; |
|
| 33 | private final AuthenticationFailureHandler failureHandler; |
|
| 34 | ||
| 35 | private final ObjectMapper objectMapper; |
|
| 36 | ||
| 37 | public AdminUserProcessingFilter(String defaultProcessUrl, AuthenticationSuccessHandler successHandler, |
|
| 38 | AuthenticationFailureHandler failureHandler, ObjectMapper mapper) { |
|
| 39 | super(defaultProcessUrl); |
|
| 40 | this.successHandler = successHandler; |
|
| 41 | this.failureHandler = failureHandler; |
|
| 42 | this.objectMapper = mapper; |
|
| 43 | } |
|
| 44 | ||
| 45 | @Override |
|
| 46 | public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, |
|
| 47 | ServletException { |
|
| 48 | if (!HttpMethod.POST.name().equals(request.getMethod()) || !WebUtil.isAjax(request)) { |
|
| 49 | if (logger.isDebugEnabled()) { |
|
| 50 | logger.debug("Authentication method not supported. Request method: " + request.getMethod()); |
|
| 51 | } |
|
| 52 | throw new AuthMethodNotSupportedException("Authentication method not supported"); |
|
| 53 | } |
|
| 54 | ||
| 55 | LoginRequest loginRequest = objectMapper.readValue(request.getReader(), LoginRequest.class); |
|
| 56 | ||
| 57 | if (StringUtils.isBlank(loginRequest.getUsername()) || StringUtils.isBlank(loginRequest.getPassword())) { |
|
| 58 | throw new AuthenticationServiceException("Username or Password not provided"); |
|
| 59 | } |
|
| 60 | ||
| 61 | AdminUserAuthenticationToken token = new AdminUserAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword()); |
|
| 62 | ||
| 63 | return this.getAuthenticationManager().authenticate(token); |
|
| 64 | } |
|
| 65 | ||
| 66 | @Override |
|
| 67 | protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) |
|
| 68 | throws IOException, ServletException { |
|
| 69 | successHandler.onAuthenticationSuccess(request, response, authResult); |
|
| 70 | } |
|
| 71 | ||
| 72 | @Override |
|
| 73 | protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) |
|
| 74 | throws IOException, ServletException { |
|
| 75 | SecurityContextHolder.clearContext(); |
|
| 76 | failureHandler.onAuthenticationFailure(request, response, failed); |
|
| 77 | } |
|
| 78 | } |
|
| 79 | ||
