CustomAuthenticationFailureHandler.java example

Explorer

demo-application-master
- itest
  - src
    - test
      - java
        com
        github
        kazuki43zoo
        AccountRegisterTest.java
        AuthenticationTest.java
        WelcomePageTest.java
        pages
        Page.java
        WelcomePage.java
        account
        AccountCreateFormPage.java
        AccountDetailPage.java
        AccountListPage.java
        auth
        LoginPage.java
        password
        PasswordChangePage.java
        parts
        LanguagePullDown.java
        LeftMenu.java
        UserMenuPullDown.java
        utils
        PageOperations.java
        WebElementOperations.java
- src
  - main
    - java
      - com
        github
        kazuki43zoo
        api
        date
        DateResource.java
        DateRestController.java
        error
        ApiError.java
        ApiErrorCreator.java
        ApiErrorPageController.java
        ApiGlobalExceptionHandler.java
        timecard
        DailyAttendanceResource.java
        TimeCardCalculateController.java
        TimeCardResource.java
        TimeCardRestController.java
        app
        account
        AccountForm.java
        AccountsController.java
        AccountsSearchQuery.java
        PasswordController.java
        PasswordForm.java
        ProfileController.java
        ProfileForm.java
        admin
        H2ConsoleController.java
        auth
        LoginController.java
        LoginForm.java
        LoginFormControllerAdvice.java
        LoginSharedHelper.java
        LogoutController.java
        error
        ErrorController.java
        timecard
        TimeCardController.java
        welcome
        HomeController.java
        core
        config
        ApplicationConfigs.java
        SecurityConfigs.java
        exception
        InvalidAccessException.java
        message
        Message.java
        security
        CurrentUser.java
        validation
        AccountId.java
        EqualsPropertyValues.java
        EqualsPropertyValuesValidator.java
        FirstName.java
        LastName.java
        NotEqualsPropertyValues.java
        NotEqualsPropertyValuesValidator.java
        Password.java
        domain
        model
        account
        Account.java
        AccountAuthenticationHistory.java
        AccountAuthority.java
        AccountPasswordHistory.java
        AccountPasswordLock.java
        AuthenticationType.java
        calendar
        FixedHoliday.java
        HappyMondayHoliday.java
        Holiday.java
        SeasonalHoliday.java
        timecard
        BreakTime.java
        DailyAttendance.java
        MidnightTime.java
        TimeCard.java
        WorkPlace.java
        repository
        PageParams.java
        account
        AccountRepository.java
        AccountsSearchCriteria.java
        calendar
        FixedHolidayRepository.java
        HappyMondayHolidayRepository.java
        SeasonalHolidayRepository.java
        timecard
        TimeCardRepository.java
        WorkPlaceRepository.java
        service
        account
        AccountService.java
        AccountServiceImpl.java
        AccountSharedService.java
        AccountSharedServiceImpl.java
        calendar
        CalendarSharedService.java
        CalendarSharedServiceImpl.java
        password
        PasswordService.java
        PasswordServiceImpl.java
        PasswordSharedService.java
        PasswordSharedServiceImpl.java
        security
        AuthenticationEventListeners.java
        AuthenticationSharedService.java
        AuthenticationSharedServiceImpl.java
        CustomAuthenticationDetails.java
        CustomUserDetails.java
        CustomUserDetailsService.java
        timecard
        TimeCardService.java
        TimeCardServiceImpl.java
        WorkPlaceSharedService.java
        WorkPlaceSharedServiceImpl.java
        infra
        dozer
        converter
        DateTimeConverter.java
        ImmutableObjectCopyConverter.java
        LocalDateConverter.java
        LocalTimeConverter.java
        jackson
        map
        EmptyStringSerializer.java
        mybatis
        spring
        AbstractRepositoryBeanNameGenerator.java
        BatchModeRepositoryBeanNameGenerator.java
        typehandler
        DateTimeTypeHandler.java
        LocalDateTypeHandler.java
        LocalTimeTypeHandler.java
        web
        CustomHttpHeaders.java
        mvc
        GlobalControllerAdvice.java
        security
        CustomAuthenticationDetailsSource.java
        CustomAuthenticationFailureHandler.java
        CustomLogoutSuccessHandler.java
        SessionAuthenticationStrategySynchronizer.java
        SessionEventListeners.java
  - test
    - java
      - com
        github
        kazuki43zoo
        domain
        model
        timecard
        BreakTimeTest.java
        DailyAttendanceTest.java
        MidnightTimeTest.java
        WorkPlaceTest.java

package com.github.kazuki43zoo.web.security;

import com.github.kazuki43zoo.core.config.SecurityConfigs;
import com.github.kazuki43zoo.core.message.Message;
import com.github.kazuki43zoo.domain.model.account.AccountAuthenticationHistory;
import com.github.kazuki43zoo.domain.model.account.AuthenticationType;
import com.github.kazuki43zoo.domain.service.security.AuthenticationSharedService;
import com.github.kazuki43zoo.domain.service.security.CustomAuthenticationDetails;
import org.dozer.Mapper;
import org.springframework.context.MessageSource;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.session.SessionAuthenticationException;
import org.terasoluna.gfw.common.exception.SystemException;

import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

    @Inject
    MessageSource messageSource;

    @Inject
    AuthenticationSharedService authenticationSharedService;

    @Inject
    SecurityConfigs securityConfigs;

    @Inject
    AuthenticationDetailsSource<HttpServletRequest, CustomAuthenticationDetails> authenticationDetailsSource;

    @Inject
    Mapper beanMapper;

    @Override
    public void onAuthenticationFailure(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException exception) throws IOException, ServletException {
        if (exception instanceof SessionAuthenticationException) {
            createConcurrentAuthenticationFailureHistory(request);
        }
        super.onAuthenticationFailure(request, response, exception);
    }

    private void createConcurrentAuthenticationFailureHistory(final HttpServletRequest request) {
        final String accountId = request.getParameter(securityConfigs.getUsernameParameter());
        final String message = Message.SECURITY_CONCURRENT_LOGIN.text(messageSource);
        final CustomAuthenticationDetails authenticationDetails = authenticationDetailsSource.buildDetails(request);
        final AccountAuthenticationHistory authenticationHistory = beanMapper.map(authenticationDetails, AccountAuthenticationHistory.class);
        authenticationSharedService.createAuthenticationFailureHistory(accountId, authenticationHistory, AuthenticationType.LOGIN, message);
    }

}