package com.lm.it.sec.security.mobile;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.authentication.*;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
import org.springframework.security.core.userdetails.UserCache;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsChecker;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.core.userdetails.cache.NullUserCache;
import org.springframework.util.Assert;
/**
* @see org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
*/
public abstract class AbstractMobileUserDetailsAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
protected final Log logger = LogFactory.getLog(getClass());
protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
private UserCache userCache = new NullUserCache();
private boolean forcePrincipalAsString = false;
protected boolean hideMobileNotFoundExceptions = true;
private UserDetailsChecker preAuthenticationChecks = new AbstractMobileUserDetailsAuthenticationProvider.DefaultPreAuthenticationChecks();
private UserDetailsChecker postAuthenticationChecks = new AbstractMobileUserDetailsAuthenticationProvider.DefaultPostAuthenticationChecks();
private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
/**
* Allows subclasses to perform any additional checks of a returned (or cached)
* <code>UserDetails</code> for a given authentication request. Generally a subclass
* will at least compare the {@link Authentication#getCredentials()} with a
* {@link UserDetails#getPassword()}. If custom logic is needed to compare additional
* properties of <code>UserDetails</code> and/or
* <code>UsernamePasswordAuthenticationToken</code>, these should also appear in this
* method.
*
* @param userDetails as retrieved from the
* {@link #retrieveUser(String, CustomMobileAuthenticationToken)} or
* <code>UserCache</code>
* @param authentication the current request that needs to be authenticated
* @throws AuthenticationException AuthenticationException if the credentials could
* not be validated (generally a <code>BadCredentialsException</code>, an
* <code>AuthenticationServiceException</code>)
*/
protected abstract void additionalAuthenticationChecks(UserDetails userDetails,
CustomMobileAuthenticationToken authentication) throws AuthenticationException;
@Override
public final void afterPropertiesSet() throws Exception {
Assert.notNull(this.userCache, "A user cache must be set");
Assert.notNull(this.messages, "A message source must be set");
doAfterPropertiesSet();
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
Assert.isInstanceOf(CustomMobileAuthenticationToken.class, authentication,
() -> this.messages.getMessage("AbstractMobileUserDetailsAuthenticationProvider.onlySupports",
"Only CustomMobileAuthenticationToken is supported"));
String username = determineUsername(authentication);
boolean cacheWasUsed = true;
UserDetails user = this.userCache.getUserFromCache(username);
if (user == null) {
cacheWasUsed = false;
try {
user = retrieveUser(username, (CustomMobileAuthenticationToken) authentication);
} catch (UsernameNotFoundException ex) {
this.logger.debug("Failed to find user '" + username + "'");
if (!this.hideMobileNotFoundExceptions) {
throw ex;
}
throw new BadCredentialsException(this.messages
.getMessage("AbstractMobileUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
Assert.notNull(user, "retrieveUser returned null - a violation of the interface contract");
}
try {
this.preAuthenticationChecks.check(user);
additionalAuthenticationChecks(user, (CustomMobileAuthenticationToken) authentication);
} catch (AuthenticationException ex) {
if (!cacheWasUsed) {
throw ex;
}
// There was a problem, so try again after checking
// we're using latest data (i.e. not from the cache)
cacheWasUsed = false;
user = retrieveUser(username, (CustomMobileAuthenticationToken) authentication);
this.preAuthenticationChecks.check(user);
additionalAuthenticationChecks(user, (CustomMobileAuthenticationToken) authentication);
}
this.postAuthenticationChecks.check(user);
if (!cacheWasUsed) {
this.userCache.putUserInCache(user);
}
Object principalToReturn = user;
if (this.forcePrincipalAsString) {
principalToReturn = user.getUsername();
}
return createSuccessAuthentication(principalToReturn, authentication, user);
}
private String determineUsername(Authentication authentication) {
return (authentication.getPrincipal() == null) ? "NONE_PROVIDED" : authentication.getName();
}
/**
* Creates a successful {@link Authentication} object.
* <p>
* Protected so subclasses can override.
* </p>
* <p>
* Subclasses will usually store the original credentials the user supplied (not
* salted or encoded passwords) in the returned <code>Authentication</code> object.
* </p>
*
* @param principal that should be the principal in the returned object (defined by
* the {@link #isForcePrincipalAsString()} method)
* @param authentication that was presented to the provider for validation
* @param user that was loaded by the implementation
* @return the successful authentication token
*/
protected Authentication createSuccessAuthentication(Object principal, Authentication authentication,
UserDetails user) {
// Ensure we return the original credentials the user supplied,
// so subsequent attempts are successful even with encoded passwords.
// Also ensure we return the original getDetails(), so that future
// authentication events after cache expiry contain the details
CustomMobileAuthenticationToken result = new CustomMobileAuthenticationToken(principal,
authentication.getCredentials(), this.authoritiesMapper.mapAuthorities(user.getAuthorities()));
result.setDetails(authentication.getDetails());
this.logger.debug("Authenticated user");
return result;
}
protected void doAfterPropertiesSet() throws Exception {
}
public UserC
lm-springsecurity.rar (80个子文件) 
lm-springsecurity 
pom.xml 6KB src main resources sql securitydb.sql 3KB mapper UserMapper.myql.xml 5KB application.properties 3KB jwt jwt.properties 251B templates 
exception.html 425B login.html 9KB index.html 1KB log4j2.xml 5KB static font font_1475912685_3576825.ttf 24KB font_1465353706_4784257.ttf 8KB font_1408947319_9759417.woff 7KB font_1475912685_3576825.eot 24KB
font_1404888168_2057645.svg 8KB font_1408947319_9759417.ttf 12KB font_1408947319_9759417.eot 12KB font_1451959379_8626566.woff 18KB font_1451959379_8626566.eot 30KB font_1404888168_2057645.woff 5KB font_1475912685_3576825.woff 15KB font_1465353706_4784257.svg 8KB font_1451959379_8626566.svg 36KB font_1465353706_4784257.eot 8KB font_1475912685_3576825.svg 30KB font_1404888168_2057645.eot 8KB font_1465353706_4784257.woff 5KB font_1451959379_8626566.ttf 29KB font_1404888168_2057645.ttf 8KB font_1408947319_9759417.svg 11KB js jquery-3.6.0.js 292KB jquery-3.6.0.min.js 87KB img 
lg-bg.png 145KB
wj.gif 3KB css icon.css 4KB public.css 1KB login.css 5KB application-dev.properties 0B META-INF spring.factories 127B java com lm it sec Application.java 446B constant SecurityConstant.java 315B wrapper CustomHttpServletRequestWrapper.java 2KB mapper UserMapper.java 776B security CustomAuthenticationFailureHandler.java 1KB CustomErrorAuthenticationEntryPoint.java 1KB username CustomUsernameAuthenticationProvider.java 6KB CustomUsernameAuthenticationFilter.java 6KB mobile AbstractMobileUserDetailsAuthenticationProvider.java 15KB CustomMobileAuthenticationFilter.java 7KB CustomMobileAuthenticationToken.java 2KB CustomMobileAuthenticationProvider.java 7KB CustomAccessDeniedHandler.java 1KB CustomAuthenticationSuccessHandler.java 2KB CustomUserDetailsSerivce.java 3KB CustomLogoutSuccessHandler.java 1KB CustomAuthenticationDetailsSource.java 1KB PlainTextPasswordEncoder.java 456B CustomWebAuthenticationDetails.java 3KB rememberme CustomPersistentTokenBasedRememberMeServices.java 7KB configuration DruidConfiguration.java 12KB DataSourceTransactionConfiguration.java 963B SecurityConfiguration.java 11KB RedisConfiguration.java 4KB FilterRegistryConfiguration.java 3KB MapperScannerConfiguration.java 2KB MybatisConfiguration.java 3KB controller ViewController.java 1KB jwt JwtService.java 1KB impl JwtServiceImpl.java 6KB config JwtHeaderConfig.java 490B JwtPlayloadConfig.java 702B JwtConfig.java 1KB JwtValidityConfig.java 637B service UserService.java 713B impl UserServiceImpl.java 899B filter CustomHttpServletRequestWrapperFilter.java 1KB listener ApplicationStartedEventListener.java 1KB CustomEnvironmentPostProcessor.java 1KB util SpringMvcUtil.java 5KB JsonUtil.java 820B ApplicationContextHelper.java 2KB资源评论
流华追梦
- 粉丝: 1w+
- 资源: 3850
最新资源
- C#开发Bartender模板打印WPF 1. 电脑上安装对应打印机的驱动 2. 安装Bartender软件,必须安装,不然无法打印 3. 使用Bartender制作打印模板
- 基于Python+LSTM的文本情感分析系统源码+全部资料(高分项目)
- 自测使用,使用eclipse运行
- c语言简单圣诞树图案代码
- C#winform 千万级数据读写操作处理.zip(sqllite\sql)
- C# 远程写入文件接口.zip
- Mentor常规设置及物料BOM导出操作指南
- 基于一种低通滤波反电势观测器的永磁同步电机无感FOC 采用的反电势观测器相比传统的SMO、龙伯格等反电势观测方法,在算法结构上更加简单,参数调节容易,只有一个参数 1.提供算法对应的参考文献和仿真模
- 船舶检测27-YOLO(v5至v11)、COCO数据集合集.rar
- dthfyjfuygugugg
- 遥感图像分割 UDD6城市无人机数据集.zip
- C# winform-Modbus协议扫码上位机.zip
- 基于Python+LSTM的文本情感分析系统源码(95分以上大作业)
- 基于自抗扰控制器ADRC的永磁同步电机FOC 1.转速环采用ADRC,和传统PI进行对比来分析ADRC控制性能的优越性 对ADRC中的ESO进行改进,进一步提高了ADRC性能 2.提供算法对应的参
- 铁片排列机sw18可编辑全套技术开发资料100%好用.zip
- C# WPF西门子200SMART拉力测试上位机.zip
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
