@EventListener for AuthenticationSuccessEvent or InteractiveAuthenticationSuccessEvent not fired

前端 未结 2 563
爱一瞬间的悲伤
爱一瞬间的悲伤 2021-02-13 21:37

I have this listener in the context of Spring:

package listeners;

import java.util.Date;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.spr         


        
相关标签:
2条回答
  • 2021-02-13 21:57

    You may need to register the event-publishing infrastructure (eg. by configuring a DefaultAuthenticationEventPublisher).

    @EnableWebSecurity
    class SecurityConfig extends WebSecurityConfigurerAdapter {
    
        ...
    
        @Autowired
        public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
            auth
                .authenticationEventPublisher(authenticationEventPublisher())
                .userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder());
        }   
    
        @Bean
        public DefaultAuthenticationEventPublisher authenticationEventPublisher() {
            return new DefaultAuthenticationEventPublisher();
        }
    }
    
    0 讨论(0)
  • 2021-02-13 22:02

    This is how i achieved it.

    1) In your Application class, expose your application listener like

    @Bean
    public ApplicationListener applicationListener(){
        return new AuthSuccessApplicationListener();
    }
    

    2) Implement AuthSuccessApplicationListener for example

    public class AuthSuccessApplicationListener implements 
    ApplicationListener<InteractiveAuthenticationSuccessEvent>{
    
    @Autowired(required=false)
    HttpSession httpSession;
    
    @Autowired
    Environment env;
    
    /**
     * Handle an application event.
     *
     * @param appEvent the event to respond to
     */
    @Override
    public void onApplicationEvent(InteractiveAuthenticationSuccessEvent appEvent) {
    
        if (appEvent!=null) {
            LdapUserDetailsImpl ldapUserDetailsImpl = (LdapUserDetailsImpl) appEvent.getAuthentication().getPrincipal();
        try {
                if (ldapUserDetailsImpl != null) {
    
                    logger.info("Session Created for " + ldapUserDetailsImpl.getUsername());
    
                    if (httpSession.getAttribute("adminUser") == null) {
                        // check user is admin and set into session
                        if (isAdminUser(ldapUserDetailsImpl.getUsername())) {
                            httpSession.setAttribute("adminUser", "ADMIN_USER");
                            Authentication auth = SecurityContextHolder.getContext().getAuthentication();
                            List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(auth.getAuthorities());
                            // Add the ROLE_ADMIN into Authorities
                            authorities.add(new SimpleGrantedAuthority(SecurityConfig.ADMIN));
                            // Create a new Authentication based on current principal and authorities and set into Security Context
                            Authentication newAuth = new UsernamePasswordAuthenticationToken(auth.getPrincipal(), auth.getCredentials(), authorities);
                            SecurityContextHolder.getContext().setAuthentication(newAuth);
                        }
                    }
                }
            } catch (Exception e) {
                logger.error("Exception occurred : " + e.getMessage());
            }
        }
    }
    
    0 讨论(0)
提交回复
热议问题