caching - Spring JAAS Authentication with database authorization -

-

i using spring security 4.0. login module configured in application server have authentication using jaas user details stored in database, once authenticated user object created querying database. please let me know how achieve i.e. ldap authentication , load user details database. how cache user object using eh-cache, user object can accessed in service / dao layer.

this can achieved using customauthentication provider. below codes.

import java.util.arrays; import java.util.list;  import org.springframework.security.authentication.authenticationprovider; import org.springframework.security.authentication.badcredentialsexception; import org.springframework.security.authentication.usernamepasswordauthenticationtoken; import org.springframework.security.authentication.dao.daoauthenticationprovider; import org.springframework.security.authentication.jaas.jaasgrantedauthority; import org.springframework.security.core.authentication; import org.springframework.security.core.authenticationexception; import org.springframework.security.core.grantedauthority; import org.springframework.security.core.userdetails.userdetails;  import com.sun.security.auth.userprincipal;  public class customautenticationprovider extends daoauthenticationprovider implements authenticationprovider {     private authenticationprovider delegate;      public customautenticationprovider(authenticationprovider delegate) {         this.delegate = delegate;     }      @override     public authentication authenticate(authentication authentication) {         authentication = delegate.authenticate(authentication);          if(a.isauthenticated()){             = super.authenticate(a);         }else{             throw new badcredentialsexception(messages.getmessage(                     "abstractuserdetailsauthenticationprovider.badcredentials",                     "bad credentials"));         }          return a;     }      private list<grantedauthority> loadrolesfromdatabasehere(string name) {         grantedauthority grantedauthority =new jaasgrantedauthority(name, new userprincipal(name));         return arrays.aslist(grantedauthority);     }      @override     public boolean supports(class<?> authentication) {         return delegate.supports(authentication);     }      /* (non-javadoc)      * @see org.springframework.security.authentication.dao.daoauthenticationprovider#additionalauthenticationchecks(org.springframework.security.core.userdetails.userdetails, org.springframework.security.authentication.usernamepasswordauthenticationtoken)      */     @override     protected void additionalauthenticationchecks(userdetails userdetails,             usernamepasswordauthenticationtoken authentication)                     throws authenticationexception {           if(!authentication.isauthenticated())             throw new badcredentialsexception(messages.getmessage(                     "abstractuserdetailsauthenticationprovider.badcredentials",                     "bad credentials"));       } }

userdetails required daoauthentication

import org.springframework.security.core.userdetails.userdetails; import org.springframework.security.core.userdetails.userdetailsservice; import org.springframework.security.core.userdetails.usernamenotfoundexception; import org.springframework.stereotype.component;  import com.testjaas.model.user; import com.testjaas.model.userrepositoryuserdetails;   @component public class authuserdetailsservice implements userdetailsservice {       @override     public userdetails loaduserbyusername(string username) throws usernamenotfoundexception {         system.out.println("loaduserbyusername called !!");         com.testjaas.model.user user = new user();         user.setname(username);         user.setuserrole("role_administrator");         if(null == user) {             throw new usernamenotfoundexception("user " + username + " not found.");         }          return new userrepositoryuserdetails(user);     }   }

rolegrantor - dummy class required spring jaas authentication

import java.security.principal; import java.util.collections; import java.util.hashmap; import java.util.map; import java.util.set;  import org.springframework.security.authentication.jaas.authoritygranter;  public class rolegranterfrommap implements authoritygranter {      private static map<string, string> user_roles = new hashmap<string, string>();      static {         user_roles.put("test", "role_administrator");         //user_roles.put("test", "true");     }      public set<string> grant(principal principal) {         return collections.singleton("dummy");     } }

samplelogin - should replaced login module

import java.io.serializable; import java.security.principal; import java.util.hashmap; import java.util.map;  import javax.security.auth.subject; import javax.security.auth.callback.callback; import javax.security.auth.callback.callbackhandler; import javax.security.auth.callback.namecallback; import javax.security.auth.callback.passwordcallback; import javax.security.auth.login.loginexception; import javax.security.auth.spi.loginmodule;  public class sampleloginmodule implements loginmodule {      private subject subject;     private string password;     private string username;     private static map<string, string> user_passwords = new hashmap<string, string>();      static {         user_passwords.put("test", "test");     }      public boolean abort() throws loginexception {         return true;     }      public boolean commit() throws loginexception {         return true;     }      public void initialize(subject subject, callbackhandler callbackhandler,             map<string, ?> sharedstate, map<string, ?> options) {         this.subject = subject;          try {             namecallback namecallback = new namecallback("prompt");             passwordcallback passwordcallback = new passwordcallback("prompt",false);              callbackhandler.handle(new callback[] { namecallback,passwordcallback });              this.password = new string(passwordcallback.getpassword());             this.username = namecallback.getname();         } catch (exception e) {             throw new runtimeexception(e);         }     }      public boolean login() throws loginexception {          if (user_passwords.get(username) == null                 || !user_passwords.get(username).equals(password)) {             throw new loginexception("username not equal password");         }          subject.getprincipals().add(new customprincipal(username));         return true;     }      public boolean logout() throws loginexception {         return true;     }      private static class customprincipal implements principal, serializable {         private final string username;          public customprincipal(string username) {             this.username = username;         }          public string getname() {             return username;         }     }  }

spring xml configuration

<?xml version="1.0" encoding="utf-8"?> <beans xmlns="http://www.springframework.org/schema/beans"     xmlns:security="http://www.springframework.org/schema/security"     xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"     xmlns:jdbc="http://www.springframework.org/schema/jdbc"     xsi:schemalocation="http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd         http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">     <security:http auto-config="true">         <security:intercept-url pattern="/*" access="isauthenticated()"/>     </security:http>     <!-- <security:authentication-manager>         <security:authentication-provider ref="jaasauthprovider" />     </security:authentication-manager> -->      <bean id="userdetailsservice" class="com.testjaas.service.authuserdetailsservice"></bean>     <bean id="testservice" class="com.testjaas.service.testservice"/>     <bean id="applicationcontextprovider" class="com.testjaas.util.applicationcontextprovider"></bean>      <security:authentication-manager>         <security:authentication-provider ref="customauthprovider"/>     </security:authentication-manager>      <bean id="customauthprovider" class="com.testjaas.security.customautenticationprovider">         <constructor-arg name="delegate" ref="jaasauthprovider" />         <property name="userdetailsservice" ref="userdetailsservice" />     </bean>      <bean id="jaasauthprovider" class="org.springframework.security.authentication.jaas.jaasauthenticationprovider">         <property name="loginconfig" value="classpath:pss_jaas.config" />         <property name="authoritygranters">             <list>                 <bean class="com.testjaas.security.rolegranterfrommap" />             </list>         </property>         <property name="logincontextname" value="jassauth" />         <property name="callbackhandlers">             <list>                 <bean class="org.springframework.security.authentication.jaas.jaasnamecallbackhandler" />                 <bean class="org.springframework.security.authentication.jaas.jaaspasswordcallbackhandler" />             </list>         </property>     </bean> </beans>

sample jaas config

jassauth {   com.testjaas.security.sampleloginmodule required; };

Comments

Post a Comment

Popular posts from this blog

Fail to load namespace Spring Security http://www.springframework.org/security/tags -

-
i have problem namespace of spring security on xhtml page. don't understand why can't load uri, , have following issue: whitelabel error page application has no explicit mapping /error, seeing fallback. tue jul 21 16:58:12 utc 2015 there unexpected error (type=not found, status=404). please need help! possible uri has been changed? best regards you using incorrect namespace url. correct url http://www.springframework.org/schema/security the error page seeing spring source website since not recognize url. try visiting http://www.springsource.org/security/tags in browser update : spring security tags used in jsp page correct tag lib declaration is: <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
Read more

sql - MySQL query optimization using coalesce -

-
can explain me why second query faster first? (first 1 takes around 40 seconds, second 1 less 0.1) select releases.feature_code, releases.platform_id, version, release_date, general_available, uri, filesize, display_name, feature_name.full_name, if ((select exists(select 1 release_exceptions releases.feature_code = release_exceptions.feature_code , releases.platform_id = release_exceptions.platform_id , releases.version = release_exceptions.version) = 1), 1, 0) release_exceptions releases left outer join platform using(platform_id) left outer join feature_name using(feature_code) order version desc; ~~~ query 2 ------------------ ~~~ select feature_code, version, release_date, general_available, platform_id, uri, filesize, display_name, feature_name.full_name, coalesce(release_exceptions, 0) release_exceptions mus.releases left outer join ( select distinct feature_code, version, platform_id, 1 release_exceptions mus.release_exceptions ) release_exceptions using ...
Read more

unity3d - Unity local avoidance in user created world -

-
i'm using unity3d networked multiplayer online game have large complex 3d terrain scene forest, trees, cliff, hills, mountains, bounders, etc. players can build structures sort of minecraft, , put them anywhere in scene, or move them around anytime. aside human controlled players, there automated ai players , objects animals roaming around scene following path. the problem how make these automated ai players , animals, able navigate around static , dynamic player created structures, because path follow can blocked player created structures, or other players , other ai objects, cliffs etc. have find away around them or on track if tumble down off high cliff example. so made navmesh , used navagents, takes care of static, non moving objects, how make ai players navigate around each other , dynamic structures created players can number in hundreds? i thought of adding navmeshobstacle everything, result in being attached hundreds of objects since user created structures b...
Read more