java - Why the event AbstractAuthenticationFailureEvent is never triggered in spring security? -

-

i use spring 4.0.2.release spring security 3.2.5.release, use because when started project spring security 4.0.0 in snapshot. have tried spring 4.2.0.release , spring security 4.0.2.release event abstractauthenticationfailureevent never triggered.

this application listener :

@component public class authenticationeventlistener implements applicationlistener<abstractauthenticationevent> {      /**      *       */     private static final logger log = loggerfactory.getlogger(cwiconstant.logger_authentication);      /**      *       * constructeur.      */     public authenticationeventlistener() {     }      @override     public void onapplicationevent(abstractauthenticationevent authenticationevent) {         if (authenticationevent instanceof interactiveauthenticationsuccessevent || authenticationevent instanceof authenticationsuccessevent) {             log.info("authentication success.");          } else if (authenticationevent instanceof abstractauthenticationfailureevent) {             log.info("authentication failure.");         }     } }

and class allows configurre spring security :

@configuration @enablewebsecurity @enableglobalmethodsecurity(prepostenabled = true, securedenabled = true) public class securityconfig extends websecurityconfigureradapter implements cwiconstant {      private static final string login_success_page = "/loginsuccess.html";     // private static final string login_failed_page = "/loginfailed.html";     private static final string password_param = "password";     private static final string username_param = "username";     private static final string login_page_error = "/login.html?error";     private static final string login_page = "/login.html";      /**      * constructeur.      */     public securityconfig() {         super();     }      /**      * configuration d'authentification de l'application.      *       * @param auth l'authentification manager.      * @throws exception si une erreur survient.      */     @autowired     public void configureglobal(authenticationmanagerbuilder auth) throws exception {         auth.authenticationprovider(customauthenticationprovider());     }      /** {@inheritdoc} */     @override     protected void configure(httpsecurity http) throws exception {         final expressionurlauthorizationconfigurer<httpsecurity>.expressionintercepturlregistry authorizerequests = http.authorizerequests();          authorizerequests.antmatchers("/admin/administration/*.html").hasauthority(role_admin_oper);         authorizerequests.antmatchers("/decl/parameter/userparameters.html").hasauthority(role_client);         authorizerequests.antmatchers("/decl/program/program.html").hasauthority(role_client);         authorizerequests.antmatchers("/decl/platform/platform.html").hasauthority(role_client);         authorizerequests.antmatchers("/consult/observation/*observation.html").hasauthority(role_usr_obs);         authorizerequests.antmatchers("/consult/download/message*.html").hasauthority(role_client);         authorizerequests.antmatchers("/consult/download/listdownload.html").hasauthority(role_usr_comprvdiag);         authorizerequests.antmatchers("/consult/download/download.html").hasauthority(role_usr_comprvdiag);         authorizerequests.antmatchers("/request/archivedataextraction/*.html").hasauthority(role_usr_arch);         authorizerequests.antmatchers("/request/rtlextraction/*.html").hasauthority(role_usr_rtl);         authorizerequests.antmatchers("/report/activity/activityreport/*.html").hasauthority(role_client);          authorizerequests.antmatchers("/favicon.ico").permitall();         authorizerequests.antmatchers("/resources/**").permitall();         authorizerequests.antmatchers("/mon").permitall();          expressionurlauthorizationconfigurer<httpsecurity>.expressionintercepturlregistry authenticated = authorizerequests.anyrequest()                 .authenticated();         formloginconfigurer<httpsecurity> formlogin = authenticated.and().formlogin();         formlogin.loginpage(login_page);         // formlogin.failureurl(login_failed_page);         formlogin.failureurl(login_page_error);         formlogin.usernameparameter(username_param);         formlogin.passwordparameter(password_param);         formlogin.defaultsuccessurl(login_success_page, true);         formlogin.permitall();          logoutconfigurer<httpsecurity> logout = formlogin.and().logout();         logout.logoutsuccessurl("/login.html?logout").permitall();         csrfconfigurer<httpsecurity> csrf = logout.and().csrf();         csrf.disable().addfilter(authenticationfilter());      }      /**      * retourne l'authentification manager de l'application.      *       * @return l'authentification manager de l'application.      */     @bean     authenticationprovider customauthenticationprovider() {         daoauthenticationprovider impl = new daoauthenticationprovider();         impl.setuserdetailsservice(customuserdetailsservice());         /* other properties etc */         return impl;     }      /**      * retourne le service d'authentification d'un utilisateur.      *       * @return le service d'authentification d'un utilisateur.      */     @bean     userdetailsservice customuserdetailsservice() {         return new authenticationserviceimpl();     }      /**      * defini filtre d'authentification.      *       * @return le filtre d'authentification      */     @bean     public uppercaseauthenticationprocessingfilter authenticationfilter() {         uppercaseauthenticationprocessingfilter authfilter = new uppercaseauthenticationprocessingfilter();         authfilter.setrequiresauthenticationrequestmatcher(new antpathrequestmatcher(login_page, "post"));         authfilter.setauthenticationmanager(authenticationmanagerbean());          savedrequestawareauthenticationsuccesshandler successhandler = new savedrequestawareauthenticationsuccesshandler();         successhandler.setalwaysusedefaulttargeturl(true);         // successhandler.setdefaulttargeturl("/main.html");         successhandler.setdefaulttargeturl(login_success_page);         authfilter.setauthenticationsuccesshandler(successhandler);          simpleurlauthenticationfailurehandler failurehandler = new simpleurlauthenticationfailurehandler(login_page_error);         authfilter.setauthenticationfailurehandler(failurehandler);          authfilter.setusernameparameter(username_param);         authfilter.setpasswordparameter(password_param);          return authfilter;     }      /** {@inheritdoc} */     @bean     @override     public authenticationmanager authenticationmanagerbean() {         list<authenticationprovider> authenticationproviderlist = new arraylist<authenticationprovider>();         authenticationproviderlist.add(customauthenticationprovider());         authenticationmanager authenticationmanager = new providermanager(authenticationproviderlist);         return authenticationmanager;     }  }

my spring dependencies :

org.springframework:spring-aop:jar:4.0.2.release:compile org.springframework:spring-beans:jar:4.0.2.release:compile org.springframework:spring-context:jar:4.0.2.release:compile org.springframework:spring-core:jar:4.0.2.release:compile org.springframework:spring-expression:jar:4.0.2.release:compile org.springframework:spring-web:jar:4.0.2.release:compile org.springframework:spring-webmvc:jar:4.0.2.release:compile org.springframework.security:spring-security-config:jar:3.2.5.release:compile org.springframework.security:spring-security-core:jar:3.2.5.release:compile org.springframework.security:spring-security-web:jar:3.2.5.release:compile

finally i've found solution.

it important set defaultauthenticationeventpublisher providermanager because default authenticationmanager use nulleventpublisher doesn't publish events.

the annotation @bean on method defaultauthenticationeventpublisher important said spring manage bean, when spring manages bean spring set applicationeventpublisher defaultauthenticationeventpublisher.

    /** {@inheritdoc} */     @bean     @override     public authenticationmanager authenticationmanagerbean() {         list<authenticationprovider> authenticationproviderlist = new arraylist<authenticationprovider>();         authenticationproviderlist.add(customauthenticationprovider());         providermanager authenticationmanager = new providermanager(authenticationproviderlist);         authenticationmanager.setauthenticationeventpublisher(defaultauthenticationeventpublisher());         return authenticationmanager;     }      /**      * retourne l'objet qui publira les évenements liés à l'authentification.      *       * @return l'objet qui publira les évenements liés à l'authentification.      */     @bean     defaultauthenticationeventpublisher defaultauthenticationeventpublisher() {         return new defaultauthenticationeventpublisher();     }

thank john interest ;-)


Comments

Post a Comment

Popular posts from this blog

python - Healpy: From Data to Healpix map -

-
Image
i have data grid rows represent theta (0, pi) , columns represent phi (0, 2*pi) , f(theta,phi) density of dark matter @ location. wanted calculate power spectrum , have decided use healpy. what can not understand how format data healpy use. if provide code (in python obvious reasons) or point me tutorial, great! have tried hand @ doing following code: #grid dimensions nrows*ncols (subject change) theta = np.linspace(0, np.pi, num=grid.shape[0])[:, none] phi = np.linspace(0, 2*np.pi, num=grid.shape[1]) nside = 512 print "pixel area: %.2f square degrees" % hp.nside2pixarea(nside, degrees=true) pix = hp.ang2pix(nside, theta, phi) healpix_map = np.zeros(hp.nside2npix(nside), dtype=np.double) healpix_map[pix] = grid but, when try execute code power spectrum. specifically, : cl = hp.anafast(healpix_map[pix], lmax=1024) i error: typeerror: bad number of pixels if point me tutorial or edit code great. more specifications: data in 2d np array , can change numrows/...
Read more

c - Bitwise operation with (signed) enum value -

-
i using enumerator values flags: typedef enum { = 0x00, b = 0x01u, // u has no influence, expected c = 0x02u, // u has no influence, expected ... } enum_name; volatile unsigned char* reg = someaddress; *reg |= b; according misra-c:2004 bitwise operations shall not done signed type. unfortunately, compiler iar use signed int (or short or char) underlying type of enums, , option can find relates size, not signedness ("--enum-is-int"). according iar c/c++ development guide arm , pages 169 , 211, can define type of enum s if enable iar language extensions ( -e command-line option, or project > options > c/c++ compiler > language > allow iar extensions in ide). in particular, should define "sentinel" value, make sure compiler chooses correct type. prefers signed types, , uses smallest possible integer type, sentinel should largest positive integer corresponding unsigned integer type can describe. example, typedef enum ...
Read more

xslt - Unnest parent nodes by child node -

-
in xml there items 0-n attributes , item should copied each attribute new item 1 attribute. given xml this: <?xml version="1.0" encoding="utf-8" ?> <items> <item> <name>a</name> <attributes> <attribute> <key>attribute1</key> <value>1</value> </attribute> </attributes> </item> <item> <name>b</name> </item> <item> <name>c</name> <attributes> <attribute> <key>attribute1</key> <value>5</value> </attribute> <attribute> <key>attribute2</key> <value>2</value> </attribute> <attribute> <key>attri...
Read more