Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
UserService to return UserDetails object on authentication and implementation of AuthenticationSuccessHandler and AuthenticationFailureHandler
@Component("customAuthenticationFailureHandler")
public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
private String DEFAULT_FAILURE_URL = "/login?error";
@Autowired
private UserService userService;
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
setDefaultFailureUrl(DEFAULT_FAILURE_URL);
super.onAuthenticationFailure(request, response, exception);
if (exception instanceof BadCredentialsException) {
lockUser(request.getParameter("username"));
}
}
private void lockUser(String username) {
Users user = userService.getUser(username);
if (user != null) {
int failedCount = user.getFailedLogins() + 1;
user.setFailedLogins(failedCount);
if (failedCount > 4) {
user.setLocked(true);
}
userService.saveUser(user);
}
}
}
@Component("customAuthenticationSuccessHandler")
public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Autowired
UserService userService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
User loginUser = (User) authentication.getPrincipal();
Users user = userService.getUser(loginUser.getUsername());
user.setFailedLogins(0);
user.setLastLoginDate(new Date());
userService.saveUser(user);
response.sendRedirect("home");
}
}
package com.bytestree.service;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.bytestree.dao.UserDao;
import com.bytestree.model.Roles;
import com.bytestree.model.Users;
/**
* @author bytestree
*
*/
@Service("userService")
@Transactional(readOnly = true)
public class UserServiceImpl implements UserService, UserDetailsService {
@Autowired
UserDao userDao;
/**
* Method to return UserDetails after successful login
*
* @param username
* @return UserDetails object
*/
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Users user = userDao.findById(username);
if (user == null) {
throw new UsernameNotFoundException("Invalid username or password");
}
return new org.springframework.security.core.userdetails.User(username, user.getPassword(), user.getEnabled(),
true, true, !user.getLocked(), getAuthorities(user));
}
private List<GrantedAuthority> getAuthorities(Users user) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (Roles role : user.getRoleses()) {
authorities.add(new SimpleGrantedAuthority(role.getName()));
}
return authorities;
}
@Transactional(readOnly = false)
@Override
public void saveLastLoginDate(String username) {
Users user = userDao.findById(username);
user.setLastLoginDate(new Date());
userDao.save(user);
}
@Override
public Users getUser(String username) {
return userDao.findById(username);
}
@Transactional(readOnly = false)
@Override
public void saveUser(Users user) {
userDao.save(user);
}
}
@bytestree

This comment has been minimized.

Copy link
Owner Author

bytestree commented May 6, 2016

Refer Spring Security 4 with Hibernate for complete example.

@vishnoor

This comment has been minimized.

Copy link

vishnoor commented Dec 26, 2018

Very Good example. Helped me out a lot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.