Package org.duracloud.security.impl

Class DuracloudAuthProvider

java.lang.Object

org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

org.springframework.security.authentication.dao.DaoAuthenticationProvider

org.duracloud.security.impl.DuracloudAuthProvider

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider

public class DuracloudAuthProvider
extends org.springframework.security.authentication.dao.DaoAuthenticationProvider

Authentication provider which allows default authentication behavior of the spring DaoAuthenticationProvider, but adds a check to see if the user's request originated from an IP address which is within the defined valid IP ranges. If a user has no defined valid IP ranges, any IP is accepted.

Author:

Bill Branan Date: 4/22/2015

Field Summary

Fields inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

hideUserNotFoundExceptions, logger, messages

Constructor Summary

Constructors

Constructor	Description
DuracloudAuthProvider(DuracloudUserDetailsService userDetailsService, Object passwordEncoder)

Method Summary

Modifier and Type	Method	Description
protected void	additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
protected boolean	ipInRange(String ipAddress, String range)	Determines if a given IP address is in the given IP range.

Methods inherited from class org.springframework.security.authentication.dao.DaoAuthenticationProvider

doAfterPropertiesSet, getPasswordEncoder, getSaltSource, getUserDetailsService, retrieveUser, setPasswordEncoder, setSaltSource, setUserDetailsService

Methods inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

afterPropertiesSet, authenticate, createSuccessAuthentication, getPostAuthenticationChecks, getPreAuthenticationChecks, getUserCache, isForcePrincipalAsString, isHideUserNotFoundExceptions, setAuthoritiesMapper, setForcePrincipalAsString, setHideUserNotFoundExceptions, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setUserCache, supports

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DuracloudAuthProvider

public DuracloudAuthProvider(DuracloudUserDetailsService userDetailsService,
                             Object passwordEncoder)

Method Detail

additionalAuthenticationChecks

protected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails,
                                              org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
                                       throws org.springframework.security.core.AuthenticationException

Overrides:

additionalAuthenticationChecks in class org.springframework.security.authentication.dao.DaoAuthenticationProvider

Throws:

org.springframework.security.core.AuthenticationException

ipInRange

protected boolean ipInRange(String ipAddress,
                            String range)

Determines if a given IP address is in the given IP range.

Parameters:

ipAddress - single IP address

range - IP address range using CIDR notation

Returns:

true if the address is in the range, false otherwise