Package org.duracloud.security.impl

Class DuracloudAuthProvider

java.lang.Object
org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
org.springframework.security.authentication.dao.DaoAuthenticationProvider
org.duracloud.security.impl.DuracloudAuthProvider
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider
public class DuracloudAuthProvider extends org.springframework.security.authentication.dao.DaoAuthenticationProvider
Authentication provider which allows default authentication behavior of the spring DaoAuthenticationProvider, but adds a check to see if the user's request originated from an IP address which is within the defined valid IP ranges. If a user has no defined valid IP ranges, any IP is accepted.
Author:
Bill Branan Date: 4/22/2015

  • Field Summary

    Fields inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

    hideUserNotFoundExceptions, logger, messages

  • Constructor Summary

    Constructors
    Constructor
    Description
    DuracloudAuthProvider(DuracloudUserDetailsService userDetailsService, org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
     
    protected boolean
    ipInRange(String ipAddress, String range)
    Determines if a given IP address is in the given IP range.

    Methods inherited from class org.springframework.security.authentication.dao.DaoAuthenticationProvider

    createSuccessAuthentication, doAfterPropertiesSet, getPasswordEncoder, getUserDetailsService, retrieveUser, setPasswordEncoder, setUserDetailsPasswordService, setUserDetailsService

    Methods inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

    afterPropertiesSet, authenticate, getPostAuthenticationChecks, getPreAuthenticationChecks, getUserCache, isForcePrincipalAsString, isHideUserNotFoundExceptions, setAuthoritiesMapper, setForcePrincipalAsString, setHideUserNotFoundExceptions, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setUserCache, supports

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • DuracloudAuthProvider

      public DuracloudAuthProvider(DuracloudUserDetailsService userDetailsService, org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)

  • Method Details

    • additionalAuthenticationChecks

      protected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) throws org.springframework.security.core.AuthenticationException
      Overrides:
      additionalAuthenticationChecks in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
      Throws:
      org.springframework.security.core.AuthenticationException

    • ipInRange

      protected boolean ipInRange(String ipAddress, String range)
      Determines if a given IP address is in the given IP range.
      Parameters:
      ipAddress - single IP address
      range - IP address range using CIDR notation
      Returns:
      true if the address is in the range, false otherwise