public void process(AuthenticationAuditListener listener, AbstractAuthenticationEvent input) { if (listener != null) { AuthenticationSwitchUserEvent event = (AuthenticationSwitchUserEvent) input; Map<String, Object> data = new HashMap<String, Object>(); if (event.getAuthentication().getDetails() != null) { data.put("details", event.getAuthentication().getDetails()); } data.put("target", event.getTargetUser().getUsername()); listener.publish(new AuditEvent(event.getAuthentication().getName(), "AUTHENTICATION_SWITCH", data)); } }
@Test public void testAuthenticationSwitch() { this.listener.onApplicationEvent(new AuthenticationSwitchUserEvent( new UsernamePasswordAuthenticationToken("user", "password"), new User("user", "password", AuthorityUtils.commaSeparatedStringToAuthorityList("USER")))); verify(this.publisher).publishEvent((ApplicationEvent) anyObject()); }
@Override public void onApplicationEvent(final AuthenticationSwitchUserEvent event) { final String name = event.getAuthentication().getName(); final String target = event.getTargetUser().getUsername(); AccessLog accessLog = new AccessLog(); final String switchedUser = getSwitchedUsername(event.getAuthentication()); final String username = switchedUser != null ? switchedUser : name; accessLog.setUsername(username); accessLog.setStatus(LogStatus.success); if (event.getSource() instanceof UsernamePasswordAuthenticationToken) { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) event.getSource(); if (token.getDetails() instanceof WebAuthenticationDetails) { WebAuthenticationDetails details = (WebAuthenticationDetails) token.getDetails(); accessLog.setIp(details.getRemoteAddress()); } } if (username.equals(target)) { accessLog.setDescription("User change back to original"); } else { accessLog.setDescription("User change to " + target); } accessService.logAccess(accessLog); }
public boolean accepts(AbstractAuthenticationEvent event) { return event instanceof AuthenticationSwitchUserEvent; }
