BEAL-75 - Spring Boot Audit Support (#1240)

* BEAL-75 - Spring Boot Audit Support Source code for http://inprogress.baeldung.com/wp-admin/post.php?post=35337&action=edit * BEAL-75 - Spring Boot Audit Support Update to use SLF4J logger instead of System.out.println
2017-03-03 00:21:28 +01:00
parent f1322a34a6
commit 23489a082b
12 changed files with 389 additions and 0 deletions
@@ -0,0 +1,13 @@
+package org.baeldung;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Application {
+
+    public static void main(String[] args) throws Throwable {
+        SpringApplication.run(Application.class, args);
+    }
+
+}
@@ -0,0 +1,18 @@
+package org.baeldung;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+
+@Configuration
+public class MvcConfig extends WebMvcConfigurerAdapter {
+    
+    @Override
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("/home").setViewName("home");
+        registry.addViewController("/").setViewName("home");
+        registry.addViewController("/hello").setViewName("hello");
+        registry.addViewController("/login").setViewName("login");
+    }
+
+}
@@ -0,0 +1,34 @@
+package org.baeldung;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+            .authorizeRequests()
+                .antMatchers("/", "/home").permitAll()
+                .anyRequest().authenticated()
+                .and()
+            .formLogin()
+                .loginPage("/login")
+                .permitAll()
+                .and()
+            .logout()
+                .permitAll();
+    }
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth
+            .inMemoryAuthentication()
+                .withUser("user").password("password").roles("USER");
+    }
+}
@@ -0,0 +1,36 @@
+package org.baeldung.auditing;
+
+import org.springframework.boot.actuate.audit.AuditEvent;
+import org.springframework.boot.actuate.security.AbstractAuthorizationAuditListener;
+import org.springframework.security.access.event.AbstractAuthorizationEvent;
+import org.springframework.security.access.event.AuthorizationFailureEvent;
+import org.springframework.security.web.FilterInvocation;
+import org.springframework.stereotype.Component;
+
+import java.util.HashMap;
+import java.util.Map;
+
+@Component
+public class ExposeAttemptedPathAuthorizationAuditListener extends AbstractAuthorizationAuditListener {
+
+    public static final String AUTHORIZATION_FAILURE = "AUTHORIZATION_FAILURE";
+
+    @Override
+    public void onApplicationEvent(AbstractAuthorizationEvent event) {
+        if (event instanceof AuthorizationFailureEvent) {
+            onAuthorizationFailureEvent((AuthorizationFailureEvent) event);
+        }
+    }
+
+    private void onAuthorizationFailureEvent(AuthorizationFailureEvent event) {
+        Map<String, Object> data = new HashMap<>();
+        data.put("type", event.getAccessDeniedException().getClass().getName());
+        data.put("message", event.getAccessDeniedException().getMessage());
+        data.put("requestUrl", ((FilterInvocation)event.getSource()).getRequestUrl() );
+        if (event.getAuthentication().getDetails() != null) {
+            data.put("details", event.getAuthentication().getDetails());
+        }
+        publish(new AuditEvent(event.getAuthentication().getName(), AUTHORIZATION_FAILURE,
+                               data));
+    }
+}
@@ -0,0 +1,25 @@
+package org.baeldung.auditing;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.actuate.audit.AuditEvent;
+import org.springframework.boot.actuate.audit.listener.AuditApplicationEvent;
+import org.springframework.context.event.EventListener;
+import org.springframework.security.web.authentication.WebAuthenticationDetails;
+import org.springframework.stereotype.Component;
+
+@Component
+public class LoginAttemptsLogger {
+    private static final Logger LOGGER = LoggerFactory.getLogger(LoginAttemptsLogger.class);
+
+    @EventListener
+    public void auditEventHappened(AuditApplicationEvent auditApplicationEvent) {
+        AuditEvent auditEvent = auditApplicationEvent.getAuditEvent();
+        LOGGER.debug("Principal " + auditEvent.getPrincipal() + " - " + auditEvent.getType());
+
+        WebAuthenticationDetails details = (WebAuthenticationDetails) auditEvent.getData().get("details");
+        LOGGER.debug("  Remote IP address: " + details.getRemoteAddress());
+        LOGGER.debug("  Session Id: " + details.getSessionId());
+        LOGGER.debug("  Request URL: " + auditEvent.getData().get("requestUrl"));
+    }
+}