1. The login is successful, the realization of ApplicationListener < > AuthenticationSuccessEvent,
@Component
public class AuthenticationSuccessEventListener implements ApplicationListener<AuthenticationSuccessEvent> {
@Autowired
private HttpServletRequest request;
@Autowired
private LoginInfoService loginInfoService;
@Override
public void onApplicationEvent(final AuthenticationSuccessEvent event) {
// There is also an oAuth2 client authentication event, which needs to make a judgment
if (event.getAuthentication().getDetails().toString().contains("username")) {
final UserAgent userAgent = UserAgent.parseUserAgentString(request.getHeader("User-Agent"));
/ / get the IP
final String ip = IpUtils.getIpAddr(request);
// Get the real address
String address = AddressUtils.getRealAddressByIP(ip);
// Obtain the client operating system
String os = userAgent.getOperatingSystem().getName();
// Get the client browser
String browser = userAgent.getBrowser().getName();
Map user = (LinkedHashMap)event.getAuthentication().getDetails();
String username = (String) user.get("username");
if (username.contains(":")){
username = username.substring(0, username.length() - 1);
}
// Login log
LoginInfo loginInfo = new LoginInfo();
loginInfo.setUserName(username);
loginInfo.setIpaddr(ip);
loginInfo.setBrowser(browser);
loginInfo.setStatus(0);
loginInfo.setOs(os);
loginInfo.setLocation(address);
loginInfo.setMsg("Login successful"); loginInfoService.insertLoginInfo(loginInfo); }}}Copy the code2. Login failed, realizes the ApplicationListener < > AbstractAuthenticationFailureEvent,
@Component
public class AuthencationFailureListener implements ApplicationListener<AbstractAuthenticationFailureEvent> {
@Autowired
private HttpServletRequest request;
@Autowired
private LoginInfoService loginInfoService;
@Override
public void onApplicationEvent(AbstractAuthenticationFailureEvent event) {
final UserAgent userAgent = UserAgent.parseUserAgentString(request.getHeader("User-Agent"));
/ / get the IP
final String ip = IpUtils.getIpAddr(request);
// Get the real address
String address = AddressUtils.getRealAddressByIP(ip);
// Obtain the client operating system
String os = userAgent.getOperatingSystem().getName();
// Get the client browser
String browser = userAgent.getBrowser().getName();
// The credentials provided are incorrect. The user name or password is incorrect
if(event instanceof AuthenticationFailureBadCredentialsEvent){
Map user = (LinkedHashMap)event.getAuthentication().getDetails();
String username = (String) user.get("username");
if (username.contains(":")){
username = username.substring(0, username.length() - 1);
}
// Login log
LoginInfo loginInfo = new LoginInfo();
loginInfo.setUserName(username);
loginInfo.setIpaddr(ip);
loginInfo.setBrowser(browser);
loginInfo.setOs(os);
loginInfo.setStatus(1);
loginInfo.setLocation(address);
loginInfo.setMsg((String) event.getException().getMessage());
loginInfoService.insertLoginInfo(loginInfo);
} else if(event instanceof AuthenticationFailureCredentialsExpiredEvent){
// The authentication passed, but the password expired
System.out.println("---AuthenticationFailureCredentialsExpiredEvent---");
} else if(event instanceof AuthenticationFailureDisabledEvent){
// It was authenticated but the account was disabled
System.out.println("---AuthenticationFailureDisabledEvent---");
} else if(event instanceof AuthenticationFailureExpiredEvent){
// The authentication passed, but the account has expired
System.out.println("---AuthenticationFailureExpiredEvent---");
} else if(event instanceof AuthenticationFailureLockedEvent){
// The account is locked
System.out.println("---AuthenticationFailureLockedEvent---");
} else if(event instanceof AuthenticationFailureProviderNotFoundEvent){
// Configuration error, there is no proper AuthenticationProvider to handle login authentication
System.out.println("---AuthenticationFailureProviderNotFoundEvent---");
} else if(event instanceof AuthenticationFailureProxyUntrustedEvent){
// The proxy is not trusted. This is a configuration error in the case of Oauth, CAS, etc
System.out.println("---AuthenticationFailureProxyUntrustedEvent---");
} else if(event instanceof AuthenticationFailureServiceExceptionEvent){
// Any other exceptions that occur internally in AuthenticationManager are encapsulated as such
System.out.println("---AuthenticationFailureServiceExceptionEvent---"); }}}Copy the code3. The tools
3.1 IpUtils
public class IpUtils {
public static String getIpAddr(HttpServletRequest request)
{
if (request == null)
{
return "unknown";
}
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("X-Forwarded-For");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("X-Real-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getRemoteAddr();
}
return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : new HTMLFilter().doFilter(ip);
}
public static boolean internalIp(String ip)
{
byte[] addr = textToNumericFormatV4(ip);
return internalIp(addr) || "127.0.0.1".equals(ip);
}
private static boolean internalIp(byte[] addr)
{
if (addr == null || addr.length < 2)
{
return true;
}
final byte b0 = addr[0];
final byte b1 = addr[1];
// 10.x.x.x/8
final byte SECTION_1 = 0x0A;
/ / 172.16 7.0.x.x / 12
final byte SECTION_2 = (byte) 0xAC;
final byte SECTION_3 = (byte) 0x10;
final byte SECTION_4 = (byte) 0x1F;
/ / 192.168 7.0.x.x / 16
final byte SECTION_5 = (byte) 0xC0;
final byte SECTION_6 = (byte) 0xA8;
switch (b0)
{
case SECTION_1:
return true;
case SECTION_2:
if (b1 >= SECTION_3 && b1 <= SECTION_4)
{
return true;
}
case SECTION_5:
switch (b1)
{
case SECTION_6:
return true;
}
default:
return false; }}/** * Converts the IPv4 address to bytes **@paramText IPv4 address *@returnByte bytes * /
public static byte[] textToNumericFormatV4(String text)
{
if (text.length() == 0)
{
return null;
}
byte[] bytes = new byte[4];
String[] elements = text.split("\ \.", -1);
try
{
long l;
int i;
switch (elements.length)
{
case 1:
l = Long.parseLong(elements[0]);
if ((l < 0L) || (l > 4294967295L)) {
return null;
}
bytes[0] = (byte) (int) (l >> 24 & 0xFF);
bytes[1] = (byte) (int) ((l & 0xFFFFFF) > >16 & 0xFF);
bytes[2] = (byte) (int) ((l & 0xFFFF) > >8 & 0xFF);
bytes[3] = (byte) (int) (l & 0xFF);
break;
case 2:
l = Integer.parseInt(elements[0]);
if ((l < 0L) || (l > 255L)) {
return null;
}
bytes[0] = (byte) (int) (l & 0xFF);
l = Integer.parseInt(elements[1]);
if ((l < 0L) || (l > 16777215L)) {
return null;
}
bytes[1] = (byte) (int) (l >> 16 & 0xFF);
bytes[2] = (byte) (int) ((l & 0xFFFF) > >8 & 0xFF);
bytes[3] = (byte) (int) (l & 0xFF);
break;
case 3:
for (i = 0; i < 2; ++i)
{
l = Integer.parseInt(elements[i]);
if ((l < 0L) || (l > 255L)) {
return null;
}
bytes[i] = (byte) (int) (l & 0xFF);
}
l = Integer.parseInt(elements[2]);
if ((l < 0L) || (l > 65535L)) {
return null;
}
bytes[2] = (byte) (int) (l >> 8 & 0xFF);
bytes[3] = (byte) (int) (l & 0xFF);
break;
case 4:
for (i = 0; i < 4; ++i)
{
l = Integer.parseInt(elements[i]);
if ((l < 0L) || (l > 255L)) {
return null;
}
bytes[i] = (byte) (int) (l & 0xFF);
}
break;
default:
return null; }}catch (NumberFormatException e)
{
return null;
}
return bytes;
}
public static String getHostIp(a)
{
try
{
return InetAddress.getLocalHost().getHostAddress();
}
catch (UnknownHostException e)
{
}
return "127.0.0.1";
}
public static String getHostName(a)
{
try
{
return InetAddress.getLocalHost().getHostName();
}
catch (UnknownHostException e)
{
}
return "Unknown"; }}Copy the code3.2 AddressUtils
public class AddressUtils {
private static final Logger log = LoggerFactory.getLogger(AddressUtils.class);
// Query the IP address
public static final String IP_URL = "http://whois.pconline.com.cn/ipJson.jsp";
// Unknown address
public static final String UNKNOWN = "XX XX";
public static String getRealAddressByIP(String ip) {
String address = UNKNOWN;
// The Intranet is not queried
if (IpUtils.internalIp(ip)) {
return "Network IP";
}
if (true) {
try {
String rspStr = HttpUtils.sendGet(IP_URL, "ip=" + ip + "&json=true"."GBK");
if (StringUtils.isEmpty(rspStr)) {
log.error("Get geographic location exception {}", ip);
return UNKNOWN;
}
JSONObject obj = JSONObject.parseObject(rspStr);
String region = obj.getString("pro");
String city = obj.getString("city");
return String.format("%s %s", region, city);
} catch (Exception e) {
log.error("Get geographic location exception {}", ip); }}returnaddress; }}Copy the code