stackoom
  简体   繁体   中英

Spring boot JWT Auth details are null

 原文  2020-01-23 15:04:45       java/ spring-boot/ jwt/ jhipster

Question

I created Spring boot app using Jhipster. I wanted to create listener that will catch failed authentication.

@Component
public class AuthenticationFailureListener
implements ApplicationListener<AuthenticationFailureBadCredentialsEvent> {

@Autowired
private LoginAttemptService loginAttemptService;

public void onApplicationEvent(AuthenticationFailureBadCredentialsEvent e) {
    WebAuthenticationDetails auth = (WebAuthenticationDetails) e.getAuthentication().getDetails();
    if(auth!=null) {
        loginAttemptService.loginFailed(auth.getRemoteAddress());
    }
}
}

I am Using JWT. When i debug this method, i can see email and password, but details are null. So auth object is null so i can't see from which IP user tried to login. What should i change in order to get details here ?

1 answers

solution1
 0  2020-07-17 11:44:04

I used a similar approach but injected the HttpRequest

@Component
public class AuthenticationFailureEventListener implements ApplicationListener<AuthenticationFailureBadCredentialsEvent> {
    private final Logger log = LoggerFactory.getLogger(AuthenticationFailureEventListener.class);
    private final HttpServletRequest request;

    private final LoginAttemptService loginAttemptService;

    public AuthenticationFailureEventListener(HttpServletRequest request, LoginAttemptService loginAttemptService) {
        this.request = request;
        this.loginAttemptService = loginAttemptService;
    }

    @Override
    public void onApplicationEvent(final AuthenticationFailureBadCredentialsEvent e) {
        log.debug("Failed login try from {}", request.getRemoteAddr());
        final String xfHeader = request.getHeader("X-Forwarded-For");
        if (xfHeader == null) {
            loginAttemptService.loginFailed(request.getRemoteAddr());
        } else {
            loginAttemptService.loginFailed(xfHeader.split(",")[0]);
        }
    }

}

This works really good.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring boot JWT auth Spring Boot Security Context return null when using a JWT token Spring Boot register with JWT JWT Spring auth login user (Spring Boot + JWT) how to get JWT in response? Adding JWT to Spring Boot Microservices Spring boot + Oauth2 + Jwt Spring Boot JWT CORS with Angular 6 JWT Authorization in Microservices with Spring boot Simply authentication with JWT in Spring Boot
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM