Announcement Announcement Module
Collapse
No announcement yet.
login with ip address authentication Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • login with ip address authentication

    hi,

    i have a project that requires the ip address, username and password for authentication when performing login. what should I do for a case like this?

    thanks.

  • #2
    I have never done. But you should be able to do, according to this link http://static.springsource.org/sprin...n-user-service

    Comment


    • #3
      @amiladomingo, thanks for your response. i've looked that link, but i think the most appropriate solution is #1.1. since i need the user ip address to authentication with username and password.

      if i use #1 approach from #1.1 should i create custom User too?

      Comment


      • #4
        I'd take the first approach and do followings,

        1. Extend the UsernamePasswordAuthenticationToken, add a property called IpAddress or something
        2. Extend the UsernamePasswordAuthenticationFilter, override attemptAuthentication() and create an instance of the extended version of your UsernamePasswordAuthenticationToken and set the username, password and ip address. You can get the clients ip address from HttpServletRequest.getRemoteAddr().
        3. Inside the retrieveUser() method of your authentication provider add the code to retrieve the user using ip address, username, password

        Comment


        • #5
          Originally posted by amiladomingo View Post
          I'd take the first approach and do followings,

          1. Extend the UsernamePasswordAuthenticationToken, add a property called IpAddress or something
          2. Extend the UsernamePasswordAuthenticationFilter, override attemptAuthentication() and create an instance of the extended version of your UsernamePasswordAuthenticationToken and set the username, password and ip address. You can get the clients ip address from HttpServletRequest.getRemoteAddr().
          3. Inside the retrieveUser() method of your authentication provider add the code to retrieve the user using ip address, username, password
          This shouldn't be necessary. The IP address should already be available from the WebAuthenticationDetails object that is usually stored in the Authentication object. So you can already access it in an AuthenticationProvider without having to create a custom token.

          Comment


          • #6
            Ohh yeah, only two lines inside the AuthenticationProvider. For IP address and Session ID you only need to do,

            Code:
            WebAuthenticationDetails webAuthenticationDetails = ((WebAuthenticationDetails)authentication.getDetails());
            		
            webAuthenticationDetails.getRemoteAddress();
            http://static.springsource.org/sprin...n-user-service

            Thanks Luke
            Last edited by amiladomingo; Jan 17th, 2011, 07:46 AM.

            Comment


            • #7
              so, all i need to do is
              - extend UsernamePasswordAuthenticationFilter and DaoAuthenticationProvider( since i use dao for database access)
              - implements UserDetailsService
              is this right? CMIIW...
              Last edited by diannagara; Jan 17th, 2011, 10:08 PM.

              Comment


              • #8
                All you need to do is extend AbstractUserDetailsAuthenticationProvider

                Comment


                • #9
                  hi, thanks. it works

                  Comment

                  Working...
                  X