Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package hr.foi.sis.conf; import hr.foi.sis.model.Person; import hr.foi.sis.services.PersonDetailsService; import hr.foi.sis.services.UserSaltDetails; import hr.foi.sis.utility.PBKDF2; import java.nio.charset.StandardCharsets; import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; import java.util.logging.Level; import java.util.logging.Logger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Component; /** * * @author paz */ @Component public class PBKDF2AuthProvider implements AuthenticationProvider { @Autowired private PersonDetailsService userService; @Override public Authentication authenticate(Authentication a) throws AuthenticationException { String username = a.getName(); Logger.getLogger("Auth").log(Level.INFO, "POST on login username -- " + username); if (username == null) throw new BadCredentialsException("Username not found."); String password = (String) a.getCredentials(); Logger.getLogger("Auth").log(Level.INFO, "POST on password -- " + password); if (password == null) throw new BadCredentialsException("Password not found."); Logger.getLogger("Auth").log(Level.INFO, "Getting user from database"); UserSaltDetails user = userService.loadUserByUsername(username); Logger.getLogger("Auth").log(Level.INFO, "User get with username: " + user.getUsername()); Logger.getLogger("Auth").log(Level.INFO, "User get with password: " + user.getPassword()); String pw = user.getPassword(); Logger.getLogger("Auth").log(Level.INFO, "User get with salt : " + user.getUserSalt()); Logger.getLogger("Auth").log(Level.INFO, "User get with authorities : " + user.getAuthorities().toString()); boolean isAuthenticated = false; try { isAuthenticated = PBKDF2.authenticate(password, user.getPassword(), user.getUserSalt()); Logger.getLogger("Auth").log(Level.INFO, "Is true : " + isAuthenticated); } catch (NoSuchAlgorithmException ex) { Logger.getLogger(PBKDF2AuthProvider.class.getName()).log(Level.SEVERE, null, ex); } catch (InvalidKeySpecException ex) { Logger.getLogger(PBKDF2AuthProvider.class.getName()).log(Level.SEVERE, null, ex); } if (!isAuthenticated) throw new BadCredentialsException("Wrong password."); else Logger.getLogger("Auth").log(Level.INFO, "Authenticated"); return new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities()); } @Override public boolean supports(Class<? extends Object> authentication) { return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); } }