diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java index 2550cebfb..e40a517d6 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java @@ -32,8 +32,6 @@ import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; @@ -50,24 +48,14 @@ public abstract class AbstractAuthenticationProvider { private static final Logger _logger = LoggerFactory.getLogger(AbstractAuthenticationProvider.class); - @Autowired - @Qualifier("applicationConfig") protected ApplicationConfig applicationConfig; - @Autowired - @Qualifier("authenticationRealm") protected AbstractAuthenticationRealm authenticationRealm; - @Autowired - @Qualifier("tfaOptAuthn") protected AbstractOtpAuthn tfaOptAuthn; - @Autowired - @Qualifier("remeberMeService") protected AbstractRemeberMeService remeberMeService; - @Autowired - @Qualifier("onlineTicketServices") protected OnlineTicketServices onlineTicketServices; public static ArrayList grantedAdministratorsAuthoritys = new ArrayList(); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java index 7d2a02caf..02d4c9fdc 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java @@ -20,6 +20,11 @@ package org.maxkey.authn; import java.util.ArrayList; import org.maxkey.authn.online.OnlineTicket; +import org.maxkey.authn.online.OnlineTicketServices; +import org.maxkey.authn.realm.AbstractAuthenticationRealm; +import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; +import org.maxkey.configuration.ApplicationConfig; +import org.maxkey.crypto.password.otp.AbstractOtpAuthn; import org.maxkey.domain.UserInfo; import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; @@ -46,8 +51,27 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider protected String getProviderName() { return "RealmAuthenticationProvider"; } + - @Override + public RealmAuthenticationProvider() { + super(); + } + + + public RealmAuthenticationProvider( + AbstractAuthenticationRealm authenticationRealm, + ApplicationConfig applicationConfig, + AbstractOtpAuthn tfaOptAuthn, + AbstractRemeberMeService remeberMeService, + OnlineTicketServices onlineTicketServices) { + this.authenticationRealm = authenticationRealm; + this.applicationConfig = applicationConfig; + this.tfaOptAuthn = tfaOptAuthn; + this.remeberMeService = remeberMeService; + this.onlineTicketServices = onlineTicketServices; + } + + @Override protected Authentication doInternalAuthenticate(LoginCredential loginCredential) { _logger.debug("authentication " + loginCredential); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java index 7237b6341..383e3d4f5 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java @@ -49,17 +49,12 @@ public abstract class AbstractAuthenticationRealm { protected boolean provisioning; - @Autowired protected PasswordPolicyValidator passwordPolicyValidator; - @Autowired protected LoginService loginService; - - @Autowired + protected LoginHistoryService loginHistoryService; - @Autowired - @Qualifier("remeberMeService") protected AbstractRemeberMeService remeberMeService; /** diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/DefaultJdbcAuthenticationRealm.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/DefaultJdbcAuthenticationRealm.java index f231d01ff..575b30238 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/DefaultJdbcAuthenticationRealm.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/DefaultJdbcAuthenticationRealm.java @@ -24,7 +24,6 @@ import org.maxkey.domain.UserInfo; import org.maxkey.web.WebContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.crypto.password.PasswordEncoder; @@ -38,8 +37,8 @@ import org.springframework.security.crypto.password.PasswordEncoder; public class DefaultJdbcAuthenticationRealm extends AbstractAuthenticationRealm { private static Logger _logger = LoggerFactory.getLogger(DefaultJdbcAuthenticationRealm.class); - @Autowired - private PasswordEncoder passwordEncoder; + + protected PasswordEncoder passwordEncoder; public DefaultJdbcAuthenticationRealm() { diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java index 9fb28b3ba..a3f3daacd 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java @@ -17,9 +17,14 @@ package org.maxkey.authn.realm.jdbc; +import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; +import org.maxkey.persistence.db.LoginHistoryService; +import org.maxkey.persistence.db.LoginService; +import org.maxkey.persistence.db.PasswordPolicyValidator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.security.crypto.password.PasswordEncoder; /** * JdbcAuthenticationRealm. @@ -36,5 +41,23 @@ public class JdbcAuthenticationRealm extends DefaultJdbcAuthenticationRealm { public JdbcAuthenticationRealm(JdbcTemplate jdbcTemplate) { this.jdbcTemplate = jdbcTemplate; } + + public JdbcAuthenticationRealm( + PasswordEncoder passwordEncoder, + PasswordPolicyValidator passwordPolicyValidator, + LoginService loginService, + LoginHistoryService loginHistoryService, + AbstractRemeberMeService remeberMeService, + JdbcTemplate jdbcTemplate) { + + this.passwordEncoder =passwordEncoder; + this.passwordPolicyValidator=passwordPolicyValidator; + this.loginService = loginService; + this.loginHistoryService = loginHistoryService; + this.remeberMeService = remeberMeService; + this.jdbcTemplate = jdbcTemplate; + } + + } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java index 2a764dbaf..82e5da2cb 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java @@ -26,9 +26,11 @@ import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler; import org.maxkey.authn.online.InMemoryOnlineTicketServices; import org.maxkey.authn.online.OnlineTicketServices; import org.maxkey.authn.online.RedisOnlineTicketServices; +import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; import org.maxkey.authn.support.rememberme.InMemoryRemeberMeService; import org.maxkey.authn.support.rememberme.RedisRemeberMeService; +import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsPersistence; import org.maxkey.constants.ConstantsProperties; import org.maxkey.crypto.password.LdapShaPasswordEncoder; @@ -37,6 +39,7 @@ import org.maxkey.crypto.password.NoOpPasswordEncoder; import org.maxkey.crypto.password.MessageDigestPasswordEncoder; import org.maxkey.crypto.password.SM3PasswordEncoder; import org.maxkey.crypto.password.StandardPasswordEncoder; +import org.maxkey.crypto.password.otp.AbstractOtpAuthn; import org.maxkey.persistence.db.PasswordPolicyValidator; import org.maxkey.persistence.redis.RedisConnectionFactory; import org.slf4j.Logger; @@ -74,8 +77,22 @@ public class AuthenticationAutoConfiguration implements InitializingBean { } @Bean(name = "authenticationProvider") - public AbstractAuthenticationProvider authenticationProvider() { - return new RealmAuthenticationProvider(); + public AbstractAuthenticationProvider authenticationProvider( + AbstractAuthenticationRealm authenticationRealm, + ApplicationConfig applicationConfig, + AbstractOtpAuthn tfaOptAuthn, + AbstractRemeberMeService remeberMeService, + OnlineTicketServices onlineTicketServices + ) { + + return new RealmAuthenticationProvider( + authenticationRealm, + applicationConfig, + tfaOptAuthn, + remeberMeService, + onlineTicketServices + ); + } @Bean(name = "transactionManager") diff --git a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java index cc83d4f8d..aa40d4da3 100644 --- a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java +++ b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java @@ -27,6 +27,9 @@ import org.maxkey.authz.oauth2.provider.token.store.RedisTokenStore; import org.maxkey.constants.ConstantsProperties; import org.maxkey.crypto.password.otp.impl.TimeBasedOtpAuthn; import org.maxkey.jobs.DynamicGroupsJob; +import org.maxkey.persistence.db.LoginHistoryService; +import org.maxkey.persistence.db.LoginService; +import org.maxkey.persistence.db.PasswordPolicyValidator; import org.maxkey.persistence.redis.RedisConnectionFactory; import org.maxkey.persistence.service.GroupsService; import org.opensaml.xml.ConfigurationException; @@ -39,6 +42,7 @@ import org.quartz.Scheduler; import org.quartz.SchedulerException; import org.quartz.TriggerBuilder; import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm; +import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; @@ -105,11 +109,24 @@ public class MaxKeyMgtConfig implements InitializingBean { } - //以下内容可以注释掉后再xml中配置,xml引入在MaxKeyMgtApplication中 + //浠ヤ笅鍐呭鍙互娉ㄩ噴鎺夊悗鍐峹ml涓厤缃�,xml寮曞叆鍦∕axKeyMgtApplication涓� @Bean(name = "authenticationRealm") - public JdbcAuthenticationRealm JdbcAuthenticationRealm( - JdbcTemplate jdbcTemplate) { - JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(jdbcTemplate); + public JdbcAuthenticationRealm authenticationRealm( + PasswordEncoder passwordEncoder, + PasswordPolicyValidator passwordPolicyValidator, + LoginService loginService, + LoginHistoryService loginHistoryService, + AbstractRemeberMeService remeberMeService, + JdbcTemplate jdbcTemplate) { + + JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm( + passwordEncoder, + passwordPolicyValidator, + loginService, + loginHistoryService, + remeberMeService, + jdbcTemplate); + _logger.debug("JdbcAuthenticationRealm inited."); return authenticationRealm; } diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java index 592d32933..464d4d1dc 100644 --- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java @@ -27,6 +27,7 @@ import org.maxkey.authn.realm.activedirectory.ActiveDirectoryAuthenticationRealm import org.maxkey.authn.realm.activedirectory.ActiveDirectoryServer; import org.maxkey.authn.support.kerberos.KerberosProxy; import org.maxkey.authn.support.kerberos.RemoteKerberosService; +import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; import org.maxkey.constants.ConstantsPersistence; import org.maxkey.constants.ConstantsProperties; import org.maxkey.crypto.password.otp.AbstractOtpAuthn; @@ -38,6 +39,9 @@ import org.maxkey.crypto.password.otp.impl.sms.SmsOtpAuthnAliyun; import org.maxkey.crypto.password.otp.impl.sms.SmsOtpAuthnTencentCloud; import org.maxkey.crypto.password.otp.impl.sms.SmsOtpAuthnYunxin; import org.maxkey.crypto.password.otp.token.RedisOtpTokenStore; +import org.maxkey.persistence.db.LoginHistoryService; +import org.maxkey.persistence.db.LoginService; +import org.maxkey.persistence.db.PasswordPolicyValidator; import org.maxkey.persistence.ldap.ActiveDirectoryUtils; import org.maxkey.persistence.ldap.LdapUtils; import org.maxkey.persistence.redis.RedisConnectionFactory; @@ -45,12 +49,15 @@ import org.mybatis.spring.annotation.MapperScan; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.PropertySource; import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.security.crypto.password.PasswordEncoder; @Configuration @@ -105,8 +112,21 @@ public class MaxKeyConfig implements InitializingBean { //可以在此实现其他的登陆认证方式,请实现AbstractAuthenticationRealm @Bean(name = "authenticationRealm") public JdbcAuthenticationRealm authenticationRealm( + PasswordEncoder passwordEncoder, + PasswordPolicyValidator passwordPolicyValidator, + LoginService loginService, + LoginHistoryService loginHistoryService, + AbstractRemeberMeService remeberMeService, JdbcTemplate jdbcTemplate) { - JdbcAuthenticationRealm authenticationRealm = jdbcAuthenticationRealm(jdbcTemplate); + + JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm( + passwordEncoder, + passwordPolicyValidator, + loginService, + loginHistoryService, + remeberMeService, + jdbcTemplate); + return authenticationRealm; }