/*
* Copyright 2006-2014 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.jrecruiter.spring;
import java.util.Date;
import org.jrecruiter.model.User;
import org.jrecruiter.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
public class SecurityEventListener implements
ApplicationListener < AbstractAuthenticationEvent > {
private @Autowired UserService userService;
/**
* Initialize Logging.
*/
private final static Logger LOGGER = LoggerFactory.getLogger(SecurityEventListener.class);
@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
if (event instanceof AuthenticationSuccessEvent) {
final AuthenticationSuccessEvent successEvent = (AuthenticationSuccessEvent) event;
LOGGER.info("Successful Authentication of User: " + successEvent.getAuthentication().getName());
successEvent.getAuthentication();
final User user = (User)successEvent.getAuthentication().getPrincipal();
user.setLastLoginDate(new Date());
userService.updateUser(user);
} else if (event instanceof InteractiveAuthenticationSuccessEvent) {
final InteractiveAuthenticationSuccessEvent successEvent = (InteractiveAuthenticationSuccessEvent) event;
LOGGER.info("Successful Interactive Authentication of User: " + successEvent.getAuthentication().getName());
final User user = (User)successEvent.getAuthentication().getPrincipal();
user.setLastLoginDate(new Date());
userService.updateUser(user);
} else if (event instanceof AbstractAuthenticationFailureEvent) {
final AbstractAuthenticationFailureEvent failureEvent = (AbstractAuthenticationFailureEvent) event;
LOGGER.warn("Authentication Failure for User '"
+ failureEvent.getAuthentication().getPrincipal() + "' "
+ failureEvent.getException().getMessage(), failureEvent.getException());
} else {
/*
* Since we really don't care about other events, we log it for
* now, but because of that we don't throw an explicit exception.
*/
LOGGER.error("Unhandled AuthenticationEvent (" + event.getClass().getName() + ") for user '"
+ event.getAuthentication().getPrincipal() + "':"
+ event.toString());
}
}
/**
* @param userService the userService to set
*/
public void setUserService(UserService userService) {
this.userService = userService;
}
}