SHIBUI-2578/2579

Fixes for issues found by QA
TIER · May 31, 2023 · 777fc5e · 777fc5e
1 parent a6ba064
commit 777fc5e
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/...ain/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java b/...ain/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
@@ -15,10 +15,13 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.data.domain.AuditorAware;
+import org.springframework.security.authentication.AuthenticationEventPublisher;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
@@ -132,6 +135,7 @@ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
                             .roles("ADMIN");
                 }
                 auth.userDetailsService(adminUserService(userService)).passwordEncoder(passwordEncoder);
+                auth.authenticationEventPublisher(new RecordLoginHandler(userService));
             }
 
             @Override
@@ -165,4 +169,23 @@ public void configure(WebSecurity web) throws Exception {
             }
         };
     }
+
+    class RecordLoginHandler implements AuthenticationEventPublisher {
+        private UserService userService;
+
+        public RecordLoginHandler(UserService userService) {
+            this.userService = userService;
+        }
+
+        @Override
+        public void publishAuthenticationSuccess(Authentication authentication) {
+            // do this in SimpleAuthenticationProvider in v2.0
+            userService.updateLoginRecord(authentication.getName());
+        }
+
+        @Override
+        public void publishAuthenticationFailure(AuthenticationException exception, Authentication authentication) {
+            // don't care about this
+        }
+    }
 }
diff --git a/...java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java b/...java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java
@@ -26,7 +26,6 @@ public class AdminUserService implements UserDetailsService {
     private final UserService userService;
 
     @Override
-    @Transactional(readOnly = true)
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
         User user = userService
                 .findByUsername(username)
@@ -42,7 +41,6 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
             throw new UsernameNotFoundException(String.format("No roles are defined for user [%s]", username));
         }
 
-        userService.updateLoginRecord(username);
         return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), grantedAuthorities);
     }
 }