Saiku登录源码追踪呀~

>>首先我们需要debug跟踪saiku登录执行的源码信息

saiku源码的debug方式上一篇博客已有说明,这里简单介绍一下

在saiku启动脚本中添加如下命令: (windows下: start-saiku.bat)

set CATALINA_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=n  (后面可能还会有一些JVM参数信息)

使用Eclipse打开saiku源码  -- > Eclipse工具栏中的 Run  --> Debug configurations --> Remote Java Application --> 选中对应的源码项目(saiku-web),远程访问saiku的ip,以及脚本中指定监听的端口 (address) 8787  --> Debug

在浏览器中根据saiku地址信息访问saiku,输入用户名以及密码信息登录,Eclipse则会进入对应的debug阶段

>>源码追踪

1.首先会调用 saiku-web项目  org.saiku.web.rest.resources 包下的 SessionResource中的登录方法

sessionService.login(res,username,password)

/**

 * Saiku Session Endpoints

 */

@Component

@Path("/saiku/session")

public class SessionResource  {

  /*此处省略其他代码信息*/

  private ISessionService sessionService;

  /**

   * Login to Saiku

   * @summary Login

   * @param req Servlet request

   * @param username Username

   * @param password Password

   * @return A 200 response

   */

    @POST

	@Consumes("application/x-www-form-urlencoded")

	public Response login(

			@Context HttpServletRequest req,

			@FormParam("username") String username,

			@FormParam("password") String password)

	{

		try {

		  sessionService.login(req, username, password);

		  return Response.ok().build();

		}

		catch (Exception e) {

			log.debug("Error logging in:" + username, e);

			return Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getLocalizedMessage()).build();

		}

	}

}

  

2.进入org.saiku.web.service 包下的 SessionService类中的 sessionService.login(res,username,password)方法

进行认证的方法主要是:    authenticate(req, username, password);

package org.saiku.web.service;

/*此处省略了导入相关包信息*/

public class SessionService implements ISessionService {

	/**此处省略其他代码*/

	/* (non-Javadoc)

	 * @see org.saiku.web.service.ISessionService#login(javax.servlet.http.HttpServletRequest, java.lang.String, java.lang.String)

	 */

	public Map<String, Object> login(HttpServletRequest req, String username, String password ) throws LicenseException {

		Object sl = null;

		String notice = null;

		HttpSession session = ((HttpServletRequest)req).getSession(true);

		session.getId();

		sessionRepo.setSession(session);

		try {

			sl = l.getLicense();

		} catch (Exception e) {

			log.debug("Could not process license", e);

			throw new LicenseException("Error fetching license. Get a free license from http://licensing.meteorite.bi. You can upload it at /upload.html");

		}

		if (sl != null) {

			try {

				l.validateLicense();

			} catch (RepositoryException | IOException | ClassNotFoundException e) {

				log.debug("Repository Exception, couldn't get license", e);

				throw new LicenseException("Error fetching license. Please check your logs.");

			}

			try {

				if (l.getLicense() instanceof SaikuLicense2) {

                    if (authenticationManager != null) {

                        authenticate(req, username, password);

                    }

                    if (SecurityContextHolder.getContext() != null

                        && SecurityContextHolder.getContext().getAuthentication() != null) {

                        Authentication auth = SecurityContextHolder.getContext().getAuthentication();

                        if (authorisationPredicate.isAuthorised(auth)) {

                            Object p = auth.getPrincipal();

                            createSession(auth, username, password);

                            return sessionHolder.get(p);

                        } else {

                            log.info(username + " failed authorisation. Rejecting login");

                            throw new RuntimeException("Authorisation failed for: " + username);

                        }

                    }

                    return new HashMap<>();

                }

			} catch (IOException | ClassNotFoundException | RepositoryException e) {

				log.debug("Repository Exception, couldn't get license", e);

				throw new LicenseException("Error fetching license. Please check your logs.");

			}

		}

		return null;

	}

}

  

3.继续进入SessionService的 authenticate (req,username,password)方法进行认证

主要认证:  Authentication authentication = this.authenticationManager.authenticate(token);

/* (non-Javadoc)

	 * @see org.saiku.web.service.ISessionService#authenticate(javax.servlet.http.HttpServletRequest, java.lang.String, java.lang.String)

	 */

	public void authenticate(HttpServletRequest req, String username, String password) {

		try {

			UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);

			token.setDetails(new WebAuthenticationDetails(req));

			Authentication authentication = this.authenticationManager.authenticate(token);

			log.debug("Logging in with [{}]", authentication.getPrincipal());

			SecurityContextHolder.getContext().setAuthentication(authentication);

		}

		catch (BadCredentialsException bd) {

			throw new RuntimeException("Authentication failed for: " + username, bd);

		}

	}

  

4.转入spring-security认证框架中的 org.springframework.security.authentication包下的ProviderManager类中的  this.authenticationManager.authenticate(token)方法

主要认证: result = provider.authenticate(authentication);

	/**

	 * Attempts to authenticate the passed {@link Authentication} object.

	 * <p>

	 * The list of {@link AuthenticationProvider}s will be successively tried until an

	 * <code>AuthenticationProvider</code> indicates it is capable of authenticating the

	 * type of <code>Authentication</code> object passed. Authentication will then be

	 * attempted with that <code>AuthenticationProvider</code>.

	 * <p>

	 * If more than one <code>AuthenticationProvider</code> supports the passed

	 * <code>Authentication</code> object, only the first

	 * <code>AuthenticationProvider</code> tried will determine the result. No subsequent

	 * <code>AuthenticationProvider</code>s will be tried.

	 *

	 * @param authentication the authentication request object.

	 *

	 * @return a fully authenticated object including credentials.

	 *

	 * @throws AuthenticationException if authentication fails.

	 */

	public Authentication authenticate(Authentication authentication)

			throws AuthenticationException {

		Class<? extends Authentication> toTest = authentication.getClass();

		AuthenticationException lastException = null;

		Authentication result = null;

		boolean debug = logger.isDebugEnabled();

		for (AuthenticationProvider provider : getProviders()) {

			if (!provider.supports(toTest)) {

				continue;

			}

			if (debug) {

				logger.debug("Authentication attempt using "

						+ provider.getClass().getName());

			}

			try {

				result = provider.authenticate(authentication);

				if (result != null) {

					copyDetails(authentication, result);

					break;

				}

			}

			catch (AccountStatusException e) {

				prepareException(e, authentication);

				// SEC-546: Avoid polling additional providers if auth failure is due to

				// invalid account status

				throw e;

			}

			catch (InternalAuthenticationServiceException e) {

				prepareException(e, authentication);

				throw e;

			}

			catch (AuthenticationException e) {

				lastException = e;

			}

		}

		if (result == null && parent != null) {

			// Allow the parent to try.

			try {

				result = parent.authenticate(authentication);

			}

			catch (ProviderNotFoundException e) {

				// ignore as we will throw below if no other exception occurred prior to

				// calling parent and the parent

				// may throw ProviderNotFound even though a provider in the child already

				// handled the request

			}

			catch (AuthenticationException e) {

				lastException = e;

			}

		}

		if (result != null) {

			if (eraseCredentialsAfterAuthentication

					&& (result instanceof CredentialsContainer)) {

				// Authentication is complete. Remove credentials and other secret data

				// from authentication

				((CredentialsContainer) result).eraseCredentials();

			}

			eventPublisher.publishAuthenticationSuccess(result);

			return result;

		}

		// Parent was null, or didn't authenticate (or throw an exception).

		if (lastException == null) {

			lastException = new ProviderNotFoundException(messages.getMessage(

					"ProviderManager.providerNotFound",

					new Object[] { toTest.getName() },

					"No AuthenticationProvider found for {0}"));

		}

		prepareException(lastException, authentication);

		throw lastException;

	}

  

5.转入 org.springframework.security.authentication.dao包下的 AbstractUserDetailsAuthenticationProvider类中的 result = provider.authenticate(authentication);

关于密码的校验主要是:additionalAuthenticationChecks(user,(UsernamePasswordAuthenticationToken) authentication);

public Authentication authenticate(Authentication authentication)

			throws AuthenticationException {

		Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication,

				messages.getMessage(

						"AbstractUserDetailsAuthenticationProvider.onlySupports",

						"Only UsernamePasswordAuthenticationToken is supported"));

		// Determine username

		String username = (authentication.getPrincipal() == null) ? "NONE_PROVIDED"

				: authentication.getName();

		boolean cacheWasUsed = true;

		UserDetails user = this.userCache.getUserFromCache(username);

		if (user == null) {

			cacheWasUsed = false;

			try {

				user = retrieveUser(username,

						(UsernamePasswordAuthenticationToken) authentication);

			}

			catch (UsernameNotFoundException notFound) {

				logger.debug("User '" + username + "' not found");

				if (hideUserNotFoundExceptions) {

					throw new BadCredentialsException(messages.getMessage(

							"AbstractUserDetailsAuthenticationProvider.badCredentials",

							"Bad credentials"));

				}

				else {

					throw notFound;

				}

			}

			Assert.notNull(user,

					"retrieveUser returned null - a violation of the interface contract");

		}

		try {

			preAuthenticationChecks.check(user);

			additionalAuthenticationChecks(user,

					(UsernamePasswordAuthenticationToken) authentication);

		}

		catch (AuthenticationException exception) {

			if (cacheWasUsed) {

				// There was a problem, so try again after checking

				// we're using latest data (i.e. not from the cache)

				cacheWasUsed = false;

				user = retrieveUser(username,

						(UsernamePasswordAuthenticationToken) authentication);

				preAuthenticationChecks.check(user);

				additionalAuthenticationChecks(user,

						(UsernamePasswordAuthenticationToken) authentication);

			}

			else {

				throw exception;

			}

		}

  

6.org.springframework.security.authentication.dao包下的 DaoAuthenticationProvider 类中 additionalAuthenticationChecks(user,(UsernamePasswordAuthenticationToken) authentication)方法如下

校验密码的主要方法: passwordEncoder.isPasswordValid(userDetails.getPassword(), presentedPassword,salt)

@SuppressWarnings("deprecation")

	protected void additionalAuthenticationChecks(UserDetails userDetails,

			UsernamePasswordAuthenticationToken authentication)

			throws AuthenticationException {

		Object salt = null;

		if (this.saltSource != null) {

			salt = this.saltSource.getSalt(userDetails);

		}

		if (authentication.getCredentials() == null) {

			logger.debug("Authentication failed: no credentials provided");

			throw new BadCredentialsException(messages.getMessage(

					"AbstractUserDetailsAuthenticationProvider.badCredentials",

					"Bad credentials"));

		}

		if (!passwordEncoder.isPasswordValid(userDetails.getPassword(),

				presentedPassword, salt)) {

			logger.debug("Authentication failed: password does not match stored value");

			throw new BadCredentialsException(messages.getMessage(

					"AbstractUserDetailsAuthenticationProvider.badCredentials",

					"Bad credentials"));

		}

	}

  

好了,关于saiku登录源码就追踪到这里啦~ ,到这里我们就知道怎么更改saiku对密码校验的逻辑信息啦~

Saiku登录源码追踪.(十三)的更多相关文章

  1. saiku的源码包Bulid常见问题和jar包

    最近在做kylin+mondrian+saiku的二次开发的时候,Bulid saiku的源码出现了很多问题,基本上一大部分问题jar找不到问题,很多jar国内网站都找不到.这时候只有手动下载然后注册 ...

  2. Yii2 使用 QQ 和 Weibo 第三方登录源码

    我们社区在 yii2-authclient 多次升级后,登录异常.一直想寻求一种通用的方法,尽量不重写 OAuth2, BaseOAuth 以及 OAuthToken 类, 所以本次直接在 initU ...

  3. 源码追踪,解决Could not locate executable null\bin\winutils.exe in the Hadoop binaries.问题

    在windows系统本地运行spark的wordcount程序,会出现一个异常,但不影响现有程序运行. >>提君博客原创  http://www.cnblogs.com/tijun/  & ...

  4. [大数据可视化]-saiku的源码包Bulid常见问题和jar包

    最近在做kylin+mondrian+saiku的二次开发的时候,Bulid saiku的源码出现了很多问题,基本上一大部分问题jar找不到问题,很多jar国内网站都找不到.这时候只有手动下载然后注册 ...

  5. OpenJDK源码研究笔记(十三):Javac编译过程中的上下文容器(Context)、单例(Singleton)和延迟创建(LazyCreation)3种模式

    在阅读Javac源码的过程中,发现一个上下文对象Context. 这个对象用来确保一次编译过程中的用到的类都只有一个实例,即实现我们经常提到的"单例模式". 今天,特意对这个上下文 ...

  6. CAS Server集成QQ登录、新浪微博登录源码及配置文件

    转载自素文宅博客:https://blog.yoodb.com/yoodb/article/detail/1446 CAS Server集成QQ第三方登录,CAS Server集成新浪微博第三方登录以 ...

  7. Spring Boot 注解之ObjectProvider源码追踪

    最近依旧在学习阅读Spring Boot的源代码,在此过程中涉及到很多在日常项目中比较少见的功能特性,对此深入研究一下,也挺有意思,这也是阅读源码的魅力之一.这里写成文章,分享给大家. 自动配置中的O ...

  8. [大数据可视化]-saiku的源码打包运行/二次开发构建

    Saiku构建好之后,会将项目的各个模块达成jar包,整个项目也会打成war包 saiku目录结构:   我们选中saiku-server/target/ 下面的zip压缩包.这是个打包后的文件,进行 ...

  9. 类似818tu.co微信小说分销系统设计之多公众号网页授权自动登录源码

    /** 转载请保留原地址以及版权声明,请勿恶意修改 *  作者:杨浩瑞  QQ:1420213383  独立博客:http://www.yxxrui.cn * [后台]http://xiaoshuo. ...

随机推荐

  1. java中加与不加public

    加public表示全局类,该类可以import到任何类内.不加public默认为保留类,只能被同一个包内的其他类引用来源:https://blog.csdn.net/qq_15037231/artic ...

  2. redis安装及错误排查

    安装: 1.cd /usr/redis   //redis目录作为安装目录,没有自行创建 2.tar xzf  redis-4.0.6.tar.gz 3. cd redis-4.0.6 4.make ...

  3. Linux下的.txt文件复制到win下面不自动换行

    原因:在Linux系统下, '\n'就是一个换行符,而在windows下,它是由回车换行组成,表示为 \r\n 解决方法:用Notepad++打开文档-->编辑-->文档格式转换--> ...

  4. 第二篇——Struts2的Action搜索顺序

    Struts2的Action的搜索顺序: 地址:http://localhost:8080/path1/path2/student.action     1.判断package是否存在,例如:/pat ...

  5. opencv学习之路(19)、直方图

    一.概述 二.一维灰度直方图 #include "opencv2/opencv.hpp" #include<iostream> using namespace cv; ...

  6. 数据库只有mdf文件而没有ldf文件,如何恢复数据库

    举例:数据库名为 TestData 第一步: 新建一个同名的数据库即TestData数据库 第二步: 停掉数据库服务,找到刚才新建的TestData数据库的mdf和ldf文件,删掉ldf文件,再用之前 ...

  7. Pandas之分组

    假如我们现在有这样一组数据:星巴克在全球的咖啡店信息,如下图所示.数据来源:starbucks_store_locations.我们想要统计中国每个城市的星巴克商店的数量,那我们应该怎么做呢? 在pa ...

  8. Bumped!【最短路】(神坑

    问题 B: Bumped! 时间限制: 1 Sec  内存限制: 128 MB 提交: 351  解决: 44 [提交] [状态] [命题人:admin] 题目描述 Peter returned fr ...

  9. ipan笔记

    // 对于mysql来说, 如果字段没有设置其 default值, 则会自动 设置 default值为null.同理没有设置not null, 则会自动允许null =yes // create ta ...

  10. centos7安装node

    centos7安装node 二进制文件安装 node=v10.13.0 file=node-${node}-linux-x64 wget https://nodejs.org/dist/${node} ...