{"_id":"57a15b1fe80f940e00c46f2c","__v":1,"version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"category":{"_id":"560b22739c7be70d00100bd8","pages":["560b229caf40a70d003df309","56bcb2cf9afb8b0d00d62df6"],"project":"55db8f8f1a91690d007ad975","version":"55db8f901a91690d007ad978","__v":2,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-09-29T23:44:51.456Z","from_sync":false,"order":6,"slug":"advanced-configurations","title":"Advanced configurations"},"parentDoc":null,"githubsync":"","project":"55db8f8f1a91690d007ad975","user":"56688ec8ee1dbf0d008f62ae","updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-08-03T02:46:55.697Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":6,"body":"In most cases, the IMMUNIO agent will automatically instrument your app to detect all supported threat types.\n\nIf your app uses some features or libraries that Immunio does not yet support, you can still get full protection by calling the Immunio API from your app code to provide any missing information.\n[block:api-header]\n{\n  \"title\": \"Authentication API\"\n}\n[/block]\nIf you're using Spring Security for authentication, Immunio will automatically hook into it to protect you against attacks.\n\nIf you're not using the above framework, you will need to manually tell Immunio when authentication occurs. Use the following methods to do so.\n\nCreate an instance of io.immun.Authentication and call the following methods on it:\n\nAfter a user logs in: authentication.login(...)\nAfter a failed login attempt: authentication.failedLogin(...)\nAfter a user logs out: authentication.logout(...)\nAfter the current user is changed (or set): authentication.setUser(...)\nAfter a user requests a password reset: authentication.passwordReset(...)\nAfter a failed requests for resetting a password: authentication.failedPasswordReset(...)\nNote: authentication.setUser(...) should be called for every request where user data is available, not just when authentication mechanisms are used.\n\nEach method accepts one of the following list of arguments:\n\nString userNameOrEmail\nString userNameOrEmail, String uniqueId\njava.security.Principal.\n\nHere's an example:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"import io.immun.Authentication;\\n// ...\\n\\npublic class LoginController {\\n  private Authentication immunioAuthentication = new Authentication();\\n\\n  public String login(:::at:::RequestParam(\\\"username\\\") String username) {\\n    // ...\\n    immunioAuthentication.login(username);\\n  }\\n}\",\n      \"language\": \"text\",\n      \"name\": \"Java\"\n    }\n  ]\n}\n[/block]","excerpt":"","slug":"java-agent-api","type":"basic","title":"Java Agent API"}
In most cases, the IMMUNIO agent will automatically instrument your app to detect all supported threat types. If your app uses some features or libraries that Immunio does not yet support, you can still get full protection by calling the Immunio API from your app code to provide any missing information. [block:api-header] { "title": "Authentication API" } [/block] If you're using Spring Security for authentication, Immunio will automatically hook into it to protect you against attacks. If you're not using the above framework, you will need to manually tell Immunio when authentication occurs. Use the following methods to do so. Create an instance of io.immun.Authentication and call the following methods on it: After a user logs in: authentication.login(...) After a failed login attempt: authentication.failedLogin(...) After a user logs out: authentication.logout(...) After the current user is changed (or set): authentication.setUser(...) After a user requests a password reset: authentication.passwordReset(...) After a failed requests for resetting a password: authentication.failedPasswordReset(...) Note: authentication.setUser(...) should be called for every request where user data is available, not just when authentication mechanisms are used. Each method accepts one of the following list of arguments: String userNameOrEmail String userNameOrEmail, String uniqueId java.security.Principal. Here's an example: [block:code] { "codes": [ { "code": "import io.immun.Authentication;\n// ...\n\npublic class LoginController {\n private Authentication immunioAuthentication = new Authentication();\n\n public String login(@RequestParam(\"username\") String username) {\n // ...\n immunioAuthentication.login(username);\n }\n}", "language": "text", "name": "Java" } ] } [/block]