Logging user agent info on login with Spring Security

Question

Hi,

I am using Spring Security with LDAP for an application and I want to log the user-agent when the user logs in. However, I cannot access the request object in the Authorities Populator so I cannot access the user-agent information from there.

I also tried setting the pattern in our logger (log4j) so it would log the user agent by putting in %X{user-agent}, but that didn't work either.

All I want to do is log the user agent information when the user logs in. So if there is a method in Spring's security framework I can override that will have access to the request on login object that would be ideal.

OR

If I can get log4j to record the user agent whenver an entry to the log is made, that would be fine as well.

Answer 1

Extend AuthenticationDetailsSourceImpl:

import javax.servlet.http.HttpServletRequest;
import org.acegisecurity.ui.AuthenticationDetailsSourceImpl;

public class UserAgentAuthenticationDetailsSourceImpl extends  
                               AuthenticationDetailsSourceImpl {

    public Object buildDetails(HttpServletRequest request) {
            String userAgent = request.getHeader("User-Agent");
            return super.buildDetails(request);
    }
}

Set it in the authentication filter:

<bean id="authenticationProcessingFilter"
      class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
    ...
    <property name="authenticationDetailsSource">
        <bean class="UserAgentAuthenticationDetailsSourceImpl"/>
    </property>
</bean>