I'd like to track when users are logging in to my application. I have some code that I would like to execute right after the user is authenticated. The problem is, I can't figure out where this should be called. Does spring-security have a way to call a method after authentication?
A:
Just write your own SpringSecurityFilter and add it to the filter chain right after your authentication provider is called.
package my.code;
public class AuditFilter extends SpringSecurityFilter {
public void doFilterHttp(...) throws ... {
{application code to run before request is processed}
chain.doFilter(...);
{application code to run after request has fully processed}
}
}
Then in your configuration XML (wherever you setup the Security Filter chain) add a line like this:
<bean id="auditFilter" class="my.code.AuditFilter>
<security:custom-filter position="LAST"/> <-- you can change the position
</bean>
Gandalf
2010-04-05 18:36:37