Retrieving Session ID with Spring Security

Question

For logging purposes, I'd like to create a logger that automatically adds the current session's ID to logged lines.
For logged in users this isn't a problem:

((WebAuthenticationDetails) SecurityContextHolder.getContext().getAuthentication().getDetails())
    .getSessionId()

The problem is, before the user has logged in getAuthentication() returns null. Is there another way for getting the session ID without having a reference to the current response or anything of that sort?

Thanks!

Answer 1

You may use

RequestContextHolder.currentRequestAttributes().getSessionId();

This relies on Spring's RequestContextHolder, so it should be used with Spring MVC's DispatcherServlet or you should have a RequestContextListener declared. Also session will be created if not exists.