Add a custom Spring Security filter/handler

What I am trying to do is to write a log to the database when a user logout and we are using Spring Security 2.x + CAS. So I guess the best place to implement this will be along the Spring Security filter.

http://static.springsource.org/spring-security/site/docs/2.0.x/reference/ns-config.html#ns-custom-filters

We can replace a filter by extending org.springframework.security.ui.SpringSecurityFilter and add that into the filter chain





But instead of extending the filter a better way is to add a handler to the default logout filter.










public class LogLogoutHandler implements LogoutHandler{
public void logout(HttpServletRequest arg0, HttpServletResponse arg1, Authentication arg2) {
// Log info to DB
}
}


Sidenote: if you are using sec:custom-filter, make sure you do not have any reference to the same namespace which will cause a conflict. (i.e. you cannot do sec:logout if you are using a custom logout filter)

Comments (2)

Hey, It really is incredibly fantastic and informative website. Good to discover your site Very well article! I’m simply in love with it.
-----------------------
Outdoor security cameras

Interesting Article

Spring online training Spring online training Spring Hibernate online training
Spring Hibernate online training


spring training in chennai
spring hibernate training in chennai

Post a Comment