Add a custom Spring Security filter/handler

Posted by roy | Posted in | Posted on 1:35 AM
What I am trying to do is to write a log to the database when a user logout and we are using Spring Security 2.x + CAS. So I guess the best place to implement this will be along the Spring Security filter.

http://static.springsource.org/spring-security/site/docs/2.0.x/reference/ns-config.html#ns-custom-filters

We can replace a filter by extending org.springframework.security.ui.SpringSecurityFilter and add that into the filter chain





But instead of extending the filter a better way is to add a handler to the default logout filter. 










public class LogLogoutHandler implements LogoutHandler{
     public void logout(HttpServletRequest arg0, HttpServletResponse arg1, Authentication arg2) {
        // Log info to DB
    }
}

Sidenote:  if you are using sec:custom-filter, make sure you do not have any reference to the same namespace which will cause a conflict. (i.e. you cannot do sec:logout if you are using a custom logout filter)

Comments (2)

Unknown Said on March 22, 2016 at 1:31 AM

Hey, It really is incredibly fantastic and informative website. Good to discover your site Very well article! I’m simply in love with it.
-----------------------
Outdoor security cameras

Sankar Said on March 16, 2018 at 7:39 AM

Interesting Article

Spring online training Spring online training Spring Hibernate online training
Spring Hibernate online training


spring training in chennai
spring hibernate training in chennai

Post a Comment

Subscribe to: Post Comments (Atom)