Java 未在Spring Security中捕获AuthenticationSuccessEvent
Hi已创建自定义ApplicationEvent侦听器,用于在用户登录或注销时侦听身份验证事件。但是我的侦听器只捕捉到Java 未在Spring Security中捕获AuthenticationSuccessEvent,java,spring,spring-mvc,spring-security,Java,Spring,Spring Mvc,Spring Security,Hi已创建自定义ApplicationEvent侦听器,用于在用户登录或注销时侦听身份验证事件。但是我的侦听器只捕捉到ServletRequestHandledEvent。我想不出这个问题 这是我的听众课 @Component public class MyApplicationEventListener implements ApplicationListener<ApplicationEvent>{ @Override public void onAppl
ServletRequestHandledEvent
。我想不出这个问题
这是我的听众课
@Component
public class MyApplicationEventListener implements ApplicationListener<ApplicationEvent>{
@Override
public void onApplicationEvent(final ApplicationEvent appEvent) {
System.out.println(appEvent);
if (appEvent instanceof AuthenticationSuccessEvent) {
final AuthenticationSuccessEvent event = (AuthenticationSuccessEvent) appEvent;
final String sessionId = ((WebAuthenticationDetails) event.getAuthentication().getDetails()).getSessionId();
RACache.MODULE_QUERY_MAP.put(sessionId, new HashMap<String, Set<String>>());
} else if (appEvent instanceof SessionDestroyedEvent) {
final SessionDestroyedEvent event = (SessionDestroyedEvent) appEvent;
final String sessionId = event.getId();
RACache.MODULE_QUERY_MAP.remove(sessionId);
}if (appEvent instanceof InteractiveAuthenticationSuccessEvent) {
final AuthenticationSuccessEvent event = (AuthenticationSuccessEvent) appEvent;
final String sessionId = ((WebAuthenticationDetails) event.getAuthentication().getDetails()).getSessionId();
RACache.MODULE_QUERY_MAP.put(sessionId, new HashMap<String, Set<String>>());
}
}
}
@组件
公共类MyApplicationEventListener实现ApplicationListener{
@凌驾
ApplicationEvent上的公共无效(最终ApplicationEvent上诉){
系统输出打印项次(上诉);
if(appEvent instanceof AuthenticationSuccessEvent){
最终AuthenticationSuccessEvent事件=(AuthenticationSuccessEvent)appEvent;
最后一个字符串sessionId=((WebAuthenticationDetails)event.getAuthentication().getDetails()).getSessionId();
模块查询映射put(sessionId,newhashmap());
}else if(SessionDestroyedEvent的出现实例){
最终SessionDestroyedEvent事件=(SessionDestroyedEvent)appEvent;
最后一个字符串sessionId=event.getId();
RACache.MODULE\u QUERY\u MAP.remove(sessionId);
}if(出现InteractiveAuthenticationSuccessEvent的实例){
最终AuthenticationSuccessEvent事件=(AuthenticationSuccessEvent)appEvent;
最后一个字符串sessionId=((WebAuthenticationDetails)event.getAuthentication().getDetails()).getSessionId();
模块查询映射put(sessionId,newhashmap());
}
}
}
下面是我的spring配置xml文件
<http use-expressions="true" authentication-manager-ref="authenticationManager">
....
</http>
<beans:bean id="authenticationManager"
class="org.springframework.security.authentication.ProviderManager">
<beans:property name="authenticationEventPublisher" ref="defaultAuthEventPublisher"/>
<beans:property name="providers">
<beans:list>
<beans:ref bean="authenticationProvider" />
<beans:ref bean="anonymousProvider" />
</beans:list>
</beans:property>
</beans:bean>
<beans:bean id="anonymousProvider" class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
<beans:property name="key" value="RAC" />
</beans:bean>
<beans:bean id="authenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="passwordEncoder" ref="encoder" />
<beans:property name="userDetailsService" ref="userService" />
</beans:bean>
<beans:bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
</beans:bean>
<jdbc-user-service id="userService"
data-source-ref="dataSource"
users-by-username-query="select username,password,enabled from userinfo where username=?;"
authorities-by-username-query="select username, role_name from user_roles where username =?;" />
....
我还在web.xml中添加了以下内容
<listener>
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
org.springframework.security.web.session.HttpSessionEventPublisher
您可以扩展AbstractAuthenticationProcessingFilter
类并重写以下方法。成功身份验证(HttpServletRequest请求、HttpServletResponse响应、FilterChain链、身份验证)您可以扩展AbstractAuthenticationProcessingFilter
类并重写以下方法。成功身份验证(HttpServletRequest请求、HttpServletResponse响应、FilterChain链、身份验证)