I am trying to record current time of Login(in a method or object) once the Login is successful and assign LastLogin time to current login time at logout. I am using spring security for login, logout. But i don't know how to take control to a method before it goes to the target-URL.
SPRING-SECURITY.XML -
<security:form-login login-page="/login" login-processing-url="/home/currentTime" authentication-failure-url="/login?error=true" default-target-url="/home"/>
<security:logout invalidate-session="true"
logout-success-url="/home/copyLastloginToCurrentLoginTime" logout-url="/logout" />
CONTROLLER - /home -
@RequestMapping(value = "/currentTime", method = RequestMethod.GET)
public void recordCurrentLoginTime(Model model) { //code to record current time }
@RequestMapping(value = "/copyLastloginToCurrentLoginTime", method = RequestMethod.GET)
public void changeLastLoginTime(Model model) {//code to copy current to last time }
PROBLEM -
I get Error 404 for - project-title/j_spring_security_check URL. and when i try to debug, it doesn't come into the controller methods at all. Should i use some filters or something else for this purpose?
I have seen SpringSecurity : always redirect logged in users to a page and How to process a form login using Spring Security / Spring MVC. But couldn't achieve my target.
I am new to spring security and i need some help to move in right direction.
Write your own AuthenticationSuccessHandler and LogoutSuccessHandler.
Example :
spring-security.xml :
<security:form-login login-page="/login"
login-processing-url="/login_check"
authentication-failure-url="/login?error=true"
authentication-success-handler-ref="myAuthenticationSuccessHandler"
/>
<security:logout
logout-url="/logout"
success-handler-ref="myLogoutSuccessHandler"
/>
AuthenticationSuccessHandler
@Component
public class MyAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
@Autowired
private UserService userService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
// changeLastLoginTime(username)
userService.changeLastLoginTime(authentication.getName());
setDefaultTargetUrl("/home");
super.onAuthenticationSuccess(request, response, authentication);
}
}
LogoutSuccessHandler
@Component
public class MyLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
@Override
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
if (authentication != null) {
// do something
}
setDefaultTargetUrl("/login");
super.onLogoutSuccess(request, response, authentication);
}
}
You can map a default-target-url in your mapping like
<security:form-login login-page="/login"
login-processing-url="/login_check"
authentication-failure-url="/login?error=true"
default-target-url = "/welcome"
authentication-success-handler-ref="myAuthenticationSuccessHandler"/>
When the user is authenticated it is the time when user accessed your system. Make a update through DAO in the user table with current date and time.
Simple process and you are done
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 走好不送 的文章《how to get redirected to a method at login/logout 》','https://www.manongdao.com/article-109798.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}