Listen to tomcat realm authentication events

前端未结

关注

 2  853

余生分开走 2021-01-15 00:57

I need to know when tomcat accepts a login using realm authentication for a given context. I\'ve been looking at the possible listeners available (ServletContextListener an

2条回答

醉话见心 (楼主)

2021-01-15 00:59

Unfortunately there's no standard/abstract way to hook on it using the Servlet API. You need either to write appserver specific logic or to implement a global Filter which checks the HttpServletRequest#getUserPrincipal() everytime. E.g.:

public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) {
    HttpServletRequest request = (HttpServletRequest) req;
    Principal user = request.getUserPrincipal();
    HttpSession session = request.getSession(false);

    if (user != null && (session == null || session.getAttribute("user") == null)) {
        request.getSession().setAttribute("user", user);

        // First-time login. You can do your intercepting thing here.
    }

    chain.doFilter(req, res);
}

0 讨论(0)

查看其它2个回答