I have an application running in JBoss AS6. Authentication is working using the "FORM" auth method, and the user is logging in correctly.
I would like to be able to call a piece of custom, static code whenever a user successfully logs in.
Unfortunately, I cannot find any listener, or hook, or callback, which will execute code on successful login. The HttpSessionListener does have an event for "sessionCreated", but this is called as soon as a user accesses any page, even if they have not successfully logged in. That means that even viewing the login form triggers the event.
Could anyone point me to some documentation for JBoss AS 6 (or equivalent) which shows how to run custom code at the point when a user first successfully logs in?
Thanks in advance.
You can add a ServletFilter
implementation in front of secured Servlet.
At each invocation, the filter will test a boolean flag notFirstCall
in HttpSession
.
If the flag is not present, the request is the first one after user's login. It can invoke the specified job and then set the flag notFirstCall
to mark the job as done for this session.
The workaround I can think off is having a CustomFormAuthenticator
which extends org.apache.catalina.authenticator.FormAuthenticator
and register it in /server/default/deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml
.
Now in Jboss AS 7 they introduced valve concept where you can register CustomAuthenticator
in jboss-web.xml
iteself.
Something like..
public class CustomFormAuthenticator extends FormAuthenticator {
@override
public boolean authenticate(Request request, Response response, LoginConfig config) throws IOException {
boolean authenticate = super.authenticate(request, response, config);
//here you might need to keep track whether your custom/static code executed once or not,
//just to avoid executing the same code again and again.
if(authenticate) {
int i = CustomSingleton.getInstnce().getExecuteCount();
if(i <= 0) {
//invoke custom code.
//increment the count
CustomSingleton.getInstnce().incrementExecuteCount();
}
}
}
}
Now, need to register this with server
in /server/default/deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml
Add following entry
to authenticators
section.
<entry>
<key>CUSTOM-FORM</key>
<value>full.qaulified.CustomFormAuthenticator</value>
</entry>
Then, in web.xml have CUSTOM-FORM
as auth-method
<login-config>
<auth-method>CUSTOM-FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/login-error.html</form-error-page>
</form-login-config>
<login-config>
Hope this helps..
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With