Setting a cookie upon login in Spring Security 3.0

Question

I need to set a cookie when someone logs in and the JSP page that comes up needs to be able to read that cookie in Javascript and perform an action based on it. The part I'm stuck on is setting a cookie upon login. I'm using Spring 3.0 and Spring Security 3.0.

I've registered a LoginListener:

public class LoginListener implements ApplicationListener {
    public void onApplicationEvent(ApplicationEvent event) {
        if (event instanceof AuthenticationSuccessEvent) {
            somehowGetResponseObject.addCookie(new Cookie(name, value));
        }
    }
}

Ideally I can also get the request object so I can find the contextPath and set that as the cookie path. I'm fine with adding the cookie to a ThreadLocal object and then reading that later when I do have access to a response object, but is there a later time when I would have that access? I'm not so enthusiastic about adding the cookie to a Session and then reading that in the resulting JSP page, but I'll do that if I have to. Can I get access to the HttpSession?

UPDATE: Specifying an authentication-success-handler-ref solved this: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/core-web-filters.html#form-login-flow-handling

Answer 1

Something totally different, why don't you just print that value as if it's a JS variable?

<script>
    var something = '${somebean.someproperty}';
    if (something) {
        performActionWith(something);
    }
</script>