Listen to tomcat realm authentication events

前端未结

关注

 2  825

I need to know when tomcat accepts a login using realm authentication for a given context. I\'ve been looking at the possible listeners available (ServletContextListener an

相关标签:

2条回答

醉话见心

2021-01-15 00:59

Unfortunately there's no standard/abstract way to hook on it using the Servlet API. You need either to write appserver specific logic or to implement a global Filter which checks the HttpServletRequest#getUserPrincipal() everytime. E.g.:

public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) {
    HttpServletRequest request = (HttpServletRequest) req;
    Principal user = request.getUserPrincipal();
    HttpSession session = request.getSession(false);

    if (user != null && (session == null || session.getAttribute("user") == null)) {
        request.getSession().setAttribute("user", user);

        // First-time login. You can do your intercepting thing here.
    }

    chain.doFilter(req, res);
}

0 讨论(0)

执念已碎

2021-01-15 01:21

If you have access to the server configuration, you might try writing a LifecycleListener (http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/LifecycleListener.html), which are configured with the server (see the tomcat server config docs for your version).

Not sure if it will do the trick or not, but a good place to check.

Good luck.

0 讨论(0)
发布评论:

提交评论
- 加载中...