Provide callback mechanism during authentication events
Brought to you by:
chris_schultz,
maxcooper
Menu
▾
▴
#22 Provide callback mechanism during authentication events
I've just read this RFE:
[ 670009 ] Application-specific processing on
authentication
http://sourceforge.net/tracker/index.php?func=detail&aid=670009&group_id=59484&atid=491167
However, I've already implemented a simple callback
mechanism to run additional code during authentication
(for adding additional requirements other than
verifying the username and password), and after
authentication (just before the protected resource is
accessed).
The former item is useful for performing additional
checks on a user (such as keeping a failed login count
in the database; a correct username and password may be
entered, but I want authentication to fail if the
failed login count is too high).
The latter item is useful for adding objects to the
session after successful authentication.
This callback feature makes for MUCH cleaner code when
I extend SecurityFilter. You don't want to see the
ugly hacks I was using before (like stubbing out the
FilterChain to capture the request and response objects
when calling super.doFilter()).
Patches for v1.1 and cvs-head are attached.
Implements authentication callback mechanism for v1.1
Implements authentication callback mechanism for cvs-head
Logged In: YES
user_id=84089
Renamed postAuthenticate() method in SecurityFilterCallback
to postAuthenticateSuccess(). Added new
postAuthenticateFailure() method.
Patches for cvs-head and v1.1 attached.
v2 of implementation for cvs-head
v2 of implementation for v1.1 release