• Space
  • Pages
  • News
  • Labels
  • Attachments
  • Bookmarks
  • Mail
  • Advanced
• Log In
• Sign Up

1. Dashboard
2. > Grails
3. > …
4. > Home
5. > Documentation
6. > User guide
7. > The Plug-in Developers Guide
8. > Contribute a Plugin
9. > AcegiSecurity Plugin
10. > AcegiSecurity Plugin - Acegi Events

• Log In
• Sign Up

AcegiSecurity Plugin - Acegi Events

Added by Burt Beckwith, last edited by Burt Beckwith on Apr 27, 2008

Spring Security fires application events after various security-related actions, such as successful login, unsuccessful login, etc. There are two hierarchies of events, AbstractAuthenticationEvent and AbstractAuthorizationEvent.

There are two main ways of being notified of these events when using the Acegi plugin:

• register an event listener, ignoring events that you're not interested in (Spring doesn't allow selective event subscription - you get called for every application event)
• register one or more callback closures in grails-app/conf/SecurityConfig.groovy that take advantage of SecurityEventListener which does the filtering for you

The first approach involves creating either a Groovy or Java class, e.g.

package com.foo.bar
class MySecurityEventListener implements ApplicationListener {
   /**
    * {@inheritDoc}
    * @see org.springframework.context.ApplicationListener#onApplicationEvent(
    *     org.springframework.context.ApplicationEvent)
    */
   void onApplicationEvent(final ApplicationEvent e) {
      if (e instanceof AbstractAuthenticationEvent) {
         if (e instanceof InteractiveAuthenticationSuccessEvent) {
            // handle InteractiveAuthenticationSuccessEvent
         }
         else if (e instanceof AbstractAuthenticationFailureEvent) {
            // handle AbstractAuthenticationFailureEvent
         }
         else if (e instanceof AuthenticationSuccessEvent) {
            // handle AuthenticationSuccessEvent
         }
         else if (e instanceof AuthenticationSwitchUserEvent) {
            // handle AuthenticationSwitchUserEvent
         }
         else {
            // handle other authentication event
         }
      }
      else if (e instanceof AbstractAuthorizationEvent) {
         // handle authorization event
      }
   }
}

and to use this just register it in resources.groovy:

mySecurityEventListener(com.foo.bar.MySecurityEventListener) {}

Alternatively, you can just register one or more callback closure(s) in grails-app/conf/SecurityConfig.groovy and let SecurityEventListener do all of the work for you, and you can just handle any event you like, e.g.:

security {

   active = true
   onInteractiveAuthenticationSuccessEvent = { e, appCtx ->
      // handle InteractiveAuthenticationSuccessEvent
   }
   onAbstractAuthenticationFailureEvent = { e, appCtx ->
      // handle AbstractAuthenticationFailureEvent
   }
   onAuthenticationSuccessEvent = { e, appCtx ->
      // handle AuthenticationSuccessEvent
   }
   onAuthenticationSwitchUserEvent = { e, appCtx ->
      // handle AuthenticationSwitchUserEvent
   }
   onAuthorizationEvent = { e, appCtx ->
      // handle AuthorizationEvent
   }
}

None of these closures are required; if none are configured, nothing will be called. Just implement the event handlers that you need, e.g.:

security {

   active = true
   onAuthenticationSuccessEvent = { e, appCtx ->
      // handle AuthenticationSuccessEvent
   }
}

Labels

 

(None)

Add Labels
Enter labels to add to this page: Looking for a label? Just start typing.

Powered by a free Atlassian Confluence Open Source Project License granted to The Codehaus. Evaluate Confluence today.

• Powered by Atlassian Confluence 2.8.1, the Enterprise Wiki.
• Bug/feature request –
• Atlassian news –
• Contact administrators