DB를 삽입하기위한 인증 필터

Question

나는 SpringSecurity가 가능한 웹 어플리케이션을 구현 중이다. PostgreSQL DB를 사용하여 사용자와 자격 증명을 저장하고 있습니다. 응용 프로그램에 대한 요구 사항은 사용자가 로그인 할 때마다 users 테이블 (특히 last_login 열)을 업데이트하는 것입니다. SuccessAuthentication 메서드가 호출 될 때마다 last_login 열이 업데이트 될 때마다 UsernamePasswordAuthenticationFilter를 확장하는 LoginController를 구현하려고했습니다.

package security; 
//imports 

@Controller 
public class LoginController extends UsernamePasswordAuthenticationFilter { 

@Autowired 
AuthenticationManager authenticationManager; 

public LoginController() { 
    super(); 
    System.out.println("LoginController.LoginController"); 
} 

@Override 
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { 
    super.successfulAuthentication(request, response, chain, authResult); 
    System.out.println("Update DB"); 
} 

}

이 문제가 인 LoginController 필터가 호출되지 것을, 따라서 결코 : 여기

는 인 LoginController 클래스 내 applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" 
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
     xmlns:context="http://www.springframework.org/schema/context" 
     xmlns:beans="http://www.springframework.org/schema/beans" 
     xmlns:jdbc="http://www.springframework.org/schema/jdbc" 
     xsi:schemaLocation=" 
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd 
    http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd 
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd 
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd"> 

<beans:bean class="org.springframework.security.authentication.encoding.ShaPasswordEncoder" id="passwordEncoder"/> 

<beans:bean class="admin.beans.UserBean" id="userBean"/> 

<beans:bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"> 
    <beans:property name="basename" value="messages"/> 
</beans:bean> 

<http use-expressions="true" auto-config="true"> 
    <intercept-url pattern="/login.jsp" access="permitAll"/> 
    <intercept-url pattern="/userAdmin.jsp" access="hasRole('ROLE_ADMIN')"/> 
    <intercept-url pattern="/**" access="hasRole('ROLE_USER')"/> 
    <form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=1"/> 
    <remember-me/> 
    <logout invalidate-session="true" logout-success-url="/" logout-url="/logout"/> 
</http> 

<beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> 
    <beans:property name="driverClassName" value="org.postgresql.Driver"/> 
    <beans:property name="url" value="jdbc:postgresql://xexen:5432/db"/> 
    <beans:property name="username" value="usr"/> 
    <beans:property name="password" value="password"/> 
</beans:bean> 

<authentication-manager alias="authenticationManager"> 
    <authentication-provider user-service-ref="jdbcUserService"> 
     <password-encoder ref="passwordEncoder"> 
      <salt-source ref="saltSource"/> 
     </password-encoder> 
    </authentication-provider> 
</authentication-manager> 

<beans:bean id="jdbcUserService" class="security.CustomJdbcDaoImpl"> 
    <beans:property name="dataSource" ref="dataSource"/> 
    <beans:property name="enableGroups" value="false"/> 
    <beans:property name="enableAuthorities" value="true"/> 
    <beans:property name="usersByUsernameQuery"> 
     <beans:value>select username,password,enabled, salt from users where username = ?</beans:value> 
    </beans:property> 
</beans:bean> 

<beans:bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy"> 
    <filter-chain-map path-type="ant"> 
     <filter-chain pattern="/**" filters=" authenticationFilter"/> 
    </filter-chain-map> 
</beans:bean> 


<beans:bean class="org.springframework.security.authentication.dao.ReflectionSaltSource" id="saltSource"> 
    <beans:property name="userPropertyToUse" value="salt"/> 
</beans:bean> 

<beans:bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/> 

<beans:bean id="authenticationFilter" class="security.LoginController"> 
    <beans:property name="authenticationManager" ref="authenticationManager"/> 
    <beans:property name="filterProcessesUrl" value="/j_spring_security_check"/> 
</beans:bean> 

<context:annotation-config/> 
<context:component-scan base-package="admin"/> 

입니다 데이터베이스에 삽입 나는 구성상의 실수를 저지르고 있다고 확신하지만 구성이 혼란스럽고 혼란 스럽다. 필터/제공자 등을 어디에 설정해야 하는가?

내가 잘못하고있는 것을 누군가 찾을 수 있습니까? 미리 감사드립니다.

Answer 1

성공적인 로그인 후에 처리기를 사용하여 다른 접근 방식을 제안하고자합니다. 보안 XML의
:

<http use-expressions="true" auto-config="true"> 
... 
    <form-login authentication-success-handler-ref="redirectAfterLogin" login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=1"/> 
... 
</http> 

그리고 클래스는 것 같은 뭔가 :

public class RedirectAfterLogin extends SavedRequestAwareAuthenticationSuccessHandler { 
    public void onAuthenticationSuccess(HttpServletRequest request, 
     HttpServletResponse response, Authentication authentication) 
     throws ServletException, IOException { 

     // do what you need here 
    } 
}