Thanks Anders, The Filters, since I've not used them before, are certainly an excellent way to implement this type of site-wide logging. Thanks very much for the pointers!
-Neal On November 1, 2003 03:25 am, Anders Engstr�m wrote: > On Fri, Oct 31, 2003 at 03:48:09PM -0500, Neal Sanche wrote: > > Hi All, > > > > I'm looking at writing a custom login module to track logins to a > > web application and write the successes and failures to a > > database table. I am wondering if there's currently other ways to > > hook into the authentication process to track these things. > > Here's specifically what I'm thinking of doing: > > > > - Implement a subclass of DatabaseLoginModule and 'augment' some > > of the methods to learn about whether the login was a success or > > not. - Put the login module into a .SAR file (is that even > > possible?) within my .EAR. Or if a .SAR file is not the > > appropriate place, it will go within a .JAR file inside my .EAR. > > > > Is anyone out there tracking logins in a different way? > > If this is a web application only (i.e. no stand-alone client > accessing EJB's etc.) then using a LoginModule is overkill IMO :) > > We use a javax.servlet.Filter for this purpose in our application. > The filter is setup to filter all requests for the application. > > When a http-request is made to the application the filter performs > these steps: > > Check if a "token-object" is bound to the user's HttpSession. If > it's not then check if the user has logged in to the applicaton > (request.getUserPrincipal() != null). If the user is logged in - > create the "token-object" and add it to the HttpSession. > > The "token-object" would be an object that implements the > HttpSessionBindingListener interface and could write to the > database on the valueBound()/valueUnbound() callback methods. > > This is also a nice way to keep track of "extra" login information > (such as full name, email address etc.) when using j2ee declarative > security. > > HTH, Cheers :) > > //Anders ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
