Hi Tauren, > How do I best go about finding and saving the last accessed date? Are > all of the following statements accurate? > > * SessionListener.onStart() happens when a session starts, but it > doesn't yet know WHO started that session. So it really doesn't help > me.
Correct - that just lets you know that a session has been started, but a user isn't associated at that point. > * SessionListener.onStop() and onExpiration() could be used to save > the last accessed time to the Member's table. Correct, this is probably the best approach since you can call session.getLastAccessTime during one of those methods. This sounds like the best approach. > * AuthenticationListener.onSuccess() could be used to save the time a > user authenticates, but this doesn't help for rememberme logins. Correct - AuthenticationListeners are only triggered on authentication. RememberMe isn't valid authentication. > * AuthenticationListener.onLogout() could be used to save the time a > user logs out, but won't help for sessions that time out. Correct. > * Should there be a SessionListener.onUserAssociated() method? Les > suggested I add a Jira for this, but that was long ago. Is there an > alternative solution now, or does this still make sense to add? I think it might be better to represent this in the form of a SubjectListener: https://issues.apache.org/jira/browse/SHIRO-286 Please vote for it if you'd like it implemented sooner rather than later (While I can't speak for other Shiro devs, I personally pay attention to the vote count as an indicator of community need). HTH, -- Les Hazlewood CTO, Katasoft | http://www.katasoft.com | 888.391.5282 twitter: http://twitter.com/lhazlewood katasoft blog: http://www.katasoft.com/blogs/lhazlewood personal blog: http://leshazlewood.com
