CODEWITHSUNDEEP
grailsspring-security
Bilel Boulifa
Bilel Boulifa

Reputation: 216

Spring security core and catching event in config.groovy

using the spring security core plugin I am trying to catch event so I am using

grails.plugin.springsecurity.useSecurityEventListener = true
grails.plugin.springsecurity.onInteractiveAuthenticationSuccessEvent   = { e, appCtx ->

    def request = org.codehaus.groovy.grails.plugins.springsecurity.SecurityRequestHolder.getRequest()
    def session = request.getSession(false)
    session.myvar=2     
}

but it give me :

2014-06-08 21:49:05,333 [http-bio-8080-exec-6] ERROR [/ammc].[default]  - Servlet.service() for servlet [default] in context with path [/ammc] threw exception
Message: No signature of method: groovy.util.ConfigObject.getRequest() is applicable for argument types: () values: []
    Line | Method
->>  158 | doCall             in Config$_run_closure5
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
|     95 | call               in grails.plugin.springsecurity.SecurityEventListener
|     72 | onApplicationEvent in     ''
|     49 | doFilter           in grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter
|     82 | doFilter . . . . . in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
|   1145 | runWorker          in java.util.concurrent.ThreadPoolExecutor
|    615 | run . . . . . . .  in java.util.concurrent.ThreadPoolExecutor$Worker
^    745 | run                in java.lang.Thread

notice that the line 158 in the config file is exactly the line 

def request = org.codehaus.groovy.grails.plugins.springsecurity.SecurityRequestHolder.getRequest()

which is crazy because I am not invoking groovy.util.ConfigObject.getRequest() in this line

I already tried to clean and compile but nothing change.

and at the same time if I want to catch the failure login event, what event I must catch?

update

I am using grails 2.3.8 and spring-security-core:2.0-RC2

Upvotes: 2

Views: 897

Answers (1)

dosaki
dosaki

Reputation: 113

To answer the question

This may be late but... I believe you mean

def request = grails.plugin.springsecurity.web.SecurityRequestHolder.getRequest()

(note the different package name)

This may not be of much help to @Bilel but it may be to anyone else who happens upon the question.

One a side note:

which is crazy because I am not invoking groovy.util.ConfigObject.getRequest() in this line

When you see weird things like groovy.util.ConfigObject I have come to notice that it usually means a variable in Config does not exist.

Also, on another note:

I don't know if doing it in Config.groovy is an absolute requirement but I believe this gets cleaner if you register a listener.

Here's what I would do:

import org.springframework.context.ApplicationListener
import org.springframework.security.authentication.event. InteractiveAuthenticationSuccessEvent

class MyLoginListener implements ApplicationListener<InteractiveAuthenticationSuccessEvent> {
    void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
        def request = grails.plugin.springsecurity.web.SecurityRequestHolder.getRequest()
        def session = request.getSession(false)
        session.myvar=2
    }
}

and then register it in resources.groovy

beans = {
    myLoginListener(MyLoginListener)
}

You need the following line in Config.groovy, but you may already have it there anyway.

grails.plugin.springsecurity.useSecurityEventListener = true

Upvotes: 2

Related Questions