How to inject springSecurityService into custom Listener

Question

I'm using Grails 1.3.7 alogn with SpringSecurity and have a requirement where I need to perform a little processing when a users session expires.

So I have a defined a class in src/groovy which implements HttpSessionListener and overrides the sessionDestroyed method. The listener class is defined as a 'listener' in web.xml.

I have added a 'def springSecurityService' into the listener which I was hoping would automatically inject the service but this doesn't appear to be the case.

So I am wondering what else I need to do in order for the injection to take place, do I have to declare the listener class in resources.groovy somehow?

Thanks,

Dave

Answer 1

In 2.0 and later, you can use plugin spring-security-core:2.0-RC4

Installation in BuildConfig.groovy compile ':spring-security-core:2.0-RC4'

Class MyController {
static allowedMethods = [save: "POST", update: "PUT", delete: "DELETE"]

    def springSecurityService
    def index(Integer max) {
        params.max = Math.min(max ?: 10, 100)
        def user = (User)springSecurityService.currentUser
        respond User.list(params), model: [userInstanceCount: User.count() ]
    }
}  

More information to http://grails-plugins.github.io/grails-spring-security-core/

Hope that's help

Answer 2

The listeners are instantiated by servlet container, and are thus outside of Spring's reach. However, you can get to the application context through servletcontext (available in the session object). Something like this should get you the service:

In 2.0.0 you can use:

public void sessionDestroyed(HttpSessionEvent se) {
    ServletContext context = se.getSession().getServletContext();
    GrailsApplication application = GrailsWebUtil.lookupApplication(context);
    application.getMainContext().getBean("springSecurityService");
}

In previous versions, GrailsWebUtil.lookupApplication() is not available, but you can use org.codehaus.groovy.grails.commons.ApplicationHolder.getApplication() instead.