Jul 13th, 2012, 06:40 AM
Getting ServletContext headers in an Authentication event
Ultimately, I need to get the user-agent from the servlet context.
I'm using AuthenticationSuccessEvent and AbstractAuthenticationFailureEvent to handle successful and unsuccessful login attempts. Inside of those handlers I create a new object which contains details about the login attempt. However, in those events I can't seem to get a hold of the servlet context in order to get at the headers. It's always null. The WebAuthenticationDetails object from Authentication.getDetails() doesn't seem to contain any of this information, either.
So: in these event handlers, how can I get a hold of the user-agent?
Jul 13th, 2012, 10:25 AM
You can implement your own AuthenticationDetailsSource which could create an object that contains the necessary information. You can wire it in using form-login@authentication-details-source-ref. Keep in mind this is the information at time of login (it is not updated for every request). You could also access the current information using Spring's RequestContext. If you are accessing it within Spring MVC this is automatically populated. Otherwise you will need to use either RequestContextFilter or RequestContextListener to ensure the RequestContext is populated.
Jul 13th, 2012, 10:32 AM
The event does not contain the ServletContext, this would be weird.