logout event
Is there some reason that I shouldn't create a LogoutHandler that broadcasts a LogoutEvent? The reason I ask is that it seems like an obvious hook to deal with custom code when a logout happens, instead of writing a custom logout handler.
Here's what I've done:
Code:/* * Created on Sep 13, 2006 * */ package edu.cornell.birds.is.module.security.listener; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.acegisecurity.Authentication; import org.acegisecurity.ui.logout.LogoutHandler; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.beans.BeansException; import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContextAware; import edu.cornell.birds.is.module.security.event.LogoutEvent; /** * This is a logout handler that publishes a LogoutEvent when a logout occurs. * With this handler in place, one need only create a listener to listen for * logout events in order to do some customer processing at logout. * * @author pea1 * */ public class LogoutEventBroadcaster implements LogoutHandler, ApplicationContextAware { private Log log = LogFactory.getLog(LogoutEventBroadcaster.class); private ApplicationContext applicationContext; /** * */ public LogoutEventBroadcaster() { super(); } /* (non-Javadoc) * @see org.acegisecurity.ui.logout.LogoutHandler#logout(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.acegisecurity.Authentication) */ public void logout(HttpServletRequest arg0, HttpServletResponse arg1, Authentication auth) { LogoutEvent event = new LogoutEvent(auth); log.debug("publishing logout event: " + event); applicationContext.publishEvent(event); } /* (non-Javadoc) * @see org.springframework.context.ApplicationContextAware#setApplicationContext(org.springframework.context.ApplicationContext) */ public void setApplicationContext(ApplicationContext applicationContext) throws BeansException { this.applicationContext = applicationContext; } }Code:/* * Created on Sep 13, 2006 * */ package edu.cornell.birds.is.module.security.event; import org.acegisecurity.Authentication; import org.acegisecurity.event.authorization.AbstractAuthorizationEvent; /** * @author pea1 */ public class LogoutEvent extends AbstractAuthorizationEvent { //~ Constructors =================================================================================================== public LogoutEvent(Authentication authentication) { super(authentication); } }Code:<!-- ===================== LOGOUT FILTER ==================== --> <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter"> <constructor-arg value="/" /> <!-- URL redirected to after logout --> <constructor-arg> <list> <ref bean="myLogoutHandler"/> <ref bean="rememberMeServices"/> <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/> </list> </constructor-arg> </bean> <bean id="myLogoutHandler" class="edu.cornell.birds.is.module.security.listener.LogoutEventBroadcaster"> </bean>
