Access HTTP Session after successful login using "remember_me"?
I am having trouble accessing the HTTP session after a user is successfully authenticated. I would like to add some information to the user's session after they are authenticated for the first time or uses the "remember_me" functionality. This seems like a pretty common use case - what is the best way to do this?
I figured I would try to do this by overriding the AuthenticationProcessingFilter & RememberMeProcessingFilter, but the RememberMe part is giving me trouble.
The code below works fine. My custom information is added to the session...
This code, however, does not add my custom info to the session. Authentication is successful, but my added information is "gone" by the time it displays the resulting page. Almost like it creates a new session after using the rememberMe functionality.Code:public class MyAuthenticationProcessingFilter extends AuthenticationProcessingFilter { AppUserService appUserService; TeamRoleDao teamRoleDao; @Override protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException { // Add my custom information to the session AppUser appUser = appUserService.findByUserName(authResult.getName()); HashSet<TeamRole> teamRoles = new HashSet<TeamRole>(teamRoleDao.findByAppUserId(appUser.getAppUserId())); appUser.setTeamRoles(teamRoles); request.getSession().setAttribute("sesAppUser", appUser); // Continue on with authentication super.onSuccessfulAuthentication(request, response, authResult); } }
Has anyone does this with success?Code:public class MyRememberMeProcessingFilter extends RememberMeProcessingFilter { AppUserService appUserService; TeamRoleDao teamRoleDao; @Override protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) { // Add my custom information to the session // !!! THIS DOESN'T WORK !!! AppUser appUser = appUserService.findByUserName(authResult.getName()); HashSet<TeamRole> teamRoles = new HashSet<TeamRole>(teamRoleDao.findByAppUserId(appUser.getAppUserId())); appUser.setTeamRoles(teamRoles); request.getSession().setAttribute("sesAppUser", appUser); // Continue on with authentication super.onSuccessfulAuthentication(request, response, authResult); } }
