Spring Security - Authentication's username is null in AuthenticationSuccessHandler

I have a Customer class which has all the account info.(it does NOT extend Spring's userdetails.User class) I'm trying to do some stuff after a successful login (e.g. set new last login time). To achieve this I set up a custom AuthenticationSuccessHandler.

In the onAuthenticationSuccess method I try to get the username from the Authentication object. This object however is a User object. If I try to get the username from it I get null. Can I somehow manage to make the Authority object a Customer object? Or does my Customer class have to extend the User class?

Update

Some more details:

I have my User class. It is completely self written and doesn't implement or extend any interface/class. I do not have a class that implements a UserDetailsService. The <form-login> part of my applicationContext-security.xml looks like this:

<form-login login-page="/index.htm"
                authentication-success-handler-ref='authSuccHandler'
                authentication-failure-handler-ref='authFailureHandler'
                default-target-url='/library/login.htm'
                always-use-default-target='true'/>

Theh authSuccHandler looks like this: (The necessary bean definition is in place)

public class PostSuccessfulAuthenticationHandler extends  SimpleUrlAuthenticationSuccessHandler 
{
@Autowired
private UserService userService;

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
        Authentication authentication) throws ServletException, IOException 
        {
            userService.trackUserLogin(authentication.getName()); //NullPointerException
            super.onAuthenticationSuccess(request, response, authentication);
        }
}

The form redirects to j_spring_security_check

Answers


I think the method you are looking for is getPrincipal on Authentication. Then you have to case the object that comes back to your custom class.

User user = (User)authentication.getPrincipal();

Authentication cannot be User, since they don't inherit each other.

If your UserDetailsService produces a custom UserDetails, you should be able to obtain it by calling getDetails() on Authentication.


When the request comes into the authentication success handler, it expects you to redirect to the desired url. Use the following to redirect to the desired page like "home.htm". This will work definitely! The modified code is given below. Check it and let me know if you have any issues.

 public class PostSuccessfulAuthenticationHandler extends  SimpleUrlAuthenticationSuccessHandler 
  {
        @Autowired
        private UserService userService;

        @Override
        public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
    Authentication authentication) throws ServletException, IOException 
    {
        userService.trackUserLogin(authentication.getName()); //NullPointerException
        response.sendRedirect("home.htm");
        //super.onAuthenticationSuccess(request, response, authentication);
    }

}


Need Your Help

Adapt UI to changes on label size

.net vb.net winforms user-interface text

I'm trying to adapt the UI of an app so that it works well with any translation. As expected, many of the labels change size considerably with each respective translation. Most of the labels have a

Making an HTTPS connection using URL.openConnection()

java android https bouncycastle keystore

I'm trying to make an HTTPS connection to a server that has a certificate set to expire in April 2013 and uses GlobalSign as the root certificate.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.