成功完成JAAS登录后执行代码 [英] Execute code when successful JAAS login is done

问题描述

在成功完成JAAS身份验证后，是否可以使用类似侦听器的东西，以便我可以在那一刻执行代码?

Is there something like a listener that I can use when JAAS authentication is done successfully, so that I can execute code in that moment?

现在我正在将JBoss AS 7与DatabaseLoginModule一起使用.

Right now I'm using JBoss AS 7 with the DatabaseLoginModule.

一种方法是实现扩展DatabaseLoginModule的自定义登录类，但是对于此要求感觉有点过时了.我还不太清楚Java EE应用程序生命周期的某些方面，也许登录完成后会触发应用程序或会话侦听器.

One way would be to implement a custom login class extending DatabaseLoginModule, however it feels like overkill for this requirement. I not completely clear about some aspects of the Java EE application life cycle, maybe an application or session listener is fired when login is done.

实现此目标的最佳方法是什么?

What would be the best way to achieve this?

推荐答案

您在正确的轨道上:只需编写另一个LoginModule并最后将其配置为"required"，这样它就总是可以执行.

You're on the right track: just write another LoginModule and configure it last, as 'required' so it always gets executed.

我试图制作一个实现SessionBindingListener的会话范围的UserBean，希望该用户绑定后就已经登录，但实际上却无法正常工作.尝试在Bean级别上做到这一点很棘手.您还需要组织它，以便用户首次登录时可以到达的每个页面都引用该用户bean，而没有登录就无法访问该页面，并且确定用户是否真正登录也是有问题的. JAAS LoginModules是两者兼有的方法.

I tried making a session-scoped UserBean that implements SessionBindingListener, on the expectation that when bound, that user has just logged in, but it doesn't work quite like that in reality. Trying to do it at the bean level is tricky. You also need to organize it so that that user bean is referenced by every page the user could reach on his first login and by no pages that can be reached without a login, and deciding whether the user really is logged in is problematic as well. JAAS LoginModules are the way to go for both.

这篇关于成功完成JAAS登录后执行代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！