Two Laptop Bag*
The moose likes Spring and the fly likes Customize logs for access with Spring Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Customize logs for access with Spring Security" Watch "Customize logs for access with Spring Security" New topic
Author

Customize logs for access with Spring Security

Sam Rakshit
Greenhorn

Joined: Jun 22, 2010
Posts: 8
Hi,

We were trying to create access logs for our web application. Currently we are using the Spring Security 3 for authentication & authorization. We were able to get the DEBUG logs entries for all activities in the spring security framework. But, we want to generate logs which would allow us to view LogIn , Logout, Access Denied, entries customized for our needs. Also, we want the Log level to be INFO and not DEBUG for performance reasons. Is there any way we can do that in Spring? I was thinking of adding another Filter which would be invoked by the spring secirity filters after processing the request...But I am not sure if that is possible.

If anyone has already tried something similar, please help us with this.

Thanks
Sam
Peter Mularien
Author
Ranch Hand

Joined: Sep 06, 2007
Posts: 84
Hi Sam,

You probably want to look into hooking into the authentication events published by the framework, which uses the standard Spring ApplicationListener functionality. The Spr Sec framework ships with "LoggerListener", which should provide you with an example of how to use these. Refer to the Javadoc for the relevant classes here.

Best,
Peter


Author, Spring Security 3 (the Book), Packt Publishing, 2010
SCJP, OCP
Nilesh Bharambe
Greenhorn

Joined: Sep 03, 2010
Posts: 1
Hi,

I see using logger listener we can log events such as Authentication Credentials Not Found, Authorization Failure and Authorized . but how can i log logout event?? is there any other way like logger listener.? or do i have to implement custom logout Filter??
please help.

Thanks


Nilin
 
 
subject: Customize logs for access with Spring Security
 
Similar Threads
Problem in integrated spring security with struts 2
Any Suggestions? Sometimes remove() works sometimes it doesn't
Customizing EntityManager injection for multi-tenancy
Security in JSF
Spring 3.0 Framework, CAS and EJB