1

I need to handle user's request any time when he trying to load some page. At this listener i need to make some special checks, and, in result, close or not close user's session. How i should implement this? Looks like a common task, but i'm pretty new to spring and spring security.

Tomasz Nurkiewicz
  • 334,321
  • 69
  • 703
  • 674
Nikolay
  • 81
  • 1
  • 7
  • 1
    What kind of checks? Maybe a servlet filter is enough? – Tomasz Nurkiewicz Dec 01 '12 at 11:26
  • Checks with database. In other words, i need to implement some my code which should be executed any time user is trying to make some action. Now I'm trying to do this with custom class extends WebContentInterceptor and insert check at preHandle method. But it doesn't works. – Nikolay Dec 01 '12 at 11:51

3 Answers3

2

I think of a listener as something that observes behaviour but doesn't affect behaviour. Since you mention closing the user's session, this is definitely affecting the user. Therefore, I think you are talking about an interceptor/filter rather than listener.

Spring provides a good interceptor framework for something like this.

However, since you are talking about sessions, this is the domain of spring security. Looks like there is another way to handle session management here: Is it possible to invalidate a spring security session?

Community
  • 1
  • 1
Solubris
  • 3,603
  • 2
  • 22
  • 37
2

Like Lithium said, a filter would supposedly be appropiate to handle the given task. Spring Security uses it's own filter chain (link points to 3.1.x docs), to which you can add your own filters - be careful about the positioning of your filter in the chain, here are some notes on ordering.

Depending on your requirements, such a filter could for example redirect the user to another page than the requested one one stop executing the filter chain - again: positioning in the filter chain is vital.

Pao
  • 843
  • 5
  • 17
0

I think you should try interceptor. Little more details:

  • Create HandlerInterceptor class
public class RequestInitializeInterceptor implements HandlerInterceptor {

  @Override
  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //Code to perform database checks
  }
}
  • Define interceptor in servlet-context.xml (ApplicationContext for Servlet) file
<mvc:interceptors>
    <mvc:interceptor>   
      <!-- Update path as per you requirement --!> 
      <mvc:mapping path="/**"/>  
         <bean class="com.abc.web.support.RequestInitializeInterceptor" />
    </mvc:interceptor>
</mvc:interceptors>
Ketan
  • 982
  • 1
  • 8
  • 16