如何使用 Spring Aspect 记录 SavedRequestAwareAuthenticationSuccessHandler.onAuthenticationSuccess？

Question

当用户使用 Spring Security 成功登录时，我尝试登录。我使用日志方面：

@Aspect
@Component
public class LoggingAspect {
static Logger log = Logger.getLogger(LoggingAspect.class);

@Before("execution(* com.jle.athleges.web.controller.MemberController.*(..))")
public void logBefore(JoinPoint joinPoint) {
    log.info("INFO - logBefore() is running!");
    log.info(joinPoint.getSignature().getName());
}

@AfterReturning(pointcut = "execution(* org.springframework.security.authentication.AuthenticationManager.authenticate(..))", returning = "result")
public void after(JoinPoint joinPoint, Object result) throws Throwable {
    log.info(">>> user: " + ((Authentication) result).getName());
}

@Around("execution(* org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler.onAuthenticationSuccess(..))")
public void onAuthenticationSuccess(){
    log.info(">>> user " + (SecurityContextHolder.getContext().getAuthentication().getName()) + " is now connected");
}
}

方法 after 运行良好，但记录了两次。我尝试使用 onAuthenticationSuccess 但控制台中没有写入任何内容。

我使用Capture successful login with AspectJ and Spring Security 中解释的示例，但它不起作用。

有什么想法吗？

谢谢

Answer 1

我找到了解决办法！

我创建了一个新的 SuccessHandler bean：

public class SecurityAuthenticationSuccessHandler extends
    SimpleUrlAuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
    Authentication authentication) throws IOException, ServletException {

    super.onAuthenticationSuccess(request, response, authentication);
}

}

第二点是将它作为bean添加到配置中并在formLogin中设置：

    @Bean
public SecurityAuthenticationSuccessHandler getSuccessHandler(){
    return new SecurityAuthenticationSuccessHandler();
}

http.authorizeRequests().antMatchers("/*").permitAll().and()
            .formLogin()
            .successHandler(successHandler)
            .permitAll().and().logout().permitAll();