Skip to content


Subversion checkout URL

You can clone with
Download ZIP
A grails plugin to log spring security events.
Groovy Batchfile
Latest commit 3a38988 @ataylor284 Fixed issue #7 (not working with spring-security-rest).
This plugin overrides the
grails.plugin.springsecurity.useSecurityEventListener setting, of
which the rest plugin changes the behavior.  By forcing the rest
plugin to be loaded after this one, it avoids clobbering those

Spring Security Eventlog Plugin

Build Status

This plugin creates a simple log of spring security events. Each time a user logs in or logs out, a log entry will created, storing the remote address, session id, user name, event name, switched user name, and the time at which the event occurred.

Events are logged to a table named SPRING_SECURITY_EVENT, mapped to a domain object ca.redtoad.eventlog.SpringSecurityEvent.

Each event has the following fields:

  • username - the username entered
  • sessionId - the user's session
  • eventName - the name of the event
  • remoteAddress - the user's IP address
  • switchedUsername - username that is being switched to
  • dateCreated - the event's timestamp

Some of the event names that are captured:

  • AuthenticationFailureBadCredentialsEvent - a bad username or password
  • AuthenticationSuccessEvent - a successful login
  • InteractiveAuthenticationSuccessEvent - a successful login where the user entered his/her username and password
  • AuthenticationSwitchUserEvent - user having ROLE_SWITCH_USER has assumed the identity of a (likely different) user
  • Logout - a user logged out interactively


You can specify your own logger if you would like to override how events get logged. Create a subclass of SpringSecurityEventLogger and add your custom behavior to logAuthenticationEvent. For example:

package mypackage

import ca.redtoad.eventlog.SpringSecurityEventLogger

class CustomEventLogger extends SpringSecurityEventLogger {
    void logAuthenticationEvent(String eventName, Authentication authentication, String remoteAddress, String switchedUsername) {
        println "$eventName! $authentication from $remoteAddress"

In your Config.groovy, tell grails to your own event logger class:

grails.plugin.springsecurity.eventlog.eventLogger = mypackage.CustomEventLogger


  • Changes in spring-security-eventlog 0.4

    • cleaned up plugin (thanks burtbeckwith!)
    • updated build dependencies to latest versions
  • Changes in spring-security-eventlog 0.3

    • added logging of 'switched user name' when a AuthenticationSwitchUserEvent occurs
    • small cleanup of plugin definition
  • Changes in spring-security-eventlog 0.2

    • fix exception on anonymous logout
    • changed logAuthenticationEvent signature to take remoteAddress directly rather than pulling it out of authentication.details
Something went wrong with that request. Please try again.