A grails plugin to log spring security events.
Groovy Batchfile
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Spring Security Eventlog Plugin

Build Status

This plugin creates a simple log of spring security events. Each time a user logs in or logs out, a log entry will created, storing the remote address, session id, user name, event name, switched user name, and the time at which the event occurred.

Events are logged to a table named SPRING_SECURITY_EVENT, mapped to a domain object ca.redtoad.eventlog.SpringSecurityEvent.

Each event has the following fields:

  • username - the username entered
  • sessionId - the user's session
  • eventName - the name of the event
  • remoteAddress - the user's IP address
  • switchedUsername - username that is being switched to
  • dateCreated - the event's timestamp

Some of the event names that are captured:

  • AuthenticationFailureBadCredentialsEvent - a bad username or password
  • AuthenticationSuccessEvent - a successful login
  • InteractiveAuthenticationSuccessEvent - a successful login where the user entered his/her username and password
  • AuthenticationSwitchUserEvent - user having ROLE_SWITCH_USER has assumed the identity of a (likely different) user
  • Logout - a user logged out interactively


You can specify your own logger if you would like to override how events get logged. Create a subclass of SpringSecurityEventLogger and add your custom behavior to logAuthenticationEvent. For example:

package mypackage

import ca.redtoad.eventlog.SpringSecurityEventLogger
import org.springframework.security.core.Authentication

class CustomEventLogger extends SpringSecurityEventLogger {
    void logAuthenticationEvent(String eventName, Authentication authentication, String remoteAddress, String switchedUsername) {
        println "$eventName! $authentication from $remoteAddress"

In your Config.groovy, tell grails to your own event logger class:

grails.plugin.springsecurity.eventlog.eventLogger = mypackage.CustomEventLogger


  • Changes in spring-security-eventlog 0.4

    • cleaned up plugin (thanks burtbeckwith!)
    • updated build dependencies to latest versions
  • Changes in spring-security-eventlog 0.3

    • added logging of 'switched user name' when a AuthenticationSwitchUserEvent occurs
    • small cleanup of plugin definition
  • Changes in spring-security-eventlog 0.2

    • fix exception on anonymous logout
    • changed logAuthenticationEvent signature to take remoteAddress directly rather than pulling it out of authentication.details