SEC-1534: Want BasicAuthenticationFilter to throw InteractiveAuthenticationSuccessEvent #1775

spring-issuemaster opened this Issue Aug 10, 2010 · 3 comments

1 participant


Hatanaka, Akihiro (Migrated from SEC-1534) said:

I use Spring Security 3.0.4 and our system uses several Authentication Filters.

When a user log-in, UserPasswordAuthenticationFilter and OpenIDAuthenticationFilter, RememberMeAuthenticationFilter throws InteractiveAuthenticationSuccessEvent.

However, BasicAuthenticationFilter does not throw InteractiveAuthenticationSuccessEvent.

I'd like BasicAuthenticationFilter to throw InteractiveAuthenticationSuccessEvent.

There is another option using AuthenticationSuccessEvent.
However AuthenticationSuccessEvent does not have generatedBy property, and is not thrown on OpenID and RememberMe login.


Luke Taylor said:

I think the main reason for the different behaviour is that basic authentication is not necessarily "interactive" in the sense that it is often used with web services etc. Is there some specific reason why you need this rather than being able to use the AuthenticationSuccessEvent published by the AuthenticationManager?


Luke Taylor said:

No response - closing.


Hatanaka, Akihiro said:

I'm sorry for late response.

My system uses some authentication systems(including Basic, OpenID, Form) and I want to detect which system does user uses for authentication.

AuthenticationSuccessEvent does not have information like InteractiveAuthenticationSuccessEvent's generatedBy property, so I want to use InteractiveAuthenticationSuccessEvent.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.M1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment