The simplest Spring Security tutorial in history: successful login to SuccessHandler advanced usage

Posted by JUMC_Webmaster on Thu, 25 Jun 2020 13:09:20 +0200


So that is what it is. We are lucky to know how to configure the page that is successfully logon after the login and how to specify the system to jump to an address. Yes, it's so simple. The Spring Security framework helps us do most of the work, but we can use it with a little configuration.

However, the business scenario is so simple. For example, after we log in to a website, wechat, SMS and email may receive such a message / email.

And, like that.

Even, I want to record every login information to database, log file and so on, so as to facilitate subsequent audit and analysis.

In fact, the Spring Security framework can also do these things easily. This is only to remind users after successful login. Then we can work hard on the SuccessHandler after successful login.

public AuthenticationSuccessHandler customAuthenticationSuccessHandler() {
    CustomSavedRequestAwareAuthenticationSuccessHandler customSavedRequestAwareAuthenticationSuccessHandler = new CustomSavedRequestAwareAuthenticationSuccessHandler();
    return customSavedRequestAwareAuthenticationSuccessHandler;


The custom SavedRequestAwareAuthenticationSuccessHandler logic is also very simple. It just sends messages. As for the message content, you can get any information you want, because the parameters include HttpServletRequest and Authentication, which can get the comparison content. It also inherits from SavedRequestAwareAuthenticationSuccessHandler, which naturally owns Request Cache, targetUrl judgment and other features.

public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
    super.onAuthenticationSuccess(request, response, authentication);
​"IP %s,user %s, to %s Successfully logged in to the system.", request.getRemoteHost(), authentication.getName(),;
    try {
        // send emails
        // send message
        // Send wechat
    } catch (Exception ex) {
        this.logger.error(ex.getMessage(), ex);


Of course, it is also possible to send information to other services, such as distributed and microservice components. You only need to inject related instances into this class to send related information.

After the system is started and the login is successful, the console successfully prints the relevant information.

As for the design mode, development principle and other contents, they are not considered in this paper. We do not consider them, and take simplicity as the first essence.

Source code






Reply to the following keywords for more resources


Spring cloud's way to advance | JAVA foundation | microservice | JAVA WEB | JAVA advanced | JAVA interview | MK elaboration




The Milky Way architect has opened the personal WeChat official account, sharing the experience of work and life, filling the pit guide, and understanding the technology. It will be updated earlier than blogs, and welcome subscriptions.


Topics: Java Spring github Database