Just a thought. Have you looked into using AOP to accomplish this? Writing an aspect for the appropriate methods should do the trick. (And before you ask, no I have not done this.)
Since Portal uses JAAS based authentication, you could also integrate a custom Tomcat Valve and monitor a user's authenticated session.
Tomcat Valve would hook in from your web app's context.xml
My first thought is that I like the idea of the custom valve for Tomcat. I'll take a look at it.
I was thinking of the AOP approach but I'm not familiar with how that would be hooked in to the portal.
Thanks for the ideas
I've written a simple valve but have a problem
I've deployed the jar file containing the class to
and I've added a valve entry in the server.xml
However I'm getting the following error
19:01:12,750 ERROR [Digester] Begin event threw exception
java.lang.ClassNotFoundException: No ClassLoaders found for: com.fooco.util.security.valves.UserLoggerValve
It seems logical to deploy the jar file in the tomcat sar directory... can't think of where else it might need to be. Could it be a question of compiler compatability? I am compiling under JDK 5.0.
Hmmm...that beats me. The class should be found if its properly installed inside a jar in the tomcat sar file.
As an alternative, you dont have to integrate the Valve inside of core tomcat. You can integrate a Valve within the context of just your web application.
See this for details on how this can be setup:
But still, the ClassNotFound is a mystery if the jar is copied into the tomcat sar file. This should work and has worked several times in the past for me