Andy, I checked both the logs and the database and neither showed evidence of the postAuthenticate() method actually being called. Here is my custom handler:
public class CustomAuthenticationHandler extends QueryDatabaseAuthenticationHandler { Logger LOGGER = LoggerFactory.getLogger(CustomAuthenticationHandler.class); private final String sql; private final String fieldPassword; private final String fieldExpired; private final String fieldDisabled; private final Map<String, Object> principalAttributeMap; public CustomAuthenticationHandler(final String name, final ServicesManager servicesManager, final PrincipalFactory principalFactory, final Integer order, final DataSource dataSource, final String sql, final String fieldPassword, final String fieldExpired, final String fieldDisabled, final Map<String, Object> attributes) { super(name, servicesManager, principalFactory, order, dataSource, sql, fieldPassword, fieldExpired, fieldDisabled, attributes); this.sql = sql; this.fieldPassword = fieldPassword; this.fieldExpired = fieldExpired; this.fieldDisabled = fieldDisabled; this.principalAttributeMap = attributes; if (StringUtils.isBlank(this.fieldPassword)) { LOGGER.warn("When the password field is left undefined, CAS will skip comparing database and user passwords for equality " + ", (specially if the query results do not contain the password field)," + "and will instead only rely on a successful query execution with returned results in order to verify credentials"); } } @Override public AuthenticationHandlerExecutionResult postAuthenticate(Credential credential, AuthenticationHandlerExecutionResult result) { LOGGER.debug("==================================================INSIDE POSTAUTHENTICATE=================================================="); Integer updateResult = updateLastLogin((UsernamePasswordCredential) credential); if(updateResult != 1) LOGGER.debug("==================================================BAD UPDATE=================================================="); else LOGGER.debug("==================================================GOOD UPDATE=================================================="); return super.postAuthenticate(credential, result); } private Integer updateLastLogin(final UsernamePasswordCredential credential) { LOGGER.info("INSIDE updateLastLogin"); return getJdbcTemplate().update("update user_table set last_login = NOW() WHERE username = '" + credential.getUsername() + "';"); } } As previously mentioned, the handler itself seems to be getting picked up successfully since I'm seeing these messages in the logs: cas_1 | 2019-11-26 17:09:29,675 TRACE [org.apereo.cas.authentication.DefaultAuthenticationBuilder] - <Recording authentication handler result success under key [CustomAuthenticationHandler]> cas_1 | 2019-11-26 17:09:29,675 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication handler [CustomAuthenticationHandler] successfully authenticated [UsernamePasswordCredential(username=myusername, source=null, customFields={})]> Thanks again! On Monday, November 25, 2019 at 5:27:41 PM UTC-8, Andy Ng wrote: > > Hi Bobby, > > > the *postAuthenticate() *method does not seem to be getting called at > all > How did you verified that postAuthenticate does not get called? Did you > use some logs or you just try executing some post JDBC query and they > didn't get called? > > Have you used the keyword *@Override* to make sure your function did > override the parent function? > > Also, mind if you share your custom authentication handler with us (only > the part that are related is ok)? > > I haven't used the postAuthenticate() function myself before, but looking > at the source code it seems very likely that postAuthenticate should be > called when authenticate happens... > > See that there are one of the Official AuthenticationHandler (i.e. > TokenAuthenticaiontHandler) uses postAuthenticate here, didn't seems: > > > https://github.com/apereo/cas/blob/v6.1.2/support/cas-server-support-token-authentication/src/main/java/org/apereo/cas/token/authentication/TokenAuthenticationHandler.java#L71 > > Also, postAuthentate logic is here: > > > https://github.com/apereo/cas/blob/v6.1.2/core/cas-server-core-authentication-api/src/main/java/org/apereo/cas/authentication/handler/support/AbstractPreAndPostProcessingAuthenticationHandler.java#L43 > > See if the above helps! > > Cheers! > - Andy > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/893ddebb-4de1-48d1-bb92-b2629bbcc99d%40apereo.org.