You might try to make a custom UserManager that delegates to the default one, and then performs some actions.
Aaron Tavistock wrote: > We've been using J2EE based security for some time now, its working great > for us supporting several hundred users distributed across a handful of > servers. > > Heres my issue - I have a set of things that happen on every page, a portion > of which is looking for a 'new' login which then launches a series of things > including doing database lookups, dropping stuff in the session, etc. > > Its occured to me that it would be significantly more effective if this was > chained off the J2EE authentication, instead of checking on each page. I > started looking into it and it looks like 1) its not part of the spec and 2) > Orion has no specific implementation. The current implementation of J2EE > security is so completely handled by the container that theres no way to get > something in there. > > I then started going down the question of 'what is J2EE security except a > filter?', so I could potentially chain a filter through there? It doesn't > solve the problem because it still happens on each page hit. > > Anyone have any ideas on the best way to do 'postprocessing' when the user > is authenticated? >