Obviously, this recipe is a flexible type of implementation and everyone can modify this recipe given their own set of login scenarios. But one thing is for sure, AOP can establish database connections using Spring JDBC. Moreover, advices can also verify the HTTP request type of an adviced method. In the case of loginSubmit(), both advice methods check first if the incoming transactions are POST ones.

If there is a need to extract the HttpServletRequest, it is not necessary to alter the local parameters of the advices and the concerns. The best way is to use org.springframework.web.context.request.RequestContextHolder to retrieve the HttpServletRequest object and org.springframework.web.context.request.ServletWebRequest for the HttpServleResponse object:

HttpServletRequest req = ((ServletRequestAttributes) 
RequestContextHolder.getRequestAttributes()).getRequest(); 
ServletWebRequest servletWebRequest=new ServletWebRequest(req); 
HttpServletResponse response=servletWebRequest.getResponse();