This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Spring and the fly likes Spring security: initializing bean after succesful authentication? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring security: initializing bean after succesful authentication?" Watch "Spring security: initializing bean after succesful authentication?" New topic
Author

Spring security: initializing bean after succesful authentication?

Janus Engstrøm
Ranch Hand

Joined: Nov 01, 2006
Posts: 44
Hello all,

New to Spring and Spring Security.

I'm learning by doing (and googling alot!), but I can't find a solution to this problem:

As far as I can see, the chain of event are as follows:

1) UserBean is instantiated by Spring as it's defined as a bean in the web.xml file.
2) The user is presented with my login page
3) User authenticates himself
4) User is redirected to "page1.xhtml" in a secured area if 3) is successful

I would like to do a post-login initialization of the UserBean, as I would like to fetch user info (name, address, etc.) from a database. But I only want this to happen once, since that data of course only should be loaded once, so it should be like 3.5) in the chain of events.

Until now, I'm thinking of these solutions:

1) After login, the user to redirected to a pre-home screen, where the UserBean post-login initialization is handled and then redirected to "page1.xhtml" afterwards.

2) In the "page1.xhtml", I have the following code:

- and then I could do the data base stuff in the getUserName() in UserBean (and handle the one-time-only requirement by a isPostLoginInitialized boolean value)

3) Using the example posted here: http://stackoverflow.com/questions/2579431/spring-security-call-method-after-authentication ... but can't find a jar containing SpringSecurityFilter.


Can anyone help me out here? How to do this? I'm guessing it's a quite ordinary task, so perhaps I've just googled with the incorrect keywords.


Best regards,
Janus
Janus Engstrøm
Ranch Hand

Joined: Nov 01, 2006
Posts: 44
Solved!

Some more browsing took me to this place: http://www.codercorp.com/blog/spring/security-spring/configuring-spring-security.html

Excellent information, just what I was looking for: A way to customize the the User object being used by Spring Security to authorize access to the resources.

A brief walk through:

1) Define a data source:

2) Define bean for the customized UserDetailService:

3) In the spring security xml file, use the customized UserDetailService as the new authentication provider:

4) MyUserDetailsService:

5) And MyUser:



/janus
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Spring security: initializing bean after succesful authentication?
 
Similar Threads
JSF 2.0 Login
forms authentication (j_security_check) with JSF
primefaces command button is not working
!DOCTYPE and function refreshIt() not working together
project file structure for web application (war).