File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Spring and the fly likes Autologin to site upon registering using spring security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Autologin to site upon registering using spring security" Watch "Autologin to site upon registering using spring security" New topic

Autologin to site upon registering using spring security

kuldeep sidhu

Joined: Jan 07, 2014
Posts: 15
How can we achieve auto-login upon registering using spring-security.?
In my application i am having register page at /users/new.
Upon successful registration, i am redirecting the user to new page /users/username which will display user details.

Using the following interceptor pattern

In above scenario it again asks for login. But i dont want that login. I should directly login the user upon successful registeration.

Please suggest.
Jayesh A Lalwani

Joined: Jan 17, 2008
Posts: 2271

You should store the authentication object in the session. By default, if you put an Authentication in the SecurityContextHolder, Spring will put the authentication object in the session. Next time, the user comes to the website, it will load it from the session. ALso, by default loggiing in stores the authentication in the session, so you don;t have to do anything in the login page yourself. In your case, if you registration page puts the authentication object in the SecurityContextHolder, you might be good to go.

If you want to remember the user beyond the http session, you have to enable Remember-Me authentication. Basically, you have to put the cookie on the user's browser that persists beyond the HTTP session, and link that cookie to the user's login. When user comes to your website again with the cookie, you authenticate the user using the cookie rather than username/password. You can enable Remember me using Spring easily. You will have to build something in the backend to persist the remember me cookie in a database.
Raghvendra Pratap Singh

Joined: Jul 26, 2012
Posts: 22

You can try this after successfully completing the registration

Thanks and Regards, Raghvendra Pratap Singh
"Quality means doing it right when no one is looking"
I agree. Here's the link:
subject: Autologin to site upon registering using spring security
Similar Threads
Session getting created twice and session not getting decremented.
Problem with <security:intercept-url pattern=...>
Can we have multiple login forms in spring security?
Avoiding multiple logins from custom authenticationProvider to Third-Party-SOA
"Spring Security Application" Initiated by Apache