• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

Spring security: pass additional parameter when performing login

 
Ranch Hand
Posts: 33
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi.
In my application the first page the user gets is the login form. I handle the login action using spring 2 security. After the successful login user is directed to struts 2 action.
In this struts 2 action I have property which I would like to populate with user input (additional field inside login form).
To be able to populate this property of struts 2 action I need to set request parameter. The problem is that the request is controlled by spring security. I've tried adding input field to login form, but spring doesn't forward its value to struts action.

How can I solve this problem?
 
Pavel Kazlou
Ranch Hand
Posts: 33
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The struts 2 action is bound to successful login using spring security configuration:

 
Pavel Kazlou
Ranch Hand
Posts: 33
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
All right, let's omit struts 2. How can I pass parameter to the request which is made after a successful authentication?
That's almost the same as modifying my configuration:



but myValue is a dynamic value, I can't hardcode it.
 
Pavel Kazlou
Ranch Hand
Posts: 33
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can try the following solution:
1. insert custom filter into spring security filter chain
2. inside this filter obtain http session and store there the value of request parameter

As we change the login form (adding another parameter) we need to customize spring representation of login form and spring login processing filter.
Here is the configuration:



MyAuthenticationProcessingFilter extends spring's org.springframework.security.ui.webapp.AuthenticationProcessingFilter, wraps attemptAuthentication method obtaining request parameter and storing it inside http session. This class is written just to show the idea, for better practice browse AuthenticationProcessingFilter code for username and password parameters.


You may notice that "myFilter" and "entryPoint" beans together define parameters that are otherwise defined by <form-login> element inside <http>. You use <form-login> when you want the default behavior. But in our case we use custom beans, so you should remove <form-login> element completely.
Now we need to tell <http> use our beans. "myFilter" bean is passed to spring chain by using <custom-filter> element inside bean definition:


"entryPoint" is passed to <http> using attribute:


 
Pavel Kazlou
Ranch Hand
Posts: 33
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Pavel, thank you very much for the help, I appreciate it.
 
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Pavel Kazlou wrote:Pavel, thank you very much for the help, I appreciate it.


WTH, you thank yourself for helping out yourself?
 
ranger
Posts: 17347
11
Mac IntelliJ IDE Spring
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Hongli Li wrote:

Pavel Kazlou wrote:Pavel, thank you very much for the help, I appreciate it.


WTH, you thank yourself for helping out yourself?



Exactly, after 9 days he resolved his issue and was nice enough to post it here, so that if anyone else has the same situation, they can find a great answer.

Mark
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Pavel, thanks for your nice work
I do appreciate
 
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you very much for your contribution, I needed to add recaptcha to my spring, struts2, webapp, login form, and this post saved me time and effort. Greetings.
 
These are not the droids you are looking for. Perhaps I can interest you in a tiny ad?
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic