cgray1223
asked on
Spring Security Auto Authenticate User
Hello,
I have a security flow where I'm receiving an xml that I need to verify. If it passes that logic then I do a select on my users table (UserDetail implementation) if they exist I can log them in using the below, but if they don't exists I need to Auto Authenticate them. Would I just do an insert into the users table in my super.getAuthenticationMan ager().aut henticate method and return the newly created UserDetails object?
public class XMLAuthenticationFilter extends AbstractAuthenticationProc essingFilt er{
public XMLAuthenticationFilter() {
super("/xml_security_check ");
}
@Override
public Authentication attemptAuthentication(Http ServletReq uest request,
HttpServletResponse response) throws AuthenticationException,
IOException, ServletException {
GrantedAuthority[] grantedAuthorities = new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE _USER")};
UsernamePasswordAuthentica tionToken token = new UsernamePasswordAuthentica tionToken( "username" , "userpwd", grantedAuthorities);
request.getSession();
token.setDetails(new WebAuthenticationDetails(r equest));
Authentication authenticatedUser = super.getAuthenticationMan ager().aut henticate( token);
SecurityContextHolder.getC ontext().s etAuthenti cation(aut henticated User);
request.getSession().setAt tribute(Ht tpSessionS ecurityCon textReposi tory.SPRIN G_SECURITY _CONTEXT_K EY, SecurityContextHolder.getC ontext());
return authenticatedUser;
}
}
I have a security flow where I'm receiving an xml that I need to verify. If it passes that logic then I do a select on my users table (UserDetail implementation) if they exist I can log them in using the below, but if they don't exists I need to Auto Authenticate them. Would I just do an insert into the users table in my super.getAuthenticationMan
public class XMLAuthenticationFilter extends AbstractAuthenticationProc
public XMLAuthenticationFilter() {
super("/xml_security_check
}
@Override
public Authentication attemptAuthentication(Http
HttpServletResponse response) throws AuthenticationException,
IOException, ServletException {
GrantedAuthority[] grantedAuthorities = new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE
UsernamePasswordAuthentica
request.getSession();
token.setDetails(new WebAuthenticationDetails(r
Authentication authenticatedUser = super.getAuthenticationMan
SecurityContextHolder.getC
request.getSession().setAt
return authenticatedUser;
}
}
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
I think you need this only ...
http://www.javabeat.net/tips/68-how-to-read-xml-file-and-inject-bean-referenc.html
http://www.javabeat.net/tips/68-how-to-read-xml-file-and-inject-bean-referenc.html
How to get the xml file from other site?
ASKER
They are doing a HTTP POST with the data to my Filter url path, well that is the plan.
then that link will help full for you ..
ASKER
The link you sent explains how to parse the xml into an object from a file, but what I really don't understand is how to retrieve the xml off the HttpRequest coming into the filter.
hmm then you need web services call for that
ASKER
Ok...so the web service gets the xml and then calls the filter? How would the webservice call the filter and pass the data? Just thinking out loud....
that is some what big topic...
wait some other experts will give some better suggestion than me....(as per i know web services gd)
ASKER