Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Spring Auto Login Intercept URL issue
- @Named
- @Scope("request")
- public class SignUpDetail extends BaseAction{
- @Inject
- private SignUpDetailBean signUpDetailBean;
- @Inject
- private UserManager userManager;
- @Inject @Named("am")
- protected AuthenticationManager authenticationManager;
- public String login(){
- if(signUpDetailBean.getEmail() != null){
- Users currentUser = userManager.getUser(signUpDetailBean.getEmail());
- authenticateUserAndSetSession(currentUser, (HttpServletRequest) FacesUtils.getExternalContext().getRequest());
- return "/registered/home.html";
- }else{
- return "/auth/login.html";
- }
- }
- private void authenticateUserAndSetSession(Users user,
- HttpServletRequest request)
- {
- UserDetails details = userManager.loadUserByUsername(user.getUsername());
- UsernamePasswordAuthenticationToken usernameAndPassword =
- new UsernamePasswordAuthenticationToken(
- user.getUsername(), "pwd", details.getAuthorities());
- // Authenticate, just to be sure
- Authentication auth = authenticationManager.authenticate(usernameAndPassword);
- // Place the new Authentication object in the security context.
- SecurityContextHolder.getContext().setAuthentication(auth);
- }
- <context:annotation-config />
- <context:component-scan base-package="dc" />
- <global-method-security />
- <http security="none" pattern="/javax.faces.resource/**" />
- <http security="none" pattern="/services/rest-api/1.0/**" />
- <http security="none" pattern="/preregistered/*" />
- <http access-denied-page="/auth/denied.html">
- <intercept-url
- pattern="/**/*.xhtml"
- access="ROLE_NONE_GETS_ACCESS" />
- <intercept-url
- pattern="/auth/**"
- access="ROLE_ANONYMOUS,ROLE_USER" />
- <intercept-url
- pattern="/auth/*"
- access="ROLE_ANONYMOUS" />
- <intercept-url
- pattern="/registered/*"
- access="ROLE_USER" />
- <intercept-url
- pattern="/*"
- access="ROLE_ANONYMOUS" />
- <form-login
- login-processing-url="/j_spring_security_check.html"
- login-page="/auth/login.html"
- default-target-url="/registered/home.html"
- authentication-failure-url="/auth/login.html" />
- <logout invalidate-session="true"
- logout-success-url="/"
- logout-url="/auth/logout.html"/>
- <anonymous username="guest" granted-authority="ROLE_ANONYMOUS"/>
- <remember-me user-service-ref="userManager" key="dfdf"/>
- </http>
- <!-- Configure the authentication provider -->
- <authentication-manager alias="am">
- <authentication-provider user-service-ref="userManager">
- <password-encoder ref="passwordEncoder" />
- </authentication-provider>
- </authentication-manager>
Add Comment
Please, Sign In to add comment