Search:

thank you, I can get the SecurityContext out of the session via calling getAttribute("SPRING_SECURITY_CONTEXT"). Then I can access my custom userdetails object, too.

Thank you for your help

OK this works, but I need the Authentication object of the current SecurityContext, which seems to be null already, when the sessionDestroyed method is called. I hope there is a way for this?

Hi,

is there a way of executing additional code when a page has been requested, but the session has timed out?
I have configured my application to redirect the user to the login page using the...

Well, then I will have to put all my methods back into one controller class (I've separated them into 2 groups, requests which require authentication, requests which do not require authentication;...

Thank you for your corrections.



I do this because I want initial values to be displayed in the form. All input fields are not empty when showing the page. I don't think this is wrong then,...

Hi,

I need to understand the function of @ModelAttribute annotation, but it's quite difficult for me.
I have a form where the user can enter address + password (to store these, I have a class...

thank you for the link, i'll take the first method now, seems to work good. one last question: can i reuse ModelAndView objects? i.e. i create an instance for a page at controller initialisation and...

OK i have made a test now comparing both calls (via SecurityContext and via getUserPrincipal) and i figured out that there is everything ok ;)
i think the problem is, that i have a reference in my...

ah ok it runs on tomcat 7.0.6.


you mean i should not change such an object during runtime?


i don't have a custom authentication manager, login authentication is completely done by spring....

what is a servlet container?

spring is version 3.0.5
spring security is version 3.0.4

thank you already for your help; i'll post the code below. i do not use the setAuthentication method, everything is managed by spring except that i have written a custom userdetails and...

well i think the problem is i want to display the name of the currently logged in user in my jsp files. therefore i use the SecurityContextHolder.getContext().getAuthentication().getPrincipal()...

Hi,

I am currently searching a solution how i can handle multiple users who are logged in to my app simultanously. The problem is, if I log in as let's say "bob", the object in the securitycontext...

Hey,

when I want to access a secured page of my application (via entering direct URL into the browser), Spring Security displays my login page and, after successful login, the page I have...

why should the frames be public? they should be visible only when logged in. now i've written a controller which returns the view when a GET-request for the frames is done, but it does not work, the...

Hi all,

I am completely new to Spring and Spring Security, but I have to learn it for my bachelor thesis.
So far I have created a simple login application with a custom login page. When login is...