how to redirect in with POST method after registration to login to system

[tango]

hi to all.
im using than spring securiyt.
i make simple example and almostly learn somethings about that.
i have a question that when a user registered to my application need to be login automatically after registration.
so he or she must be authenticated.
i need to redirect he after successful registration to login page, but the problem is i cant redirect he in
http post method and in loginAuthentication related to spring security, the request must be in post method.
so its my registration method

Code:

    @RequestMapping(value = "registeringUser", method = RequestMethod.POST)
    public ModelAndView doUserRegistration(UserInformationPasswordConfirmation userInformationPasswordConfirmation,
                                           BindingResult bindingResult, HttpServletResponse httpServletResponse) {
        registrationValidation.validate(userInformationPasswordConfirmation, bindingResult);
        if (bindingResult.hasErrors()) {
            return new ModelAndView("userRegistration", "userInformationPasswordConfirmation",
                    userInformationPasswordConfirmation);
        } else {
            userService.saveUser(userInformationPasswordConfirmation.getUserInformation());
            return new ModelAndView("redirect:/authenticateUser?userName=" + userInformationPasswordConfirmation
                    .getUserInformation().getUserName() + "&password=" + userInformationPasswordConfirmation
                    .getUserInformation().getPassword());
        }
    }

same as you see at above code i redirect user to authenticatnig and logining in to system but the log said to me
the request is in get mod

Code:

70691 [http-8080-exec-10] DEBUG org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: Authentication method not supported: GET

and user not bo logined to system after registration.
so how can i change my redirection to another shape to redirecting in post mode?

Code:

"redirect:/authenticateUser?userName="  . . .

[Luke Taylor]

You can't, and there is no point, since the server is supplying the authentication details at that point. Sending them via the user's browser serves no purpose. Just authenticate the user directly instead of redirecting to the authentication processing controller.

If you are redirecting to a login page (not the authentication processing URL), then you don't need to use POST, and you should expect the user to enter the password - don't add it to a URL.

[tango]

so many thanks luck.
but let me know that what is your means of

Just authenticate the user directly instead of redirecting to the authentication processing controller.

your mean is manually adding userinformation(authentication) to SecurityContextHolder or session or something like as this?

[Rob Winch]

Yes call SecurityContextHolder.getContext().setAuthenticati on(). Ensure that the SecurityContextPersistenceFilter is invoked on the URL that you do this (i.e. ensure you do NOT use filters=none but use filters=permitAll).