Results 1 to 4 of 4

Thread: how to add Authentication manually to SecurityContextHolder after registration?

  1. Feb 28th, 2011, 08:43 AM #1
    tango
    tango is offline Member
    Join Date
    Nov 2010
    Posts
    45

    Default how to add Authentication manually to SecurityContextHolder after registration?

    hi to all.
    i have a simple web application that i used than spring security wihtin it after
    some time.
    before using than spring security, after a user registering,i set some of necessary
    information of user in session and lead user directly to homePage.
    in homePage smoe of attribute checked in session and based on this attribute vaues,
    some menu or etc showed to user, or in login page(when user logined to system), I show(for example)
    [CODE]
    Welcome${user.userName}
    [CODE]
    and therefore when user press Logout link or button, i invalidating him or her session.
    but now i have a problem.
    after i use than spring security, management of users sessions is handeled by Spring security.
    ok its not any problem.
    my question is how can i after a user registered to system, added him or her session to SecurityContextHolder?
    is it true method that when user registration done successfully, adding him or her sesssion to SecurityContextHolder?
    maybe somebody say that i can lead user to login page.
    but i want to send user to homePage after a successfull registration.
    Reply With Quote Reply With Quote
  2. Feb 28th, 2011, 10:43 AM #2
    Rob Winch
    Rob Winch is offline Senior Member Spring Team
    Join Date
    Jan 2008
    Posts
    1,826

    Default

    You can set it on the SecurityContextHolder. Ensure that the SecurityContextPersistenceFilter is invoked for the URL you are setting it. If you are using the namespace ensure you are not using filters=none on this URL (you can use access=permitAll). There are at least a few other threads discussing this so if you have any questions I would try searching the forums.
    Rob Winch - @rob_winch
    Spring Security Lead
    Pivotal
    Reply With Quote Reply With Quote
  3. Mar 2nd, 2011, 10:47 AM #3
    tango
    tango is offline Member
    Join Date
    Nov 2010
    Posts
    45

    Default

    hi.
    so many thanks but i have another question.
    when i logining with a valid username and password, and if i set a BreakPoin
    in my methods and evaluate SecurityContextHolder.getContext().getAuthenticati on().getPrincipal() it return an object of org.springframework.security.core.userdetails.User type.
    but in way that you lead me when i evaluate
    SecurityContextHolder.getContext().getAuthenticati on().getPrincipal() i dont get any thing.
    is ther any way to set proper User Objects in Authentication like as
    SecurityContextHolder.getContext().getAuthenticati on().setPrincipal(new User ...)
    for example.
    Reply With Quote Reply With Quote
  4. Mar 3rd, 2011, 08:15 AM #4
    Rob Winch
    Rob Winch is offline Senior Member Spring Team
    Join Date
    Jan 2008
    Posts
    1,826

    Default

    You can do something like...

    Code:
    SecurityContextHolder.getContext().setAuthenticati on(new UsernamePasswordAuthenticationToken(user, "password", authorities));
    Rob Winch - @rob_winch
    Spring Security Lead
    Pivotal
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules