Jan 13th, 2012, 07:10 AM
3rd Party Preauth and retaining POST parameters
I have a requirement to allow for anonymous browsing of part of our site. The secured areas are set up to authenticate thru a 3rd party (we redirect to their login screen, the user logs in and is then redirected back to our site). I handle this with a custom PreAuth filter and AuthenticationUserDetailsService.
A new requirement has surfaced that when a user adds an item to their cart, they must be an authenticated user (we don't allow anonymous users to add to cart). The action is an HTTP Post to a Spring controller. We must check that the user is authenticated (handled by Spring Security), redirect them to login if they aren't already, and then seamlessly redirect the user to the cart page or product page with the item added to their cart.
My question - how can I capture/remember the HTTP Post request (adding an item to the cart), redirect the user to the third party site, and then use the "remembered" add-to-cart POST parameters when the third party site redirects the user back to our site?
Thanks in advance...hopefully this makes sense.
Tags for this Thread