Results 1 to 3 of 3

Thread: spring-social-security: how to inject custom SimpleUrlAuthenticationSuccessHandler?

  1. Jun 19th, 2012, 10:40 AM #1
    adrian.hoehn
    adrian.hoehn is offline Junior Member
    Join Date
    Mar 2011
    Posts
    28

    Default spring-social-security: how to inject custom SimpleUrlAuthenticationSuccessHandler?

    After a successfull login on facebook with spring-social & spring-security (based on spring-social-security) the SimpleUrlAuthenticationSuccessHandler is called.
    Can someone explaine me how i can inject here my custom SimpleUrlAuthenticationSuccessHandler?

    (It would be the cleanest possibility to do some custom redirects after a successfule login.)
    Reply With Quote Reply With Quote
  2. Jun 19th, 2012, 11:18 AM #2
    adrian.hoehn
    adrian.hoehn is offline Junior Member
    Join Date
    Mar 2011
    Posts
    28

    Default

    Because it's everithing autowired in this example, you'll need to config the authenticationfilter manually to reach this. Here an XML based example:

    <security:http
    ...
    <security:custom-filter after="FORM_LOGIN_FILTER" ref="mySocialSecurityAuthenticationFilter" />
    </security:http>

    <bean id="mySocialSecurityAuthenticationFilter" class="org.socialsignin.springframework.social.sec urity.signin.SpringSocialSecurityAuthenticationFil ter">
    <property name="authenticationSuccessHandler" ref="myUrlAuthenticationSuccessHandler" />
    </bean>

    Now you can do what ever you want in your custom AuthenticationSuccessHandler. E.g. redirect to the page where you're originally coming from...
    Reply With Quote Reply With Quote
  3. Aug 11th, 2012, 05:52 PM #3
    michaellavelle
    michaellavelle is offline Junior Member
    Join Date
    Oct 2011
    Location
    London, UK
    Posts
    27

    Default

    Hi

    Thanks for posting the solution to this - the ability for the authentication success url to be configured was something I'd meant to implement in earlier versions of spring-social-security but must had missed.

    I've made a couple of changes to the latest snapshot of spring-social-security recently - one of which is a fix for the issue you describe. If an environment property is set ( socialsignin.defaultAuthenticationSuccessUrl ) with the required authentication success url, the default springSocialSecurityAuthenticationFilter will now pick this up, and set this as the default for it's success handler.

    Other changes in the latest build include a provider-aware AccessDeniedHandler - now meaning that urls can be protected with provider-specific role combinations such as "hasRole('ROLE_USER_TWITTER') and hasRole('ROLE_USER_FACEBOOK')" - users without this authorisation will then be prompted to connect with the relevant provider(s) though the use of this handler.

    Cheers,

    Michael Lavelle
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules