Jul 27th, 2012, 02:56 PM
Manually fire AuthenticationSuccessHandler
Hi, I want to provide the user an alternative means of logging in with a token. I already handle authenticating the user in the PreAuthenticationFilter class but then I need to fire my AuthenticationSuccessHandler.onAuthenticationSucce ss() which does a super.onAuthenticationSuccess() which fires the method in it's base class of SavedRequestAwareAuthenticationSuccessHandler.
How can I fire the AuthenticationSuccessHandler from my preauthentication filter? I tried setting the authentication of the SecurityContextHolder thinking it would automatically fire off the AuthenticationSuccessHandler but it does not. This is how I tried to do that:
Authentication authentication = new UsernamePasswordAuthenticationToken(Username, Password);
Unfortunately that doesn't work though. So I need to know how to fire the AuthenticationSuccessHandler from a preauthentication filter.
Jul 29th, 2012, 01:21 PM
AuthenticationSuccessHandler typically commits the response (i.e. by doing a redirect or forward). Since AbstractPreAuthenticatedProcessingFilter typically expects something further down in the FilterChain to commit the response it does not an AuthenticationSuccessHandler on it. Therefore your subclass will need to allow the AuthenticationSuccessHandler to be injected and invoke it in the successfulAuthentication method. Keep in mind that the FilterChain will continue, so you need to ensure that your AuthenticationSuccessHandler does not commit the response.