Announcement Announcement Module
Collapse
No announcement yet.
PreAuthenticationProcessingFilter unique issue Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • PreAuthenticationProcessingFilter unique issue

    Hello all,
    I have implemented the remember me (persistence token based) service and that i working fine along with UsernamePasswordAuthenticationFilter. However, after a user logs in, if the user is an administrator, he/she should be able to log in as someone else just by providing JUST the username. The application should behave as if the original user has signed in. I think PreAuthenticationFilter would suffice my needs, just a theory. Any help is appreciated.

  • #2
    Posting the solution just in case if anyone is facing the same issue:
    Create new PreAuthenticatedAuthenticationToken token

    here's the code:

    Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
    GrantedAuthority g1 = new GrantedAuthorityImpl("SOMEROLE_SOMEUSER");
    authorities.add(g1);

    PreAuthenticatedAuthenticationToken authentication =
    new PreAuthenticatedAuthenticationToken("userid", "",authorities);

    authentication.setAuthenticated(true);

    SecurityContextHolder.getContext().setAuthenticati on(authentication);
    request.getSession().setAttribute("SPRING_SECURITY _LAST_USERNAME", "userid");

    rememberMeServices.loginSuccess(request, response, authentication);
    customAuthenticationSuccessHandler.onAuthenticatio nSuccess(request, response, authentication);

    - that's it....

    Comment

    Working...
    X