Announcement Announcement Module
No announcement yet.
3rd Party Preauth and retaining POST parameters Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • 3rd Party Preauth and retaining POST parameters

    I have a requirement to allow for anonymous browsing of part of our site. The secured areas are set up to authenticate thru a 3rd party (we redirect to their login screen, the user logs in and is then redirected back to our site). I handle this with a custom PreAuth filter and AuthenticationUserDetailsService.

    A new requirement has surfaced that when a user adds an item to their cart, they must be an authenticated user (we don't allow anonymous users to add to cart). The action is an HTTP Post to a Spring controller. We must check that the user is authenticated (handled by Spring Security), redirect them to login if they aren't already, and then seamlessly redirect the user to the cart page or product page with the item added to their cart.

    My question - how can I capture/remember the HTTP Post request (adding an item to the cart), redirect the user to the third party site, and then use the "remembered" add-to-cart POST parameters when the third party site redirects the user back to our site?

    Thanks in advance...hopefully this makes sense.