Announcement Announcement Module
No announcement yet.
authenticate using xml instead of username/pwd Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • authenticate using xml instead of username/pwd

    I have a requirement where I have to authenticate users using xml. There will be no login page. A user will do HTTP POST, and the post will contain xml. I'll need to extract the username/pwd from the xml, and redirect to some page.

    I kind of know how to do a custom authenticationprovider for this. The problem is my spring security experience is limited to <http> tag.

    How do I configure spring, so that there is no login page. I don't need a detailed solution. Just a general overview, or some good starting point. Do I need to override some filters?

    Also, the app that I have, has multiple <http> blocks. Can I override the filters for just one <http> block?

    I'm using Spring Security 3.1

    I have some layman's solutions in mind, like creating a servlet that would extract the xml and then do a post to the spring security url, or add some javascript to the login page that would automatically post the xml to the spring security. But they both seem lame to me. I'm sure there's a proper way to do it.