Announcement Announcement Module
Collapse
No announcement yet.
How to expose a rest authenticate login to be called by external page? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to expose a rest authenticate login to be called by external page?

    Hi Everyone!
    I have implemented a project in spring mvc+spring security and rest.
    what this project simply do, is to load a realm login popup asking for user/password to authenticate.
    but what Im trying to do right now is to leave this authenticator manager as rest exposed to be consumed by a remote login webpage. This page will simply send the user and password to this REST service, I have configured my security context like this :


    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xmlns:mvc="http://www.springframework.org/schema/mvc"
           xmlns:context="http://www.springframework.org/schema/context"
           xmlns:security="http://www.springframework.org/schema/security"
           xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
            http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
            http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
        <context:component-scan base-package="com.demo.controllers" />
        
        <mvc:annotation-driven />
    
        <!-- Creates the springSecurityFilterChain with the customer filter customRestFilter injected.  -->
        <security:http create-session="stateless" entry-point-ref="authenticationEntryPoint" authentication-manager-ref="authenticationManager">
            <security:custom-filter ref="customRestFilter" position="BASIC_AUTH_FILTER" />
            <security:intercept-url pattern="/**" access="ROLE_USER" />
        </security:http>
    
        <!-- The authenticationEntryPoint allows us to customize to start the authentication process (i.e. bring up the dialog box when no header is present)
         The realmName will be displayed in the dialog box, hence not wise to put the username and password in it.
        -->
        <bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
            <property name="realmName" value="Enter Username: demo Password: demo" />
        </bean>
    
        <!-- The Custom Basic Authentication Filter. This can be replaced with what ever authentication process you wish -->
        <bean id="customRestFilter" class="com.security.filters.CustomRestSecurityFilter">
            <constructor-arg name="authenticationManager" ref="authenticationManager" />
        </bean>
    
        <security:authentication-manager alias="authenticationManager">
            <security:authentication-provider ref="restAuthenticationProvider" />
        </security:authentication-manager>
    
        <!-- The restAuthenticationProvider is the class responsible for verifying that the username and password are valid and
        returning an AuthenticationToken matching the user requesting the resource and the user's access level.
        -->
        <bean id="restAuthenticationProvider" class="com.security.authenticate.RestAuthenticationProvider" />
    
    </beans>
    as you can see in the definition of the entryPoint is launching a realm asking for user/password, what I need to do here is to change that (I dont know what kind of entry point I need to use here) the way when the remote page send the user/pass info to this service, starts de authentication.

    the example Im talking about is from:

    http://thatgeekything.blogspot.com.a...h-restful.html

    thanks! for your help!!
Working...
X