Announcement Announcement Module
No announcement yet.
Setting a cookie value after authentication Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Setting a cookie value after authentication

    I'm not sure if this belongs here or not, but I am using Spring MVC & Spring Security using form based authentication and was wondering how I can set a cookie value once the user is successfully authenticated. I've looked at the documentation and it doesn't appear to be obvious how to do this. Here is my spring-security file:

    <bean id="filterChainProxy" class=" inProxy">
    <security:filter-chain-map path-type="ant">
    <security:filter-chain pattern="/**" filters="httpSessionContextIntegrationFilter,formA uthenticationProcessingFilter,exceptionTranslation Filter,filterSecurityInterceptor"/>
    <bean id="httpSessionContextIntegrationFilter" class=" ssionContextIntegrationFilter"/>

    <bean id="formAuthenticationProcessingFilter" class=" enticationProcessingFilter">
    <property name="filterProcessesUrl" value="/j_spring_security_check"/>
    <property name="authenticationFailureUrl" value="/loginFailed.htm"/>
    <property name="defaultTargetUrl" value="/index.htm"/>
    <property name="authenticationManager" ref="authenticationManager"/>

    <bean id="exceptionTranslationFilter" class=" anslationFilter">
    <property name="authenticationEntryPoint">
    <ref local="formLoginAuthenticationEntryPoint"/>

    <bean id="filterSecurityInterceptor" class=" FilterSecurityInterceptor">
    <property name="authenticationManager">
    <ref local="authenticationManager" />
    <property name="accessDecisionManager">
    <ref local="accessDecisionManager" />
    <property name="objectDefinitionSource">

    <bean id="authenticationManager" class=" iderManager">
    <property name="providers">
    <!-- use this to encrypt/decrypt passwords -->
    <ref local="csaAuthenticationProvider" />

    <bean id="csaAuthenticationProvider" class="com.sonybmg.csa.service.impl.CsaAuthenticat ionProvider">
    <property name="adminFacade" ref="adminFacade"/>
    <property name="passwordEncoder" ref="passwordEncoder"/>
    <bean id="accessDecisionManager" class=" Based">
    <property name="decisionVoters">
    <ref local="roleVoter" />

    <bean id="roleVoter" class=" ">
    <property name="rolePrefix" value="ROLE"/>

    <bean id="formLoginAuthenticationEntryPoint" class=" enticationProcessingFilterEntryPoint">
    <property name="loginFormUrl" value="/login.htm"/>
    <property name="forceHttps" value="false"/>

    Does this question belong in the SpringMVC forum?

    Any help would be great! Thanks!

  • #2
    Hi. I'm no expert but it seems once you are authenticated, and pass beyond the acegi filter chain, you are into the realm of Spring MVC and can set a cookie using an interceptor or by any other means.

    I'm not sure if your specific scenario requires you to hook into Spring Security, by way of setting or reading the cookie, but setting a cookie after the fact should be straight forward.