Announcement Announcement Module
No announcement yet.
how to add Authentication manually to SecurityContextHolder after registration? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • how to add Authentication manually to SecurityContextHolder after registration?

    hi to all.
    i have a simple web application that i used than spring security wihtin it after
    some time.
    before using than spring security, after a user registering,i set some of necessary
    information of user in session and lead user directly to homePage.
    in homePage smoe of attribute checked in session and based on this attribute vaues,
    some menu or etc showed to user, or in login page(when user logined to system), I show(for example)
    and therefore when user press Logout link or button, i invalidating him or her session.
    but now i have a problem.
    after i use than spring security, management of users sessions is handeled by Spring security.
    ok its not any problem.
    my question is how can i after a user registered to system, added him or her session to SecurityContextHolder?
    is it true method that when user registration done successfully, adding him or her sesssion to SecurityContextHolder?
    maybe somebody say that i can lead user to login page.
    but i want to send user to homePage after a successfull registration.

  • #2
    You can set it on the SecurityContextHolder. Ensure that the SecurityContextPersistenceFilter is invoked for the URL you are setting it. If you are using the namespace ensure you are not using filters=none on this URL (you can use access=permitAll). There are at least a few other threads discussing this so if you have any questions I would try searching the forums.


    • #3
      so many thanks but i have another question.
      when i logining with a valid username and password, and if i set a BreakPoin
      in my methods and evaluate SecurityContextHolder.getContext().getAuthenticati on().getPrincipal() it return an object of type.
      but in way that you lead me when i evaluate
      SecurityContextHolder.getContext().getAuthenticati on().getPrincipal() i dont get any thing.
      is ther any way to set proper User Objects in Authentication like as
      SecurityContextHolder.getContext().getAuthenticati on().setPrincipal(new User ...)
      for example.


      • #4
        You can do something like...

        SecurityContextHolder.getContext().setAuthenticati on(new UsernamePasswordAuthenticationToken(user, "password", authorities));