Announcement Announcement Module
Collapse
No announcement yet.
Spring security and ajax/json Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring security and ajax/json

    Hi
    i have an application which is ajax heavy...
    actually all the interaction with the server done via json messages, from spring mvc @Controller web layer
    the question is :
    how to make spring security communicate with my front end via json? instead of http redirect
    for example, in the default case... when spring security think that this user need authentication.. it redirect him to a login page
    how to make it send a json message to the web page to let the page fire a custom login dialog
    the same for authorization... in any error , a redirect happen... how to recieve this as a message
    OR where to plug the code to captute these events to send these messages

    thanks
    Joe

  • #2
    Have you seen Matt Raible's blog post on this? I think it might help you out.

    Comment


    • #3
      i found this post on stackoverflow
      http://stackoverflow.com/questions/3...pring-security
      this is good for the login part (authentication)
      But how can i get authorization errors

      Thanks
      Joe

      Comment


      • #4
        Originally posted by fawzyj View Post
        i found this post on stackoverflow
        http://stackoverflow.com/questions/3...pring-security
        this is good for the login part (authentication)
        But how can i get authorization errors

        Thanks
        Joe
        Examine the the response in your Ajax callbacks. Pretty easy to return a JSON object that can accommodate any kind of details that you need. For example, a recent app of mine returns the input error location row and column in submitted input, error message, and different details if there was success.

        For live sample, you can go to http://admc.com/jcreole/wiki.jsp, click on the auto-preview button, and enter an illegal Creole element like "<<bad>>" into the editor.

        Comment


        • #5
          Hey, what is the extension point? i.e. what to extend/implement/override to catch authorization errors in custom class and disable the default redirect behavior , then i can generate the json and send it back

          Thanks
          Joe

          Comment


          • #6
            Originally posted by fawzyj View Post
            Hey, what is the extension point? i.e. what to extend/implement/override to catch authorization errors in custom class and disable the default redirect behavior , then i can generate the json and send it back

            Thanks
            Joe
            I don't know how you are implementing authentication, because I'm not going to take the time to read the previous text in this thread and follow the links, etc. I attempted to answer what I though was a remnant question. So, it depends on how you are doing it, but one possibility would be to set the authentication authentication-failure-url to your servlet which will read the exception which is stored as attribute value for key SPRINGSECURITY_LAST_EXCEPTION.

            Comment

            Working...
            X