Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within Spring Search Coderanch
Advance search Google search
Register / Login
granny book review grid thread boost polymorphism advertise on coderanch
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
building better world book book review grid meaningless drivel advertise on coderanch thread boost
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • paul wheaton
  • Jeanne Boyarsky
Sheriffs:
  • Paul Clapham
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
  • Himai Minh
Bartenders:

spring with alternate filter in the filterChainProxy

 
reubin haz
Ranch Hand
Posts: 287
posted 14 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
I used spring security to do authentication and authorization, alone with some common filters, like authenticationProcessingFilter, and with value setup in the spring security configuration file, like '/' for defaultTargetUrl, '/j_spring_security_check' for filterProcessesUrl. But I would like to provide a url that can be accessed by the third party that is directly accessed from the outside, which means the user from the third party has no need to do authentication again and I need convert some value from there match roles in my application.

If I create another filter to handle this access request from the third party, then how could I setup properly to allow this access bypassing login page? Or, when a user login normally from login page, how to prevent this user not going through filter that does process users from the third party?

I only know I could create a chain of filters in the bean filterChainProxy. But how to setup an alternate filter, or is it possible to run filter based on some condition?

SCJA, SCJP5.0, SCBCD, SCWCD

 
Mark Spritzler
ranger
Posts: 17347
11
I like...
Mac IntelliJ IDE Spring
posted 14 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Yes, you can replace or add filters to the chain.

But based on what you are looking to accomplish, there is a RememberMeService that you can use instead. So the third party could have a cookie on their machine and the cookie has an encrypted user name, and with remember me, it will just lookup the user in your user/roles tables location of data and create a Principal from that automatically. So you don't have to do any customization. In your security configuration like <security:http> tag you use the <remember-me> tag inside it. The <remember-me> tag also has a property to set the RememberMeService if you want to write your own customized RememberMeService rather than the built in one.

Check out Spring Security documentation at www.springframework.org for more information. But it really is simple to use and customize.

The Doc also have how you create your own filter in which you implement the Spring Security Filter interface, then in your Spring Security configuration you add it as a bean and set a property to a Constant value stating where in the chain you want your filter.

Hope that helps point you in the correct directions.

Mark

Perfect World Programming, LLC - iOS Apps
How to Ask Questions the Smart Way FAQ

 
wood burning stoves
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...