• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Spring security: initializing bean after succesful authentication?

 
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello all,

New to Spring and Spring Security.

I'm learning by doing (and googling alot!), but I can't find a solution to this problem:

As far as I can see, the chain of event are as follows:

1) UserBean is instantiated by Spring as it's defined as a bean in the web.xml file.
2) The user is presented with my login page
3) User authenticates himself
4) User is redirected to "page1.xhtml" in a secured area if 3) is successful

I would like to do a post-login initialization of the UserBean, as I would like to fetch user info (name, address, etc.) from a database. But I only want this to happen once, since that data of course only should be loaded once, so it should be like 3.5) in the chain of events.

Until now, I'm thinking of these solutions:

1) After login, the user to redirected to a pre-home screen, where the UserBean post-login initialization is handled and then redirected to "page1.xhtml" afterwards.

2) In the "page1.xhtml", I have the following code:

- and then I could do the data base stuff in the getUserName() in UserBean (and handle the one-time-only requirement by a isPostLoginInitialized boolean value)

3) Using the example posted here: http://stackoverflow.com/questions/2579431/spring-security-call-method-after-authentication ... but can't find a jar containing SpringSecurityFilter.


Can anyone help me out here? How to do this? I'm guessing it's a quite ordinary task, so perhaps I've just googled with the incorrect keywords.


Best regards,
Janus
 
Janus Engstrøm
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Solved!

Some more browsing took me to this place: http://www.codercorp.com/blog/spring/security-spring/configuring-spring-security.html

Excellent information, just what I was looking for: A way to customize the the User object being used by Spring Security to authorize access to the resources.

A brief walk through:

1) Define a data source:

2) Define bean for the customized UserDetailService:

3) In the spring security xml file, use the customized UserDetailService as the new authentication provider:

4) MyUserDetailsService:

5) And MyUser:



/janus
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic