• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

Spring security: initializing bean after succesful authentication?

 
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello all,

New to Spring and Spring Security.

I'm learning by doing (and googling alot!), but I can't find a solution to this problem:

As far as I can see, the chain of event are as follows:

1) UserBean is instantiated by Spring as it's defined as a bean in the web.xml file.
2) The user is presented with my login page
3) User authenticates himself
4) User is redirected to "page1.xhtml" in a secured area if 3) is successful

I would like to do a post-login initialization of the UserBean, as I would like to fetch user info (name, address, etc.) from a database. But I only want this to happen once, since that data of course only should be loaded once, so it should be like 3.5) in the chain of events.

Until now, I'm thinking of these solutions:

1) After login, the user to redirected to a pre-home screen, where the UserBean post-login initialization is handled and then redirected to "page1.xhtml" afterwards.

2) In the "page1.xhtml", I have the following code:

- and then I could do the data base stuff in the getUserName() in UserBean (and handle the one-time-only requirement by a isPostLoginInitialized boolean value)

3) Using the example posted here: http://stackoverflow.com/questions/2579431/spring-security-call-method-after-authentication ... but can't find a jar containing SpringSecurityFilter.


Can anyone help me out here? How to do this? I'm guessing it's a quite ordinary task, so perhaps I've just googled with the incorrect keywords.


Best regards,
Janus
 
Janus Engstrøm
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Solved!

Some more browsing took me to this place: http://www.codercorp.com/blog/spring/security-spring/configuring-spring-security.html

Excellent information, just what I was looking for: A way to customize the the User object being used by Spring Security to authorize access to the resources.

A brief walk through:

1) Define a data source:

2) Define bean for the customized UserDetailService:

3) In the spring security xml file, use the customized UserDetailService as the new authentication provider:

4) MyUserDetailsService:

5) And MyUser:



/janus
 
This is my favorite show. And this is my favorite tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic