I have application that use Sprin Security and runs on Tomcat. I need to allow user to authenticate only using link with password and username as parameters. I'm searching for any advice how to do that, possible solutions, etc.
Thanks for any help.
I am no expert but I think you need to have a custom authentication processing filter and then generate unique url based on some combination of username and password.
Thank you for replay,
I read some documentation and at that moment one possible solution to me is to write custom filter, something like that:
And register it:
But there are still many question to me:
1. How to "tell" that given user and password are correct and ther is no need to redirect to login page? How set Authentication obect?
2. Where put my filter? before="FIRST" or after="PRE_AUTH_FILTER" or somwhere else?
3. Is "extends OncePerRequestFilter" the best choice?