posted 9 years ago
I'm in the process of trying to decide on a forum solution for an application I'm working on.
The business want to prevent anyone that hasn't already logged in to the main application from having access to the forum - but the forum should still use its own user management (user ends up logging in).
ie. login to /myapplication, click on a link and end up at the login screen /myapplication/forum. Anyone navigating directly to /myapplication/forum without a /myapplication session should end up at the /myapplication login page and not be able to see anything in the forum.
Have you tried this before? Ideally using the Spring Security annotations.