2

I want to pass extra parameter in my login page. My application context looks like this. For example I want to add location parameter in login form. 

<context:annotation-config />
<context:component-scan base-package="com.myetest.app" />

<sec:http entry-point-ref="apiAuthenticationEntryPoint" create-session="always">
    <sec:form-login login-processing-url="/login" 
        username-parameter="username" 
        password-parameter="password" 
        authentication-failure-handler-ref="apiAuthenticationFailureHandler"
        authentication-success-handler-ref="apiLoginSuccessHandler" />
    <sec:logout logout-url="/logout" success-handler-ref="apiLogoutSuccessHandler"/>

    <sec:intercept-url pattern="/receipt/**" access="ROLE_ANONYMOUS"/>
    <sec:intercept-url pattern="/internal/**" access="ROLE_ANONYMOUS"/>
    <sec:intercept-url pattern="/system/**" access="ROLE_ANONYMOUS"/>
    <sec:intercept-url pattern="/**" access="ROLE_SELLER"/>

    <sec:custom-filter ref="apiPreAuthFilter" before="PRE_AUTH_FILTER"/>
    <sec:custom-filter ref="apiFirstFilter" before="LAST"/>
</sec:http>

<sec:authentication-manager alias="authenticationManager">
    <sec:authentication-provider ref="apiAuthenticationProvider"/>
</sec:authentication-manager>

<bean id="apiAuthenticationProvider" class="com.myetest.app.security.ApiAuthenticationProvider" />
<bean id="apiAuthenticationEntryPoint" class="com.myetest.app.security.ApiAuthenticationEntryPoint"/>
<bean id="apiLoginSuccessHandler" class="com.myetest.app.security.ApiLoginSuccessHandler"/>
<bean id="apiLogoutSuccessHandler" class="com.myetest.app.security.ApiLogoutSuccessHandler"/>
<bean id="apiAuthenticationFailureHandler" class="com.myetest.app.security.ApiAuthenticationFailureHandler"/>
<bean id="apiPreAuthFilter" class="com.myetest.app.security.ApiPreAuthenticationFilter" />

<bean id="apiFirstFilter" class="com.myetest.app.security.ApiFirstFilter"/>

My AuthenticationProvider is like this.

public class ApiAuthenticationProvider implements AuthenticationProvider {

}
xenteros
  • 15,586
  • 12
  • 56
  • 91
Patan
  • 17,073
  • 36
  • 124
  • 198

1 Answers1

2

Did you look at possible solution (section 1) and here some explanation. Solution is based at UsernamePasswordAuthenticationFilter usage. Briefly, you can override UsernamePasswordAuthenticationFilter where you can extract location from HttpServletRequest body in UsernamePasswordAuthenticationFilter.attemptAuthentication and do some your custom stuff. Or you can add custom MVC controller that will accept your form data and manually invoke there AuthenticationManager with yours custome AuthenticationProvider. Hope this helps.

Community
  • 1
  • 1
nndru
  • 2,057
  • 21
  • 16
  • Thank you for response. After overriding the UsernamePasswordAuthenticationFilter to read extra parameter. It would be great if you could also help me the changes required in applicationcontext.xml. Currently I am doing my authentication in ApiAuthenticationProvider class. It would be great if you provide code here. – Patan Nov 14 '13 at 15:01