Spring MVC 3.1 How to access HttpSession in Custom Authentication Provider (which implements AuthenticationProvider)
Posted
by
user1506231
on Stack Overflow
See other posts from Stack Overflow
or by user1506231
Published on 2012-07-06T09:10:56Z
Indexed on
2012/07/06
9:15 UTC
Read the original article
Hit count: 157
Filed under:
authentication
|spring-mvc
My application calls a web service during the Authentication process (as shown in code below).
How can I save some information in HttpSession during this process? This information like customer-account-number will be used in various other places in the application after the user is logged in. Is it possible to pass HttpSession parameter to the MyServiceManager's static login method?
public class MyAuthenticationManager implements AuthenticationProvider {
@Override
public boolean supports(Class<? extends Object> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
@Override
public Authentication authenticate(Authentication authentication) {
//MyServiceManager.login - makes a call to web service
if(MyServiceManager.login(authentication.getName(), authentication.getCredentials().toString(), XXX_HTTP_SESSION_XXX))
{
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority> ();
authorities.add(new GrantedAuthorityImpl("ROLE_USER"));
authorities.add(new GrantedAuthorityImpl("ROLE_SUPERVISOR"));
return new UsernamePasswordAuthenticationToken(authentication.getName(), authentication.getCredentials(),authorities);
}
else
{
return null;
}
}
}
© Stack Overflow or respective owner
