Spring Security pass URL parameters to Authentication Provider
Question
Is there a way to pass URL parameters to an authentication provider in Spring Security 3?
Our login page will need to receive an email token as a parameter that the authentication system will need to be aware of when it sets the status of the user. Specifically, it will let a user with a correct token log in that would not otherwise be able to.
I have a custom class extending the DaoAuthenticationProvider class. My authentication logic is in that class's authenticate method.
I'm hoping there is some way to pass this data into the authenticate method.
2 answers
solution1
5 ACCPTED 2013-08-28 19:11:13
You could inject the HttpServletRequest object on your authentication provider class:
private @Autowired HttpServletRequest request;
Now, you should be able to access the request parameters with APIs such as request.getParameterValues(paramName)
solution2
3 2013-08-28 19:21:30
您需要覆盖UsernamePasswordAuthenticationFilter.setDetails()并通过UsernamePasswordAuthenticationToken details属性将额外信息传递给您的自定义身份验证提供程序。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.