I am implementing solution using spring security siteminder. I am able to check SM_USER in header if the header is not found in the request i want to redirect the request to login page .how can i do this i am new to spring
Configuration is:
<security:intercept-url pattern="/Login" access="permitAll"/>
<security:intercept-url pattern="/**" />
<security:custom-filter position="PRE_AUTH_FILTER" ref="siteminderFilter" />
</security:http>
<bean id="siteminderFilter" class="arunkumar.sso.preauth.RequestHeaderFilterAuth">
<property name="principalRequestHeader" value="SM_USER"/>
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<bean id="preauthAuthProvider" class="arunkumar.sso.preauth.PreAuthenticatedProvider">
<property name="preAuthenticatedUserDetailsService">
<bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<property name="userDetailsService" ref="customUserDetailsService"/>
</bean>
</property>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="preauthAuthProvider" />
</security:authentication-manager>
<bean id="customUserDetailsService" class="arunkumar.sso.preauth.CustomUserDetailsService"></bean>
<bean id="http403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"></bean>
In RequestHeaderFilterAuth
try this:
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
String header = ((HttpServletRequest)request).getHeader(headerName);
if(header == null){
((HttpServletResponse) response).sendRedirect(loginUrl);
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.