I am using spring security and want to login my users manually.
my controller looks like this:
@RequestMapping("/login")
public String login() {
Authentication authenticationResult = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user2", "password"));
SecurityContextHolder.getContext().setAuthentication(authenticationResult);
return "redirect:/";
}
I found an example in the docs where such a login is made.
I just wanted to ask whether there are any downsides or security issues with this approach?
EDIT: If someone can point me to the class (&docs?) where the default spring /login request ist handled it might also answer my question as i could look how the login process is implemented spring internally
This is a work around when we need to do some process before the user logs in. The actual problem comes when you do the following things. Of course these are not problems :-).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.