How to login to backend from frontend in vaadin
Question
My question is how can I login into backend secured by spring security WebSecurityConfigurerAdapter? How to send request to login to default page spring security? Login page is on localhost:8080/login (default spring login page) and my front is on localhost:8081. How can I write method to login on this page?
1 answers
solution1
0 ACCPTED 2021-01-05 07:13:09
Because you have two seperate servlets on different ports running they cannot communicate with each other unless you explicitly implement that. One way to perform an automatic login would be some token you pass via the URLs GET parameters.
For example if you want to login from localhost:8080 to localhost:8081 you first have to check if the entered credentials on localhost:8080 are correct. If so, you can do a HTTP redirect to localhost:8081?token=123456 where the value of token is generated in the backend any stored in some place (eg in a database). If a user is now accessing this localhost:8081 page and is passing a token via GET parameter in the URL you can verify this token. If it is correct, you can login the user automatically.
But you have also have to ensure that the token handling is secure. Use long, cryptic tokens that have a limited, small live-span. Also delete used tokens after the login is performed. Never use the same token multiple times!
This may be one way you can do that.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.