login with param url spring security
Question
I have difficulty using Spring Security. I need auto login with parameter in URL.
Example:
I access the URL with username and password parameters link/collectsys/mainlogin.zul?username=ADMIN&password=12345678. When it is accessed, I hope it will log in automatically, such as filling in the username and password and clicking the login button.
I'm having trouble finding the action on the login button because I'm using Spring Security. What should I look for in the Spring documentation? I'm using Spring Security version 5.5.3.
1 answers
solution1
0 2022-07-05 11:00:18
You would need to generate a token when you login. This token is then used by the user's client to interact with the REST APIs protected by spring security.
So the login method would need to return to the client an access token that then will be saved in the client's session or cookies to be then reused whenever a call to the backend is made.
One of the common used solutions is the JWT of which you can find a really comprehensive guide here:
https://www.bezkoder.com/spring-boot-jwt-authentication/
If you really cannot change much of the application then you should look into the OncePerRequestFilter that enables you to filter requests of the spring boot application
public class AuthenticationFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(
HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain) throws
ServletException, IOException {
String username = request.getParameter("username");
String pw = request.getParameter("password");
User user = database.getUser(username);
if(user.getPw().equals(pw))
logger.info("Successfully authenticated user " + userName);
else throw new SomeException();
filterChain.doFilter(request, response);
}
}
This way which ever request gets to your application passes through this filter once before getting to the controller logic itself.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.