How to pass an additional parameter with spring security login page

by

There’s a number of ways to do this but the official way to do it is using a custom AuthenticationDetails and AuthenticationDetailsSource, subclassing Spring’s WebAuthenticationDetails and WebAuthenticationDetailsSource, respectively. Add the extra field to the custom WebAuthenticationDetails and have the custom WebAuthenticationDetailsSource get the data from the request to populate the field.

In Spring Security 3.1 it’s easy to configure by using the authentication-details-source-ref attribute of the <form-login> element.

In 3.0 you have to use a BeanPostProcessor. There is an example in the Spring Security FAQ on using a BeanPostProcessor to configure a custom WebAuthenticationDetailsSource.

Once this is done then you can call SecurityContextHolder.getContext().getAuthentication().getDetails() to get access to your extra field.

More Related Contents:

  1. Spring Boot Security CORS
  2. Handle spring security authentication exceptions with @ExceptionHandler
  3. How Spring Security Filter Chain works
  4. How to use OAuth2RestTemplate?
  5. How do I get the Session Object in Spring?
  6. Spring Boot CORS filter – CORS preflight channel did not succeed
  7. Spring Security redirect to previous page after successful login
  8. How can I have list of all users logged in (via spring security) my web application
  9. Spring Security exclude url patterns in security annotation configurartion
  10. Spring Security 3.2 CSRF support for multipart requests
  11. Spring CSRF token does not work, when the request to be sent is a multipart request
  12. JSON Web Token (JWT) with Spring based SockJS / STOMP Web Socket
  13. can I include user information while issuing an access token?
  14. How can I use Spring Security without sessions?
  15. Spring Security configuration: HTTP 403 error
  16. How to manually log out a user with spring security?
  17. Auto login after successful registration
  18. How to set up Spring Security SecurityContextHolder strategy?
  19. How do I remove the ROLE_ prefix from Spring Security with JavaConfig?
  20. How to get custom user info from OAuth2 authorization server /user endpoint
  21. getting exception: No bean named ‘springSecurityFilterChain’ is defined
  22. Spring Security and @Async (Authenticated Users mixed up)
  23. Spring Security: mapping OAuth2 claims with roles to secure Resource Server endpoints
  24. How to use multiple login pages one for admin and the other one for user
  25. Spring Security 3.2 CSRF disable for specific URLs
  26. How to use Spring AbstractRoutingDataSource with dynamic datasources?
  27. Spring Social Authentication Filter for Stateless REST Endpoints which use Facebook Token for authentication
  28. Spring Boot: How to specify the PasswordEncoder?
  29. Looking for a Simple Spring security example [closed]
  30. Is it possible to invalidate a spring security session?

Leave a Comment