Auto login after successful registration

前端未结

关注

 10  2422

佛祖请我去吃肉 2020-11-28 23:44

hey all i want to make an auto login after successful registration in spring meaning: i have a protected page which requires login to access them and i want after registrati

10条回答

难免孤独 (楼主)

2020-11-29 00:18
Using SecurityContextHolder.getContext().setAuthentication(Authentication) gets the job done but it will bypass the spring security filter chain which will open a security risk.

For e.g. lets say in my case when user reset the password, I wanted him to take to the dashboard without login again. When I used the above said approach, it takes me to dashboard but it bypassed my concurrency filter which I have applied in order to avoid concurrent login. Here is the piece of code which does the job:
```
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(empId, password);
Authentication auth = authenticationManager.authenticate(authToken);
SecurityContextHolder.getContext().setAuthentication(auth);
```
Use login-processing-url attribute along with a simple change in web.xml

security-xml
web.xml
```
    springSecurityFilterChain
    /submitLogin
    FORWARD
 
```
By adding this piece of code in web.xml actually does the job of forwarding your explicit forward request which you will make during auto login and passing it to the chain of spring security filters.

Hope it helps
0 讨论(0)

查看其它10个回答
发布评论:

提交评论
- 加载中...