PreAuthentication with Spring Security -> Based on URL parameters

Question

The customer want to have the following scenario:

Customer hands out link (webapp address) with 2 parameters to the webapp user. Based on these variables the user wi

Answer 1

The way I have resolved this with similar situations is to to use a servlet filter to grab the parameters. I would recommend extending the org.springframework.web.filter.GenericFilterBean.

From these parameters, create an auth object of some sort (such as a token), that can be passed into the AuthenticationManager which you can autowire in (or get in some other method).

You will then need to have an AuthenticationProvider that can handle your auth object and generate a UserDetails object with the GrantedAuthority collection you need to satisfy the specific roles you want the user to have.