0

My system has 2 subsystems. Each subsystem has different set of users. Each user has an extra field "SystemName" that can be used to know which system this user belongs to.

In the login forms (1 form for each subsystem) I added a hidden field specifying the type of the form (containing the SystemName value).

Generally, the check is rather simple:

if (user.systemName == params.systemName) {
    proceed with regular login
} else {
    throw standard login error
}

I tried putting that check to my custom DaoAuthenticationProvider but it has no access to "params.systemName".

Where do I put that code to make Acegi authenticate my users with this check?

Thanks in advance.

Improve this question

1 Answer 1

Reset to default
1

This is how I did it in Java. Extend WebAuthenticationDetails: 

import javax.servlet.http.HttpServletRequest;
import org.acegisecurity.ui.WebAuthenticationDetails;

public class SystemNameWebAuthenticationDetails extends WebAuthenticationDetails {

    public SystemNameWebAuthenticationDetails() {
        super();
    }

    public SystemNameWebAuthenticationDetails(HttpServletRequest request) {
        super(request);
        this.systemName = request.getParameter("systemName");
    }

    public String getSystemName() {
        return systemName;
    }

    private String systemName;
}

Set it in the authentication filter: 

<bean id="authenticationProcessingFilter"
      class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
      ...
      <property name="authenticationDetailsSource">
        <bean class="org.acegisecurity.ui.AuthenticationDetailsSourceImpl">
            <property name="clazz" value="SystemNameWebAuthenticationDetails"/>
        </bean>
      </property>
</bean>

Later you can access that property in the authentication process asking the details to the authentication object. Or doing this: 

SecurityContextHolder.getContext().getAuthentication().getDetails()
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.