3

Is there a way to pass URL parameters to an authentication provider in Spring Security 3?

Our login page will need to receive an email token as a parameter that the authentication system will need to be aware of when it sets the status of the user. Specifically, it will let a user with a correct token log in that would not otherwise be able to.

I have a custom class extending the DaoAuthenticationProvider class. My authentication logic is in that class's authenticate method.

I'm hoping there is some way to pass this data into the authenticate method.

Improve this question

2 Answers 2

Reset to default
7

You could inject the HttpServletRequest object on your authentication provider class:

private @Autowired HttpServletRequest request;

Now, you should be able to access the request parameters with APIs such as request.getParameterValues(paramName)

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

The other option is probably the spring way to do it, but this was so simple.
Why is this the selected answer? HttpServletRequest is not available within the AuthenticationProvider. Trying to access it will yeild "No thread-bound request found" error.
Dunno the issue you're experiencing. It worked for me.
This worked for me, @JackB probably you are not including the HTTPServletRequest in the spring security context. Spring context and spring security context are two different concepts
4

You need to override UsernamePasswordAuthenticationFilter.setDetails() and pass extra information to your custom authentication provider via details property of UsernamePasswordAuthenticationToken.

Improve this answer

2 Comments

Other way, which I would recommend, is to inject a custom authenticationDetailsSource in the default login filter.
Makes more sense than the accepted reply.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.