Re: [appfuse-user] Automatic Login

Tue, 01 Jun 2010 06:37:35 -0700 

It is working for us:

    protected void login(User user) {
        UsernamePasswordAuthenticationToken auth = new
UsernamePasswordAuthenticationToken(
                user, user.getPassword(), user.getAuthorities());
        auth.setDetails(user);
        SecurityContextHolder.getContext().setAuthentication(auth);
    }

Check the user.getAuthorities() is returning the appropiate roles.

PieMailIsigma  [image: isotipo isigma]
 Josep García Corral
Ingeniero de Software
  isigma, la referencia en firma electrónica
Tel. +34 932 387 108
www.isigma.es

 [image: logotipo portasigma]
¡Prueba gratis la firma online! <http://www.portasigma.com>
2010/6/1 Kissue Kissue <kissue...@gmail.com>

> Thanks Josep for your reply but the access denied message is not coming
> from the servlet. The servlet is accessed and executes alright. It comes
> when the servlet tries to redirect to the home page so its actually coming
> from the home page which is protected by a role. I thought that by logging
> user with appropriate role it would be taken of but apparently its not.
>
>
>
>
> On Tue, Jun 1, 2010 at 1:10 PM, Josep García <jgar...@isigma.es> wrote:
>
>> The servlet needs to be an "allowed" page to users.
>> In security.xml:
>>
>> <intercept-url pattern="/yourservlet/*" filters="none"/>
>>
>> 2010/6/1 Kissue Kissue <kissue...@gmail.com>
>>
>> Hi Folks,
>>>
>>> i have a requirement to login user automatically from another application
>>> into my appfuse application. Say from first application, user submits
>>> username and password and is sent to my appfuse application and user is
>>> automatically authenticated and the home page is displayed.
>>>
>>> I have tried to use a servlet so user sends request to servlet, then
>>> servlet uses code below to login user in:
>>>
>>>         UsernamePasswordAuthentication
>>>>
>>>> Token auth = new UsernamePasswordAuthenticationToken(
>>>>                 user.getUsername(), user.getConfirmPassword(),
>>>> user.getAuthorities());
>>>>         auth.setDetails(user);
>>>>         SecurityContextHolder.getContext().setAuthentication(auth);
>>>>
>>>> After which user is redirected to home page but each time i get the
>>>> access denied message which means its still not recognising user.
>>>>
>>>> Has anybody done something like this before? Is it possible?
>>>>
>>>> Thanks.
>>>
>>>
>>
>

Reply via email to