Spring MVC 3.1 How to access HttpSession in Custom Authentication Provider (which implements AuthenticationProvider)

Posted by user1506231 on Stack Overflow See other posts from Stack Overflow or by user1506231
Published on 2012-07-06T09:10:56Z Indexed on 2012/07/06 9:15 UTC
Read the original article Hit count: 184

Filed under:
|

My application calls a web service during the Authentication process (as shown in code below).

How can I save some information in HttpSession during this process? This information like customer-account-number will be used in various other places in the application after the user is logged in. Is it possible to pass HttpSession parameter to the MyServiceManager's static login method?

public class MyAuthenticationManager implements AuthenticationProvider {

    @Override
    public boolean supports(Class<? extends Object> authentication) {
        return authentication.equals(UsernamePasswordAuthenticationToken.class);
    }

    @Override
    public Authentication authenticate(Authentication authentication) {
                    //MyServiceManager.login - makes a call to web service
        if(MyServiceManager.login(authentication.getName(),     authentication.getCredentials().toString(), XXX_HTTP_SESSION_XXX))
        {
            List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>  ();  
            authorities.add(new GrantedAuthorityImpl("ROLE_USER"));
            authorities.add(new GrantedAuthorityImpl("ROLE_SUPERVISOR"));
            return new UsernamePasswordAuthenticationToken(authentication.getName(), authentication.getCredentials(),authorities);
        }
        else
        {
            return null;
        }

    }
}

© Stack Overflow or respective owner

Related posts about authentication

Related posts about spring-mvc