How do I handle user logins with Spring MVC?

Question

I'm using Spring MVC for a web app. I want to use OpenID for my application, but I'm just wondering of what a good way to handle authentication in general for Spring MVC is.

My web app is a question and answer app. Here is the scenario I am confused about:
When a user wants to ask a question, they enter a question in a text box and hit submit, and it posts the form to "/question/create", which maps to a Create method in my Question controller. At this point, if they are logged in it will add the question to the database, but if they aren't I would like them to see a login screen, and then after successfully logging in the question would be added to the database.

What I don't understand is how to automatically add the question to the database after the login screen, because the form values would be the form values for the login screen, and not the form values for the add a question screen anymore.

Answer 1

You should check spring security. It has all you need and more.

Answer 2

acegi or spring security is what you need.

http://static.springsource.org/spring-security/site/faq.html

Any unauthenticated user will be redirected to the login page and after successful authentication original requested action may be performed. Acegi provides this facility.

Answer 3

You should check out OpenID for Java:http://code.google.com/p/openid4java/ I would think that would be the best way to do it.

Answer 4

Spring Security is the way to handle authentication in Spring and has support for OpenID authentication since version 2.0. See the section 2.3.4. OpenID Login in the official Reference Manual.