tags:

views:

138

answers:

1
Q: 

access to request object when using spring security

When logging in I want to read the URL and base on the combination of subdomain, username and password user should be authorized.

like if the url is abc.xyz.com

i somehow need request object to get the subdomain and authorize user using the subdomain and username.

A: 

You can easily check those items during login by creating your own PreAuthenticated filter and add it to the Spring Security Filter Chain. The filter contains the method getPreAuthenticatedPrinciple(HttpServletRequest request) where you can see the request and act accordingly. If you want to make the check after the user has already been authenticated then simply subclass the base SpringSecurityFilter and add it to the filter chain after the authentication step.

Gandalf  2010-05-19 20:15:39
Hi Gandalf, thanks for the answer, i'll definitely check out what you suggested and mark the answer as correct once done.
Hussain  2010-05-20 20:12:22

related questions

Spring MVC Webapp: Where to store paths to common images?
Does anyone know how to successfully integrate Seam and Spring MVC?
Spring - binding to an object rather than a String or primitive
Resource for learning Spring MVC
Best way to validate URL parameters in Spring MVC website?
Spring MVC validation with Annotations
How can I determine what roles are required to access a URL with Spring Security?
Spring MVC tag interaction with custom tag
How does Spring 2.5 map the incoming request data to ModelAttribute command ?
Benefits of using JSTL vs Velocity for view layer in MVC app?
Best Practice for Spring MVC form-backing object tree initialization
How to reuse a Criteria object with hibernate?
What are best practices for preventing stale CSS and JavaScript
Struts or Spring MVC or Struts & Spring?
What are some use cases for various DispatcherServlet.detectAllXxx flags?
How do I bind collection attributes to a form in Spring MVC
Unit tests vs integration tests with Spring
Adding HTTP Headers in a Spring Interceptor postHandle method
Can anyone explain servlet mapping?
Please share your experiences of DWR 3.0 M1 RC2 ?
How best to modify my model in Spring MVC if I care about IOC
Spring MVC : Binding 3 dropdowns to a date property in SimpleFormController
Spring-MVC Problem using @Controller on controller implementing an interface
Annotated Spring-MVC controller not recognized when controller extends interface
What are the best books for Spring and Spring MVC?