I'm trying to find a way to skip the login form when a user clicks on an "activate account" link that he has received by email. This link contains a single-use random token that can serve as an authentication method.
By this token I can retrieve the user details and activate its account, but I am yet to find a way to sign-in programmatically.
I am looking for a way to implement something like this:
void forceLogin ( String username );
Is it possible?
My spring-security configuration is this:
<http>
<intercept-url pattern="/userAccount/logout.do" access="ROLE_USER"/>
... (More intercepts)
<form-login login-page="/userAccount/login.do"
authentication-failure-url="/userAccount/login.do?failure=true"
login-processing-url="/userAccount/j_spring_security_check.do"
always-use-default-target="false"
default-target-url="/userAccount/redirectAfterLogin.do"
/>
<anonymous />
<logout logout-url="/userAccount/logout.do" />
</http>