OpenId authentication and automatic registration with Spring Security 3.0.2

Question

I'm implementing an app using spring security 3.0.2 with OpenId login and registration. I can login succesfully, but if the user isn't registered i want to do:

1) Get some OpenId attributes like email and name.
2) Show to the user a registration form with just these two fields and the OpenId URI filled.

I've been searching a lot but i didn't find an "ellegant" way of doing this. I wonder if some of u can come out with a solution to implement this strategy in my app.

Thanks in advance.

Answer 1

You can't show the email and name before the user has registered/login himself, since he has to allow the app to access his profile first. You can show him this page with his openid, mail etc after he logged in.

Define which attributes you want to use:

<openid-login login-page="/openidlogin.jsp" authentication-failure-url="/openidlogin.jsp?login_error=true">
  <attribute-exchange>
    <openid-attribute name="email" type="http://schema.openid.net/contact/email" required="true" count="2"/>
    <openid-attribute name="name" type="http://schema.openid.net/namePerson/friendly" />
  </attribute-exchange>
</openid-login>

And then access the attributes, after the user has logged in:

OpenIDAuthenticationToken token = (OpenIDAuthenticationToken)SecurityContextHolder.getContext().getAuthentication();
List<OpenIDAttribute> attributes = token.getAttributes();

Have a look at the example from the spring repository, and the OpenId Support Documentation.