Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Preauthentication with LTPA token

What is the best way to initialize a Spring context given pre-authentication through Websphere LTPA SSO token? Right now I have a custom filter that provides a PreAuthorizedAuthenticationToken to the Spring Security context. Is there an existing filter that would do this for me automatically? I have always run into trouble with GrantedAuthorities when I've tried to use the PreAuth classes.

Cheers

like image 604
davo Avatar asked Oct 21 '11 15:10

davo


1 Answers

Best option is to have a custom preauthentication filter by extending AbstractPreAuthenticatedProcessingFilter.

You can fetch the token from request and return it in getPreAuthenticatedCredentials() method.

You can define your own AuthenticationUserDetailsService and pass it to PreAuthenticatedAuthenticationProvider, here you can fetch the granted authorities and return them in UserDetails Object

<bean id="preAuthAuthenticationProvider"
          class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
        <property name="preAuthenticatedUserDetailsService">
            <bean id="myUserDetailsService"
                  class="MyUserDetailsService">
            </bean>
        </property>
    </bean>

If you have granted auth, not starting with default prefix ROLE, you can define your custom prefix

<bean id="myPermissionRoleVoter" class="org.springframework.security.access.vote.RoleVoter">
        <property name="rolePrefix" value="myprefix"/>
    </bean>
like image 126
coder Avatar answered Oct 08 '22 03:10

coder