Menu
How do you customize the UsernamePasswordAuthenticationFilter usernameParameter (j_username) and passwordParameter (j_password) properties when using the <http ... /> Spring Security 3 namespace? It's my understanding the <http ... /> creates the filter, but I don't see how to customize it.
761
Method 1: Changing in the application properties file Now go to any browser and type localhost:8080 and try to access any local API we cannot access the API first we have to bypass the security. The user name and password are the same as we mention in the application. properties file.
Form-based login is one form of Username/password authentication that Spring Security provides support for. This is provided through an Html form. Whenever a user requests a protected resource, Spring Security checks for the authentication of the request.
Here is the solution I created based on axtavt's suggestion:
Spring configuration:
<beans:bean id="userPassAuthFilterBeanPostProcessor"
class="com.my.package.UserPassAuthFilterBeanPostProcessor">
<beans:property name="usernameParameter" value="username" />
<beans:property name="passwordParameter" value="password" />
</beans:bean>
Java class:
package com.my.package;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.security.web.authentication.
UsernamePasswordAuthenticationFilter;
public class UserPassAuthFilterBeanPostProcessor implements BeanPostProcessor {
private String usernameParameter;
private String passwordParameter;
@Override
public final Object postProcessAfterInitialization(final Object bean,
final String beanName) {
return bean;
}
@Override
public final Object postProcessBeforeInitialization(final Object bean,
final String beanName) {
if (bean instanceof UsernamePasswordAuthenticationFilter) {
final UsernamePasswordAuthenticationFilter filter =
(UsernamePasswordAuthenticationFilter) bean;
filter.setUsernameParameter(getUsernameParameter());
filter.setPasswordParameter(getPasswordParameter());
}
return bean;
}
public final void setUsernameParameter(final String usernameParameter) {
this.usernameParameter = usernameParameter;
}
public final String getUsernameParameter() {
return usernameParameter;
}
public final void setPasswordParameter(final String passwordParameter) {
this.passwordParameter = passwordParameter;
}
public final String getPasswordParameter() {
return passwordParameter;
}
}
Filter is configured using form-login element, but that element doesn't provide ability to set custom names for username and password.
You can configure directly, as describe in Spring Reference
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
