All geek questions in one place

Pre-authentication with LTPA Token

What is the best way to initialize a Spring context with a given pre-authentication through the WebSphere LTPA SSO token? Right now, I have a custom filter that provides a PreAuthorizedAuthenticationToken for Spring Security Context. Is there an existing filter that will do this for me automatically? I always had problems with GrantedAuthorities when I tried to use PreAuth classes.

Greetings

+6
source share
1 answer

The best option is to create a custom pre-authentication filter by extending AbstractPreAuthenticatedProcessingFilter.

You can extract the token from the request and return it to the getPreAuthenticatedCredentials () method.

You can define your own AuthenticationUserDetailsService and pass it to PreAuthenticatedAuthenticationProvider, here you can get the granted authority and return it to the UserDetails Object

<bean id="preAuthAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService"> <bean id="myUserDetailsService" class="MyUserDetailsService"> </bean> </property> </bean>

If you provided auth without starting with the default ROLE prefix, you can define your own prefix

 <bean id="myPermissionRoleVoter" class="org.springframework.security.access.vote.RoleVoter"> <property name="rolePrefix" value="myprefix"/> </bean>
+1
source

Source: https://habr.com/ru/post/899805/

More articles:


All Articles