Stack Overflow
Stack Overflow

Questions tagged [pre-authentication]

78 questions
3
votes
1 answer

Pre-Authentication / Single SignOn using Spring Security

I am developing two web applications where one is a server app and the other is a client app, both are using Spring Security. My use case is such that after a user logs into the server app, the user can then access the client app from links within…
citress
  • 889
  • 3
  • 13
  • 35
2
votes
1 answer

How to validate SM_USER header in Spring Security preauthentication for siteminder

I 'm trying to create a secure spring rest api using pre-authentication security for siteminder. I 've tried a solution where I 'm getting SM_USER and when I tested it in postman by adding new header SM_USER with random value it seems to work fine.…
A.A
  • 81
  • 5
  • 16
2
votes
1 answer

How can I implement a custom Spring Security PreAuthentication scenario for a Spring Webflux application?

In order to modernize a Spring MVC based application using Webflux I need to update my custom PreAuthentication scenario. I have built a good solution using FilterBeans (such as described in…
janb
  • 1,057
  • 1
  • 9
  • 11
2
votes
2 answers

Spring Boot Security PreAuthenticated Scenario with Anonymous access

I have a Spring Boot (1.5.6) application that is using the "pre-authenticated" authentication scenario (SiteMinder) from Spring Security. I have a need to expose the actuator "health" endpoint anonymously meaning the requests to that endpoint will…
Sean Casey
  • 86
  • 1
  • 6
2
votes
1 answer

How can I use the PreAuthetication between 2 web-apps using Spring to avoid the login inside the second app after signed in the first one?

I'm trying to implement a PreAuthetication system using Spring, but I don't understand how it's work. I have an application A, where the users can sign in. After that the user can enter into another application B. But I don't want that the users…
PaolaG
  • 814
  • 1
  • 11
  • 27
2
votes
1 answer

Override the existing Spring Security authentication

How can I override the existing Spring Security authentication by invoking a Web Service and when it's failed, need to redirect some third party login page. For calling this authentication web service, I need to get some ServletRequest parameter and…
Channa
  • 4,963
  • 14
  • 65
  • 97
2
votes
1 answer

How to redirect UsernameNotFoundException from PreAuthenticatedAuthenticationProvider when using multiple AuthenticationProviders?

Using Spring Security 4.02, can anyone help with some tips on how I can handle UsernameNotFoundException from PreAuthenticatedAuthenticationProvider when using multiple AuthenticationProviders so that authenticated requests, with the correct header,…
tblank
  • 257
  • 2
  • 6
  • 14
2
votes
1 answer

Why isn't SpringSecurity placing my SecurityContext in the HttpSession?

My corporate intranet application uses a pre-authentication scenario. It has two filters inserted before the SpringSecurity filter chain. The first is a filter provided by the Corporation. It handles all logins, passwords, etc. and if it…
Steve Cohen
  • 4,679
  • 9
  • 51
  • 89
2
votes
1 answer

Grails pre-authenticated scenario

I'm trying to configure a Grails app in a pre-authenticated scenario, using Spring Security Core. So I wrote a custom authentication filter: class MyAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter { protected…
Tobia
  • 17,856
  • 6
  • 74
  • 93
2
votes
1 answer

Pass authentication info between web service and business layer (Spring, tomcat)

I have spring web service and a business layer deployed separately on two tomcat servers. (As explained in the question Spring WS separately deploy web service and bussiness layer). Business layer is just a servlet container and web service…
Thudani Hettimulla
  • 754
  • 1
  • 12
  • 32
2
votes
0 answers

Access the underlying Request(WebRequest or HTTPRequest) object in WCF for Digest PreAuthentication

We are exposing the Entity objects through WCF Services. To retrieve the entities we make several requests through WCF, close to a 100 or more. We recently switched to Digest Authentication and noticing that every single server request is issuing a…
user561464
2
votes
3 answers

Spring Security Pre Authentication Account Lock Check

Newbie question... I've successfully implemented custom handlers and service (Custom User Details Service, Authentication Success, Authentication Failure) and everything working fine. I've now also implemented functionality that will lock an account…
Simon Tilbury
  • 37
  • 1
  • 1
  • 5
2
votes
1 answer

@PreAuthorize with hasPermission() executes code twice

I want to use @PreAuthorize Spring annotation to controll access in my application. The problem is, that I have a lot of conditions depends not on the request parameters, but on the database entities. Overview: I have an Route entity, that has User…
Athlan
  • 6,389
  • 4
  • 38
  • 56
2
votes
0 answers

Encounter error when re-ask the user to grant permission to my app

While testing integration of the new Facebook API with my iOS app, I removed the app from my Facebook account's app settings, expecting that to force Facebook.authorize() to re-ask the user to grant permission to my app. I encounter error: An error…
user1300503
  • 305
  • 3
  • 10
2
votes
2 answers

Spring Security Preauth "filters=none" not working

strange one, I am using spring security with siteminder and it works fine. However I want to have one url which isn't protected - our loadBalancer needs a "healthCheck" url within the app itself. This url isn't intercepted by siteminder, but…
Mark D
  • 5,368
  • 3
  • 25
  • 32
1
2
3 4 5 6