Spring Security Custom Filter (Change Password) -

-

i'm using spring security securing http requests website. primary usage securing pages such user redirected login page when trying access pages.

however, have further requirement. in model, can flag user's password being temporary such that, when login, should automatically forced change password. once password changed, should forwarded on page trying access.

has used spring security purpose? need create own custom filter?

thanks,

andrew

in spring security 3.0 can implement custom authenticationsuccesshandler.

in handler can redirect user temporary password password change page instead of requested page. after password changed, may redirect user requested page using savedrequestawareauthenticationsuccesshandler, default handler implementation.

public class myhandler implements authenticationsuccesshandler {     private authenticationsuccesshandler target = new savedrequestawareauthenticationsuccesshandler();      public void onauthenticationsuccess(httpservletrequest request,         httpservletresponse response, authentication auth) {         if (hastemporarypassword(auth)) {             response.sendredirect("/changepassword");         } else {             target.onauthenticationsuccess(request, response, auth);         }     }      public void proceed(httpservletrequest request,          httpservletresponse response, authentication auth) {         target.onauthenticationsuccess(request, response, auth);     } }  @controller("/changepassword") public class changepasswordcontroller {      @autowired     private myhandler handler;      @requestmapping(method = post)     public void changepassword(httpservletrequest request,          httpservletresponse response,         @requestparam(name = "newpassword") string newpassword) {          // handle password change         ...          // proceed secured page         handler.proceed(request, response, auth);             }      // form display method, etc     ... }

Comments

Post a Comment

Popular posts from this blog

c++ - How do I get a multi line tooltip in MFC -

-
right now, have tool tip pops when hover on edit box. problem tool tip contains multiple error messages , in 1 long line. need have each error message on own line. error messages contained in cstring new line seperating them. my existing code below. bool ontooltiptext(uint, nmhdr* pnmhdr, lresult* presult) { assert(pnmhdr->code == ttn_needtexta || pnmhdr->code == ttn_needtextw); // need handle both ansi , unicode versions of message tooltiptexta* pttta = (tooltiptexta*)pnmhdr; tooltiptextw* ptttw = (tooltiptextw*)pnmhdr; // tchar szfulltext[256]; cstring strtiptext=_t(""); uint nid = pnmhdr->idfrom; if (pnmhdr->code == ttn_needtexta && (pttta->uflags & ttf_idishwnd) || pnmhdr->code == ttn_needtextw && (ptttw->uflags & ttf_idishwnd)) { // idfrom hwnd of tool nid = ::getdlgctrlid((hwnd)nid); } //m_errprojaccel[ch] contains 1 or more error messages each...
Read more

asp.net - In javascript how to find the height and width -

-
i having .aspx , masterpage page. in masterpage loading aspx page . in aspx page design using generating table structure using code-behind server in javascript how find height , width . regards, kumar if you're looking table height , width, should it var tbl = document.getelementbyid('tbldemo'); alert(tbl.offsetwidth + '\n' + tbl.offsetheight);
Read more

c# - DataTable to EnumerableRowCollection -

-
i have datatable according client requirement can contain invalid date "00/00/1999",null,empty string.(typed datset) when collect them enumerables wish convert of invalid forms empty string. (i.e) enumerablerowcollection<datarow> query = order in _table.asenumerable() select new { orderdate= string.isnullorempty(convert.tostring(order.field<datetime>("orderdate")) || (how check date invalid date) ? string.empty : order.field<datetime>("orderdate") } how check whether date valid date or not? datetime.tryparse...like given current code: datetime date; enumerablerowcollection<datarow> query = order in _table.asenumerable() select new { orderdate= string.isnullorempty(convert.tostring(order.field<datetime>("orderdate")) || !datetime.tryparse(convert.tostring(order.field<datetime...
Read more