开发者

Spring security with Flex using Container Preauth

I've got the Spring Security preauthentication sample configured and working with JBoss. The next step开发者_如何学编程 is to somehow get the user information into a flex client GUI.

What are some methods that will let me get the Authentication or UserDetails object that's created by spring-security on http access into the flex client? Since I'm logging in externally, I can't use channelset.login(), right? All the examples I've seen so far assume that the user logs in manually through the flex client, but the requirement is for container-based authentication.

Using flex3, spring 3.0.4, spring-security-3.0.3


If you use spring-flex together with blazeds for the flex to java http plumbing, then what you have to do is to :

  • enable the Spring Security filter chain in web.xml

  • secure your blazeds service with your expected security constraints

  • make your spring-security AuthenticationProvider use your authentication mechanism


There is an article on Adobe DevNet covering this topic: http://www.adobe.com/devnet/flex/articles/flex_security.html


Use PreAuthenticatedAuthenticationProvider as your authentication provider. Flex sessions will automatically map 1:1 with HTTP sessions, and you can access the authentication object using a session-scoped call to SecurityContextHolder.getContext().getAuthentication()

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜