I integrated spring social facebook login and signup in my spring mvc project and its working perfectly without role.
In this project I have two role seeker and provider , I want to add implicit social sign up for both role seeker and provider , for that I have two seperate view for both seeker and provider for sign in . if I click the Sign In button from seeker view then it should check seeker is register or not if not it will register seeker implicit . but the problem is how we will assign seeker and provider role automatically . how we know which view (seeker or provider) button clicked ......
Thanx in advace
Related
Our current user registration process is using Spring Boot, Spring Security ,Spring Security OAuth 2 and a React front end user interface.
We have a create user API which you pass a username, password, user contact details etc and it returns you the user profile object as well as the OAuth token. Once the user has registered, they are logged into the application automatically.
What we want to do is to send the user an activation code to their email/phone at the end of the registration process and they need to enter this code to complete their registration.
I see there is an Spring Security enabled flag. I can create the profile and set this to false. Once the user enters the correct code, I can set this to true. My only query is would I have to get the user to login again to get the oauth token?
I prefer not to use an activation email link as I don't want to open up new browser windows.
Any advice would be most welcome.
I am new to Laravel. I have two different user types: teachers and students. Teachers register accounts in registration form in website but student registration is provided by a windows application. So I must provide an API to this application. Default Laravel auth is enough for teacher registration but can I use same AuthController for API registration? I don't need a view or redirect to website.
You have two options actually
create a method on your auth controller and apply a middleware to the controller method which would only be available for api calls so a student doesnt create himself/herself as a teacher, you can read more about same here http://laravel.com/docs/5.0/middleware
which I would suggest is to create another auth controller for your api calls that only serves for creating student accounts that way its clean, easier to manage and concept of separation of concerns is put into practice.
I am currently having a problem in implementing concurrent user session in spring mvc. My requirement is that "I have a web application which uses spring MVC, and I have my own login form and I have not implemented spring security yet(which means I have not configured any role based user restriction in my web application). I want only one user with same username to be logged in from a machine. I have surfed all over the net , but couldn't find any useful links nor example project(without role based).
My Requirement:
One user per session
No role based restriction
Have my own login form and once the user logs in , user object(which contains username an password) is stored in session object
If user tries to login for second time , previous user session should be terminated and new user(second user) should be allowed to home page.
Can some one please provide me a solution, links or example project for my requirement ? Many thanks in advance :)
Why not just go ahead and use Spring Security? It will take care of deactivating sessions for you. You can use your own login form and not restrict any of your endpoints based on roles.
You can configure the max number of sessions like so:
I have a web portal built with spring security 3.X. My web portal has links of external web applications also built with spring. Id like to know if there are any working examples or code snippets on how i can automatically POST users login credentials from my portal to my external web applications in order to simulate SSO
I assume you are not looking for an SSO solution for which you could use http://projects.spring.io/spring-security-saml/ with OpenAM/OpenSSO.
In your case you could use the AbstractPreAuthenticatedProcessingFilter, here the documentation:
http://docs.spring.io/spring-security/site/docs/3.2.5.RELEASE/reference/htmlsingle/#preauth
Here a practical example I found:
PreAuthentication with Spring Security -> Based on URL parameters
Answering my own question.....
Solution was to create a table in the db containing username,password,and application name..
On a click event of a link the controller checks if the user has a record in the table with the corresponding application name, if so the user credentials is pasted into the form and submitted automatically.
I'm using ASP.MVC 4 with an account controller that uses forms authentication. I added Facebook and Twitter as an external login providers using OAuthWebSecurity.RegisterFacebookClient etc. Now I want to get User login type (Facebook, Twitter, login/password etc) in the controller and in the view. How can I get this? Thank you.
I fount answer by myself in the AccountController, action RemoveExternalLogins :
ICollection<OAuthAccount> accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name);
and account contain provider field - account.Provider. For Facebook it will be "Facebook".