OAuth2 Custom Spring Security With Social Spring Integration

Custom Spring security OAuth2 is working fine and now would like to add Spring Social integration(facebook login, google login etc), When the user clicks on Facebook login(user would not provide any username/password), Facebook will return an access_

Grails disconnect another connected user

I have grails application and installed spring security core plugin. I want to logout another logged in user. I am able to get all logged in users list using sessionFactory. Help needed. Please give me detailed explanation. I followed this thread but

Getting a CSRF token via AJAX

I am planning on building an application with a decoupled front-end and back-end (using only ajax requests). I do not allow cross-site ajax requests. Can I generate a csrf token with an ajax call, by adding an API like /csrf which returns something l

Static Security Rules of Grails Spring

I want all users to be authenticated before accessing my application. Following is the setting in Config.groovy: grails.plugin.springsecurity.controllerAnnotations.staticRules=[ "/**": ["ROLE_ADMIN"], "/login/auth": ["pe

How to configure JerseyTest with spring-security?

I have a working spring-security configuration which wraps my jersey-based REST endpoints and allows method-level access. Sample project with everything needed to reproduce the problem quickly: https://github.com/pulkitsinghal/dummy-rest-api // Serve

spring security - access-denied-handler

I have some problems with Spring Security and getting an access-denied-handler to work. Spring security is working but when I visit /admin without the required privileges (ROLE_ADMIN), Spring Security is just redirecting to the root page which is my

Spring Security UserDetailsService get the password

I'm creating authentication service in Spring. I'm using UserDetailsService to get form variables, but i found that loadUserByUsername has only one variable - userName. How to get password ? public class userAuthentication implements UserDetailsServi

Program authentication

I am using Spring Security in my application. I have all the pages secured. But couple of URL needs to be available both for system user and anonymous user. But anonymous user should not have direct access to the URLs. He gets a link with unique toke

Retrieve the password of the current user of spring-security

This question already has an answer here: UserDetails getPassword returns null in spring security 3.1. How to get password of currently logged in user? 3 answers I'm using spring-security with HTTP Basic Auth to secure a java webapp. In my webapp I n

how to add an interceptor in the spring

I am using Spring Security 3.0.3 for a project.My user info is loaded from the database. I have following interceptor <intercept-url pattern="/admin/**" access="ROLE_ADMIN"/> <intercept-url pattern="/**" access="

Spring security does not work on Glassfish v3

I have a java web application that use spring security for log in users, restriction access etc. , and it is working without problems on Glassfish 2.1, Tomcat, jetty, but on glassfish v3 doesn't work, when I try to login, and press button login, I'm

Spring Security: Problem with the back button

I am trying to use the logout functionality provided by Spring security. The logging out works fine. The session gets invalidated(by calling logout method in SecurityContextLogoutHandler class). The user is redirected to the login page. However, when