Currently I have a custom form login page in Spring Security 3 that sends

Question

0

Asked: May 23, 20262026-05-23T17:06:42+00:00 2026-05-23T17:06:42+00:00

Currently I have a custom form login page in Spring Security 3 that sends

0

Currently I have a custom form login page in Spring Security 3 that sends its form data to the correct authentication url.

However now I need to extend the process to support security questions after logging in but before hitting the rest of the site.

I have a few options from reading the documentation, but I’m confused as to the correct option to choose.

Option 1: Keep the current login system and set a special role that only lets the user access the security questions page. If they pass through the security questions process successfully, add their correct roles into the security context.

Option 2: Subclass AbstractAuthenticationProcessingFilter and do security questions as a part of the login process. This seems more spring-like but I’m stuck on how to support the multiple pages for the questions with breaking the rest of the authentication framework.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T17:06:42+00:00

Editorial Team

2026-05-23T17:06:42+00:00Added an answer on May 23, 2026 at 5:06 pm

I ended up using Option 1. @craftsman’s answer doesn’t fit since the questions are specific per user. Its actually worked out really well.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Currently I have a custom form login page in Spring Security 3 that sends

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply