I’m using Spring MVC for a web app. I want to use OpenID for my application, but I’m just wondering of what a good way to handle authentication in general for Spring MVC is.
My web app is a question and answer app. Here is the scenario I am confused about:
When a user wants to ask a question, they enter a question in a text box and hit submit, and it posts the form to “/question/create”, which maps to a Create method in my Question controller. At this point, if they are logged in it will add the question to the database, but if they aren’t I would like them to see a login screen, and then after successfully logging in the question would be added to the database.
What I don’t understand is how to automatically add the question to the database after the login screen, because the form values would be the form values for the login screen, and not the form values for the add a question screen anymore.
acegi or spring security is what you need.
http://static.springsource.org/spring-security/site/faq.html
Any unauthenticated user will be redirected to the login page and after successful authentication original requested action may be performed. Acegi provides this facility.