Spring authentication is failing if URL accessed via java code

Question

Currently I am using the Spring Security Authentication via Spring Filter and Servlet.

<servlet-mapping>
    <servlet-name>remoting</servlet-name>
    <url-pattern>/remoting/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
    <servlet-name>remoting</servlet-name>
    <url-pattern>/admin</url-pattern>
</servlet-mapping>

<!-- Enables Spring Security -->
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>
        org.springframework.web.filter.DelegatingFilterProxy
    </filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<!-- End Spring Security -->

Inside my spring-security.xml

<authentication-manager alias="authenticationManager">
    <authentication-provider ref="myAppAuthenticationProvider"/>
</authentication-manager>

<beans:bean id="myAppAuthenticationProvider"
        class="com.filter.MyAppAuthenticationProvider">
    <beans:property name="repository" value="#{deployment['globalregistry.repository']}"/>
</beans:bean>

Now when I hit the URL For Eg: http://localhost:8080/context/admin?action=authenticate

j_username: user
j_password : password

I get a screen for entering the user and password which is authenticated by spring-security.

Now when I try to access the above URL through a Java program through HTTPPost API, I get a redirect error response as 302. Now How do I bypass the login screen to validate and directly authenticate without redirecting to web page. And also provide the j_username and j_password using my java program.

Note that when I hit the URL the page is redirected to something like this http://localhost:8080/context/spring_security_login.

Your help will be really grateful guys.!

Answer 1

You should pass j_username and j_password in the URL used for authentication.

For example:

http://localhost:8080/yourAppContext/j_spring_security_check?j_username=user&j_password=pass