search

socialsignin / spring-social-security-demo

Spring Social Security Demo - using the default user local account persistence of Spring-Social-Security
23 stars 23 forks source link

Integrate classic login too #8

Open antocaso opened 9 years ago

antocaso commented 9 years ago

Hi, at first congratulation for your project, it helped me a lot to build my first webapp with Spring. But now I have issue: I need to integrate also a classic login procedure based on spring security in the same app. It is possible integrate the new procedure with your spring social security without delete all code already written and change too much my project?

Thanks a lot.

michaellavelle commented 9 years ago

Hi antocaso - thanks for your interest in the project - glad you are finding it useful.

It is possible to integrate a classic form-login security with the demo.

I think you should be able to:

1) Add your required form-login security to the security configuration in spring-config.xml

2) Change the security:custom-filter element in spring-config.xml so that it reads "before"="FORM_LOGIN_FILTER" instead of "position"="FORM_LOGIN_FILTER".

This should allow you to have 2 security filters in your app - one for form login, and another for spring social security.

It's been a while since I created this demo, so there may be other changes that need to be made that I haven't remembered, but it is something that's possible to do.

Hope this helps,

Michael

michaellavelle commented 9 years ago

Actually, I just realised that there is another change you may want to make if you want to have a unified store of user accounts for both social-signups and for form-login signups.

By default, this demo uses the only the UsersConnectionRepository table to locally store the details of users who sign using social providers. There is no local user account store, so the demo is using only this table to determine usernames and passwords.

When you add on form-login, you'll likely be wanting a unified datastore of all users ( both form login and social), so you may want to change the demo so that spring-social-security writes to the same user store as your form login.

There is an example of how to change the demo to write to a custom data store here:

https://github.com/michaellavelle/spring-social-security-demo

You could use a similar approach to convert your application so that you have a custom data store that matches the store used by form login.

Hope this makes sense,
Michael