Need to login/ register during Spring Web-Flow

Question

I have a web flow defined with 4 steps in it. I have also spring security configured properly.

In the last step, I need to save the user's order which requires a user account. Therefore, I need to ensure the user is logged in before the last step is executed. So what I want is: - users that are already logged will smoothly move to the last step - users that are not logged in, will have to go to our register/ login page after which they will be redirected back to continue the flow.

Note: the first steps do NOT require to be logged in (or registered). Only the last step.

How do I redirect back to the last step after login/ register?

Answer 1

Figured it out for login. Just add:

 <secured attributes="ROLE_USER" />

To the flow element you want to secure. See Spring WebFlow Doc

I have not solved it for register yet. As we need to re-enter the flow. Any ideas?

Answer 2

You can try to reuse RequestCache (that is used by Spring Security itself). During request processing of the last page you need to do:

requestCache.saveRequest(request, response);

See ExceptionTranslationFilter.sendStartAuthentication(...) for example.

If your login page is configured correctly then Spring Security will add automatically RequestCacheAwareFilter to corresponding filer chain. RequestCacheAwareFilter will do the trick.

EDIT. It must work in Spring MVC environment. I am not sure about Spring Web-Flow (may be there is higer level framework support for this case)