Thanks Josep for your reply but the access denied message is not coming from the servlet. The servlet is accessed and executes alright. It comes when the servlet tries to redirect to the home page so its actually coming from the home page which is protected by a role. I thought that by logging user with appropriate role it would be taken of but apparently its not.
On Tue, Jun 1, 2010 at 1:10 PM, Josep García <jgar...@isigma.es> wrote: > The servlet needs to be an "allowed" page to users. > In security.xml: > > <intercept-url pattern="/yourservlet/*" filters="none"/> > > 2010/6/1 Kissue Kissue <kissue...@gmail.com> > > Hi Folks, >> >> i have a requirement to login user automatically from another application >> into my appfuse application. Say from first application, user submits >> username and password and is sent to my appfuse application and user is >> automatically authenticated and the home page is displayed. >> >> I have tried to use a servlet so user sends request to servlet, then >> servlet uses code below to login user in: >> >> UsernamePasswordAuthentication >>> >>> Token auth = new UsernamePasswordAuthenticationToken( >>> user.getUsername(), user.getConfirmPassword(), >>> user.getAuthorities()); >>> auth.setDetails(user); >>> SecurityContextHolder.getContext().setAuthentication(auth); >>> >>> After which user is redirected to home page but each time i get the >>> access denied message which means its still not recognising user. >>> >>> Has anybody done something like this before? Is it possible? >>> >>> Thanks. >> >> >
