Correct way to login a user programmatically to a Vaadin App on Spring Boot Security?

charming-frog · August 31, 2023, 8:57pm

first all Spring security is wrapped under com.vaadin.flow.spring.security.* so have a look there

charming-frog · August 31, 2023, 8:58pm

this is a small ‘simple’ login form , but you can use any way you want to implement

charming-frog · August 31, 2023, 8:58pm

in this example any username and password are automatilcy being created as user

charming-frog · August 31, 2023, 8:59pm

hope it will give you the direction you need

charming-frog · August 31, 2023, 9:23pm

The user details or user class are not with Vaadin Context but with spring context , either create a bridge to pass it , or use spring boot authenticated user.
@rolesAllowed are working any way.

observant-quetzal · September 8, 2023, 3:35pm

@charming-frog , thank you for the suggestion!

charming-frog · September 10, 2023, 6:55pm

@observant-quetzal just came with this addon :

charming-frog · September 10, 2023, 6:55pm

https://vaadin.com/directory/component/spring-boot-security-for-vaadin

charming-frog · September 10, 2023, 6:55pm

does what you need

kind-goat · September 12, 2023, 10:40am

Do you know if this supports custom authentication filters too?

kind-goat · September 18, 2023, 9:01am

The trick is here: VaadinSession.getCurrent().getSession().setAttribute(“SPRING_SECURITY_CONTEXT”, securityContext);

After this, the user is fully logged in, and the protetected routes are also accessible. The next requests maintain the authentication.

To logout, just call VaadinSession.getCurrent().getSession().invalidate();

charming-frog · September 18, 2023, 5:12pm

As I wrote in other posts… probably some trick, well done @kind-goat