Pivotal Knowledge Base

Follow

Changing j_username and j_password Variables in Spring Security

Environment

 Product  Version
 Spring  All
 OS  All Supported OS

Purpose

This article provides steps to change the j_username and j_password variables used by the form authentication process in Spring Security.

Resolution

The steps to modify the j_username and j_password variables vary for the different versions of Spring Security.

Spring Security 2.0.x

To modify the j_username and j_password variables in Spring Security 2.0:

Remove the <form-login ...> element from the HTTP configuration in the Spring security application context.

Define AuthenticationProcessingFilter which allows the customization of these values.

For example:

<beans:bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">

     <beans:property name="usernameParameter" value="user_name">

     <beans:property name="passwordParameter" value="passwd">

     < !-- other properties which you also use in the -login element -->

</beans:bean>

Spring Security 3.0.x

AuthenticationProcessingFilter in Spring 2.0.x was deprecated in 3.0.x and was renamed as UsernamePasswordAuthenticationFilter.

To modify the j_username and j_password variables in Spring Security 2.0: Remove the <form-login ...> element from the HTTP configuration in the Spring security application context.

Define UsernamePasswordAuthenticationFilter which allows the customization of these values.

For example:

<beans:bean class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">

                <beans:property name="usernameParameter" value="user_name">

       <beans:property name="passwordParameter" value="passwd">

       < !-- other properties which you also use in the -login element -->

</beans:bean>

Additional Information

For more information, see Spring Security Reference and API.

Comments

Powered by Zendesk