cancel
Showing results for 
Search instead for 
Did you mean: 

How @RequiredHardLogin works?

krishn_signet
Participant
0 Kudos

We have one controller method where we have used @RequiredHardLogin which is redirecting unauthenticated user to login page. But where exactly this logic is written? We don't have any such thing in Handler class. Is it in filter? If yes which filter?

Accepted Solutions (0)

Answers (1)

Answers (1)

mansurarisoy
Contributor

RequireHardLoginEvaluator is the class which checks whether the customer is "hard-login" or not. This class is under package de.hybris.platform.yacceleratorstorefront.security.evaluator.impl

RequireHardLoginBeforeControllerHandler is the handler which checks whether the method has @RequireHardLogIn annotation or not. This class is under package de.hybris.platform.yacceleratorstorefront.interceptors.beforecontroller.

Bean definition of RequireHardLoginBeforeControllerHandler is defined in spring-mvc-config.xml which is located under yacceleratorstorefront/web/webroot/WEB-INF/config folder.

This bean definition put into the list beforeControllerHandlersList which is used with BeforeControllerHandlerInterceptor.

Finally, this interceptor defined under <mvc:interceptors> so that it works with controllers.

As a summary, it's using Spring's functionality which is provided with preHandle() method of HandlerInterceptorAdapter