Saturday, February 22, 2014

Two factor authentication with Spring Security

In this blog post I would like to show you how you could implement (simulate) two factor authentication with Spring Security. If you would like to jump ahead right to the code have a look at my github profile. To easily test the simple demo application I have uploaded it to heroku. Note that by default the application will use a single dyno (Heroku's term for scalable unit) and it will go to sleep after one hour of inactivity. This causes delay of a few seconds for the first request, subsequent requests will perform normally.

I mentioned "simulate" previously since the demo application turns the two factor authentication problem into a normal authentication plus authorisation problem. When valid credentials (here: email and password) are provided the PRE_AUTH_USER role is assigned to the user. With this role the user is authorised only to access the view where the verification code can be provided. If the correct verification code is provided the user will be granted with the USER role, with which all the views can be accessed.

Below you can see how easy is to configure Spring Security with the Java config introduced in version 3.2

In order to support non-security related user information, the AccountRepository is adapted to the UserDetailsService, so Spring Security can use it as an authentication source.

For the second step verification a time based one time password (TOTP) verification algorithm is used, which is described very good here.

105 comments:

Unknown said...

Awesome that you can write out all the code for that. I am taking some html classes right now and trying to learn that. It seems very useful.

James | two factor authentication

Unknown said...

My cousin was telling me about this two factor authentication. He has been talking to me about it for awhile now too. I just want to learn more and more about this so I can actually talk to him.
Jak Manson | http://www.celestix.com

Jay said...

Thanks. But the Heroku links gives this error.

"Application Error
An error occurred in the application and your page could not be served. Please try again in a few moments.

If you are the application owner, check your logs for details."

Jay said...

Very useful article.

Is it possible to have all the 3 fields (username, password, verification code) in single page ? If all 3 combinations are correct then set the Authorities on SecurityContext else throw exceptions. I am able to implement till user / password combination. But I want to put a small piece of java code for the OTP (2factor authentication). But not sure where to put this piece of Java code. Should I use filters ?

Thanks
Jay

Unknown said...
This comment has been removed by the author.
Dipan said...

Great article. Succinct and accurate. What helped me immensely was your github code that worked as a reference. I have used this to rollout an email based OTP solution using XML namespace configuration (since that is what was there from before).

Unknown said...

Two Factor Authentication is become very necessary for the website's security. Your article give us better understanding of the 2FA verification process. It can be done through different options like Bulk SMS , Email, Voice call etc.

Unknown said...

Great article. The code help me. accurate it is.
Regards,
Elliot

Unknown said...

CloudAce high quality Two-Factor Authentication solutions safeguard your network from malicious attempts and provide extra protection for company’s most sensitive information.
Two-Factor Authentication solutions


Simply Viagra - Online Pharmacy said...

Glad to know about this wonderful piece of writing. cheap generic viagra online

Anonymous said...

Hi,Great post! .Thanks for sharing this information.This is very useful information for those who want to buy 2FA system. Innefu Security is a well-known supplier of 2FA system, we are also dealing in Time attendance system, face attendance system, access control system and other security devices in NCR (Delhi ,Noida, Faridabad etc).

Rashmi said...
This comment has been removed by the author.
Rashmi said...

Such an informative article. Also visit Textlocal - www.textlocal.in

Unknown said...

Such an informative article. Also visit Textlocal - www.textlocal.in

Anonymous said...

Thanks for sharing useful information... It improves security and SMS Connect also provides two way authentication.

Unknown said...

Very mind blowing post and keep sharing this kind of post as it is very useful to us.
You can visit: BULK SMS IN USA

Unknown said...

This paragraph gives clear idea for the new viewers. Thank you very much for sharing this information.

bulk sms service provider in laxmi nagar

Unknown said...

Thanks for sharing this interesting information, keep up the good work going.

bulk sms service provider in delhi

bulk sms service provider in laxmi nagar

Bulk sms service provider in india

Dinesh said...

Useful and Informative..Thanks for sharing.I would also like to share some useful information.If you are Looking for the satta result Delhi Darbar in delhi,ncr or satta result Gali, satta result Deshawar. Then open the below link for more details.

satta King Taj
satta king online
satta king online result
sattaking
satta king
satta leak fix number site

shalini said...

Its really informative post, if you want to buy bulk sms service visit my sms bazaar.

BTech Result said...

Thank You For Sharing This Informative Article

Want To Know (or) Searching For Best Earphones Under 1000 in 2019 Then Click This Link
[Top 10 ] Best Earphones Under ₹1000 in 2019

BULK SMS PLANS said...

Thanks for sharing, it's nice information.
Bulk sms Service provider in India
Bulk sms marketing
Bulk sms

vartika dubey said...

great article keep writing Bulk Sms Service providers

SMSi5 technology said...

Great article about Bulk SMS Service providers in India. keep updating.

Tanu Nashkar said...

Such a brilliant blog, very helpful but if you are suffer from hair issues like baldness or thin hair, So now you don't have to worried about it because Kinsley Extenso have solution for you we manufacture different type of Top Quality hair Extension at reasonable price. Its easily available on your nearby location in Delhi. It manufacture different type of products like keratin Hair extensions or Human Hair wigs

Dream Care India said...

Which is the best washing machine cover in 2020? This is the most awaited question to be answered. Washing machine cover are prominent part of every home that helps you in looking neat and gorgeous. Best Washing Washing Machine cover for front load

Unknown said...

This blog has been amazing, the author has really worked hard to form such an informative blog.
I really appreciate the author for his time. and here is something you would like about the home appliance cover,
here at dream care we are providing
mattress cover price
that too on 70% off shop now!

Unknown said...

This blog has been amazing, the author has really worked hard to form such an informative blog.
I really appreciate the author for his time. and here is something you would like about the home appliance cover,
here at dream care we are providing
mattress cover online india
that too on 70% off shop now!

Unknown said...

This blog has been amazing, the author has really worked hard to form such an informative blog.
I really appreciate the author for his time. and here is something you would like about the home appliance cover,
here at dream care we are providing baby dry sheet that too on 70% off shop now!

Unknown said...

This blog has been amazing, the author has really worked hard to form such an informative blog.I really appreciate the author for his time. and here is something you would like about the home appliance cover,here at dream care we are providing Dishwasher Cover that too on 70% off shop now!

Unknown said...

This blog has been amazing, the author has really worked hard to form such an informative blog.I really appreciate the author for his time. and here is something you would like about the home appliance cover,here at dream care we are providing ac cover 1.5 ton that too on 70% off shop now!

Unknown said...

This blog has been amazing, the author has really worked hard to form such an informative blog.I really appreciate the author for his time. and here is something you would like about the home appliance cover,here at dream care we are providing led tv cover that too on 70% off shop now!

Unknown said...

This blog has been amazing, the author has really worked hard to form such an informative blog.I really appreciate the author for his time. and here is something you would like about the home appliance cover,here at dream care we are providing led tv cover 24 inch that too on 70% off shop now!

Kinsley Extenso said...

This is really helpful. You’re doing a great job, Keep it up


Keratin Hair Extensions

Kinsley Extenso said...

Really Nice Article & Thanks for sharing.


Permanent hair extensions

Hair extensions

Best hair extensions

Top hair extensions

Hair Wigs

Human Hair Extensions

Clip on Extensions

Real hair extensions

Buy hair extensions online

hair extensions near me

Keratin Hair Extensions

Kinsley Extenso said...

This is really helpful. You’re doing a great job, Keep it up


Human hair extensions in delhi

Permanent hair extensions

hair extensions shop near me

Human hair suppliers in delhi

Hair extension prices

Hair extensions cost in delhi

Wigs for Women

Human Hair manufacturers in delhi

Hair Extension in Mumbai

Humar Hair Wig

Hair Extension Salon

Digital marketing said...

i am looking on your websit. you write very helpful informatione and knowledge key .thanks for it .if you buy and see center table cover then you click on link .

Digital marketing said...

there are in your website article very helpful to me .gues if you intreste buy then click on my link.thanks table placemate

Digital marketing said...

there are in your website article very helpful to me .gues if you intreste buy bottel cover
then click on my link.thanks

Unknown said...

such a nice blog keep sharing it click here for best cushion protector covers

Unknown said...

such a nice blog keep sharing it click here for best Saree Cover

Unknown said...

such a nice blog keep sharing it click here for best Cylinder Cover

Elite SEO Agency said...


Nice Your Blog


Digital Marketing for Educational Institute are seeking assistance from Elite SEO Agency.


Digital Marketing for Educational Institute | Elite SEO Agency

Elite SEO Agency said...


Nice Your Blog


Did you want to promote your Online Marketing for Coaching Institutese in India?


Online Marketing for Coaching Institutes |Elite SEO Agency

Unknown said...


Nice your Blog

shashanksenglishpro is one of the most trusted names in English Education and English Speaking Tution. Visit My Page

English Speaking Class in Kalyan Mumbai

English Home Tution in Kalyan, Dombivli

aidmd said...



Nice your Blog

Nexcuitis one of the most trusted names in Best Education . Visit My Page

Web Development Services in Delhi

SMS Provider in India


aidmd said...



Nice your Blog

Nexcuitis one of the most trusted names in Best Education . Visit My Page

Web Development Services in Delhi

SMS Provider in India


aidmd said...



Nice your Blog

Nexcuitis one of the most trusted names in Best Education . Visit My Page

Web Development Services in Delhi

SMS Provider in India


Unknown said...



Nice your Blog

Nexcuitis one of the most trusted names in Best Education . Visit My Page

Web Development Services in Delhi

SMS Provider in India

Unknown said...




Nice Your Blog


If you're a realtor or own a Real Estate for SEO Services Company


Best SEO Company in Laxmi Nagar | SEO Services in Laxmi Nagar Delhi

Unknown said...



Nice Your Blog


If you're a realtor or own a Real Estate for SEO Services Company


SEO Packages in Delhi | Nexcuit Web Solution

Unknown said...




Nice Your Blog


If you're a realtor or own a Real Estate for SEO Services Company


Digital Marketing Services in Laxmi Nagar Delhi | Best Digital Marketing Service in Laxmi Nagar

Unknown said...



Nice Your Blog


If you're a realtor or own a Real Estate for SEO Services Company


Social Media Agency in Delhi | Social Media Marketing Companies in Delhi

Unknown said...



Nice Your Blog


If you're a realtor or own a Real Estate for SEO Services Company


Bulk SMS Service Provider in Delhi | Bulk SMS Provider in Delhi

Unknown said...



Nice Your Blog


If you're a realtor or own a Real Estate for SEO Services Company


Bulk SMS Service Provider in Delhi | Bulk SMS Provider in Delhi

Unknown said...


Nice Your Blog

Crane Rental Providers in Noida,Uttar Pradesh.

Crane Service in Noida | Crane Service Near Me

Unknown said...


Nice Your Blog

RT Crane Sercice for Rent Providers in India.

Crane Service in Noida | Crane Service Near Me

FlexiShine Polyblends LLP said...


Nice Your Blog

More about Tpe Compound Manufacturers in India

Tpe Compound Manufacturers in India | Tpv Compound Manufacturers in India

Tpe Exporter from India | Tpe Compound Manufacturers in India

Tpv Compound Manufacturers in India | Tps Compound Manufacturers in India R

Soft Grip material manufacturer | Injection moulding rubber granules

Unknown said...

Nice Your Blog

Nexcuit Web Solution is a leading provider of Bulk SMS marketing Services in Delhi India.

Bulk SMS Service Provider in Delhi | Bulk SMS Provider in India

aidmd said...


Nice Your Blog

How to start affiliate marketing on flipkart?

aidmd said...


Nice Your Blog

How to start affiliate marketing with Clickbank (Part 1)

Heaths Spot Point said...


Nice Your Blog

Crane Rental Providers in Noida,Uttar Pradesh.

Crane Service in Noida | Crane Service Near Me

Unknown said...


Nice Your Blog


SEO Services in Delhi | SEO Company in Delhi

Unknown said...




Nice Your Blog


Digital Marketing Services in Laxmi Nagar Delhi | Nexcuit Web Solution

Unknown said...


Nice Your Blog


SMS Service Provider | Best Bulk SMS Service Provider in India

Unknown said...



Nice Your Blog


Website Designing Company in Delhi | Website Designing Company in India

Unknown said...


Nice Your Blog


SEO Packages in Delhi | Nexcuit Web Solution

Dream Care India said...



Nice Your Blog


7 Steps to Take to Keep Rats Out of Your House - Dream Care India

Dream Care India said...


Nice Your Blog


How To Keep Your Sarees As Good As New - Dream Care India

Dream Care India said...


Nice Your Blog


Washing Machine Cover Bosch | Washing Machine Cover for top Load

Dream Care India said...


Nice Your Blog


Washing Machine Cover Near Me | Washing Machine Cover Waterproof

FlexiShine Polyblends LLP said...


Nice Your Blog

More about Tpe Compound Manufacturers in India

Tpo Manufacturer in India | Tpv Manufacturers in India

aidmd said...



Nice Your Blog

How to start affiliate marketing on flipkart

Amazon Affiliate Earnings India | Amazon Affiliate Requirements

Flipkart Affiliate | Benefits Of Amazon Associates

aidmd said...


Nice Your Blog


How to start affiliate marketing on flipkart

Amazon Affiliate Marketing | Amazon Affiliate Commission Rate

Amazon Affiliate Earnings | Flipkart Affiliate

Unknown said...


Nice Your Blog

Bulk Sms Service Provider In Delhi | Bulk Sms Provider In India

Sms Service Provider |Best Bulk Sms Service Provider In India

Bulk Sms Provider In India |Sms Provider In India

Unknown said...


Nice Your Blog

Bulk Sms Service Provider In Delhi | Bulk Sms Provider In India

Bulk Sms Service Provider |Bulk Sms India

Sms Provider In India | Sms Service Provider

Unknown said...


Nice Your Blog

Bulk Sms Reseller Provider In India | Bulk Sms Reseller

Bulk Sms Reseller In India |Bulk Sms Reseller Provider

Unknown said...


Nice Your Blog

Bulk Sms Reseller Provider In India | Bulk Sms Reseller

Bulk Sms Reseller Provider | Bulk Sms Reseller In India

Unknown said...


Nice Your Blog

Bulk Sms Reseller Provider In India | Bulk Sms Reseller

Bulk Sms Reseller India | Bulk Sms Reseller Provider

Dream Care India said...



Nice Your Blog


7 Steps to Take to Keep Rats Out of Your House - Dream Care India

Dream Care India said...


Nice Your Blog


How To Keep Your Sarees As Good As New - Dream Care India

Dream Care India said...




Nice Your Blog


Mattress Protector | Mattress Protector Double Bed

Dream Care India said...



Nice Your Blog


Washing Machine Cover Bosch | Washing Machine Cover for top Load

FlexiShine Polyblends LLP said...


Nice Your Blog

More about Tpe Compound Manufacturers in India

Soft Grip Material Manufacturer | Flexishinepolyblends

FlexiShine Polyblends LLP said...



Nice Your Blog

More about Tpe Compound Manufacturers in India

Flexishinepolyblends | Soft Grip Material Manufacturer

FlexiShine Polyblends LLP said...


Nice Your Blog

More about Tpe Compound Manufacturers in India

Injection Moulding Rubber Granules | Flexishinepolyblends

Unknown said...

very nice blog. Dispenser Bottle Covers online

Educated Healing said...


Nice your Blog

Massive Male Plus UPDATE 2020 – Does It Really Work?

https://k12.instructure.com/eportfolios/7387/Home/Massive_Male_Plus_UPDATE_2020__Does_It_Really_Work
https://angel.co/company/massive-male-plus-male-enhancement-1
https://www.xfactory.io/forum/she-qun-huo-dong-community-events/massive-male-plus-update-2020-does-it-really-work
https://in.pinterest.com/pin/811633164091918022/
https://in.pinterest.com/pin/811633164091918048/
https://pubhtml5.com/otro/nizh
https://pubhtml5.com/otro/khwn
https://www.completefoods.co/diy/recipes/massive-male-plus-male-enhancement-5
https://www.emailmeform.com/builder/form/759OeBd7SJf5t7i1

dreamcareindia said...

lovely post!!
Must read WINTER MAINTENANCE TIPS FOR YOUR IMPORTANT APPLIANCES

dreamcareindia said...

Really loved your blog!!! Must visit Useful Tips for your Wooden Tables

dreamcareindia said...

such a lovely post!!
Please have a look at Some Safety Tips For Gas Cylinder For Customers

NM-GALLERY said...

GOOD ONE ......

Realhairhouse said...


Nice blog !! Thanks for sharing valuable information...
Hair Patch Rate in Delhi
Hair Wigs in Delhi

health said...
This comment has been removed by the author.
health said...

good nice blog value information
https://textspeed.in/

Devesh singh said...

Thanks for sharing. I would also like to share some useful information. For more information

Bulk SMS

Voice SMS company in Delhi

TextSpeed said...

I'm finding myself reading and commenting for far too long once again. But who cares, it was still a good time!
Bulk Sms Service Provider In Chennai

Flexishinepolyblendsllp said...

Good information keep posting.

Injection moulding rubber granules
Thermoplastic elastomers manufactures
Tpe | Tps | Compound Manufactures
tpe vs tpv

Unknown said...

Nice Post Your content is very inspiring and appriciating I really like it please visit my site
quote status
SMS bomber
Please visit my site for kolkata fataft
check out this website young soch for some amazing business ideas and success story and also
visit this site movierulzz to download latest movies
this website more about physiotherapy will help you to learn physiotheraphy concept


FlexishinePolyblends LLP said...

Really get a clear answer of my question after visit many blogs.
I recommend to all if you any doubt like me Visit these blogs -
Tpe vs Tpv
Tpe vs Pvc
Polymer material in india
Where to buy Tpe
Tpe manufactures in india
Tpe suppliers in india

VED said...

https://sattakingr.in


satta king


Dishavar Single Jodi will pass with 10000 % guarantee because we have date fix leak pair by which you can get rid of all your debt by playing only honest customer call or message people who play fat game will get daily profit by guarantee this chance Don't miss out, get the game booked soon satta king

Flexishinepolyblendsllp said...

Clear all your query through these blogs. highly recommended to read it once.
Thermoplastic elastomers properties
Polymer material in india

Flexishinepolyblendsllp said...

Get all your query here read these blogs... highly recommended to read it once.
Thermoplastic elastomers properties
Polymer material in india

Kpiksain said...

I would be fantastic if you could point me in the direction of a good platform.
ba 1st year result 2022 roll number wise

Realhairhouse said...


Very useful post and thanks for sharing!
Cost of Hair Patch in Delhi
Hair Patch Treatment in Delhi
Best Hair Patch Service in Delhi
Hair Wigs for Men