I have a login as follows:
Spring-security.xml
<security:http pattern="/login" security="none" />
<security:intercept-url pattern="/login"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:form-login login-page="/login"
username-parameter="username"
password-parameter="password"
authentication-failure-url="login?error=true"
authentication-success-handler-ref="authenticationSuccess"
authentication-failure-handler-ref="authenticationFailureHandler"
default-target-url="/inicio"
always-use-default-target="false" />
<security:authentication-manager>
<security:authentication-provider
user-service-ref="userDetailsService">
<security:password-encoder hash="sha-256" />
</security:authentication-provider>
</security:authentication-manager>
It works well ... And everything, now what I want is to also implement another one like loginToken and without having the password, I initiate the session in the system.
Then have two logins in the configuration file and be able to go to or by / login or by / loginToken (in this the password does not come).