I have a user entity, which has a boolean "hasTmpPassword". This boolean is set to true until the user changes its password.
After login with the temp password, I redirect to my changePassword page (with DefaultAuthenticationSuccessHandler )
How can I prevent a login user (with temp password), to access other pages of the website, and always redirect him toward the changePassword page?
Thanks!