All geek questions in one place

Can I use one login page to redirect another page using Spring 3.0 Security ..?

Possible duplicate:
Configuring custom mails based on custom ROLES using spring security

I am running my Java project using Spring. I am using spring security in my project.

My problem is that depending on the role of ROLE_USER or ROLE_ADMIN I want to redirect them to different pages. This means that if an administrator is registered, he must redirect to one page, and if a regular user is registered on another page, but the login page will be the same for both users.

Now I use the code below in the spring -servlet.xml file. So please offer me some solution.

<security:http auto-config="true"> <security:intercept-url pattern="/airline/*" access="ROLE_USER" /> <security:form-login login-page="/login" default-target-url="/logout" authentication-failure-url="/login" /> <security:logout logout-success-url="/logout" /> </security:http> <security:authentication-manager> <security:authentication-provider> <security:jdbc-user-service data-source-ref="dataSrc" users-by-username-query="select username,password,enabled from spring_users where username=?" authorities-by-username-query="select u.username, ur.authority from spring_users u, spring_roles ur where u.user_id=ur.user_id and u.username=?"/> </security:authentication-provider> </security:authentication-manager>
0
source share
1 answer

If you want to control the navigation flow after successful authentication, you can do this by adding your own AuthenticationSuccessHandler.

Add the following attribute to your <form-login> element that refers to the customAuthenticationHandler bean,

 <form-login login-page="/login.xhtml" authentication-success-handler-ref="customAuthenticationHandler"/> ... </http> <beans:bean id="customAuthenticationHandler" class="com.examples.CustomAuthenticationHandler" />

The CustomAuthenticationHandler class is as follows:

 public class CustomAuthenticationHandler extends SimpleUrlAuthenticationSuccessHandler{ @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { String userTargetUrl = "/welcome.xhtml"; String adminTargetUrl = "/admin/welcome.xhtml"; Set<String> roles = AuthorityUtils.authorityListToSet(authentication.getAuthorities()); if (roles.contains("ROLE_ADMIN")) { getRedirectStrategy().sendRedirect(request, response, adminTargetUrl); } else if(roles.contains("ROLE_USER")) { getRedirectStrategy().sendRedirect(request, response, userTargetUrl); } else { super.onAuthenticationSuccess(request, response, authentication); return; } } }
+4
source

Source: https://habr.com/ru/post/921113/

More articles:


All Articles