iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

redirect after login work

Browse Source
This commit is contained in:
eugenp 2013-07-15 19:42:05 +03:00
parent 984a0bfa47
commit 495a13537d
4 changed files with 27 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
spring-security-mvc-custom/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java
View File

@ -12,6 +12,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.DefaultRedirectStrategy; import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy; import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.WebAttributes; import org.springframework.security.web.WebAttributes;
@ -46,11 +47,9 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu
* Builds the target URL according to the logic defined in the main class Javadoc. * Builds the target URL according to the logic defined in the main class Javadoc.
*/ */
protected String determineTargetUrl(final HttpServletRequest requestRaw, final HttpServletResponse response) { protected String determineTargetUrl(final HttpServletRequest requestRaw, final HttpServletResponse response) {
// Check for the parameter and use that if available
boolean isUser = false; boolean isUser = false;
boolean isAdmin = false; boolean isAdmin = false;
final Authentication authentication = org.springframework.security.core.context.SecurityContextHolder.getContext().getAuthentication(); final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
for (final GrantedAuthority grantedAuthority : authorities) { for (final GrantedAuthority grantedAuthority : authorities) {
if (grantedAuthority.getAuthority().equals("ROLE_USER")) { if (grantedAuthority.getAuthority().equals("ROLE_USER")) {

19
spring-security-mvc-custom/src/main/resources/webSecurityConfig.xml
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation=" xsi:schemaLocation="
http://www.springframework.org/schema/security http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd http://www.springframework.org/schema/security/spring-security-3.1.xsd
@ -12,28 +11,18 @@
<intercept-url pattern="/login*" access="permitAll" /> <intercept-url pattern="/login*" access="permitAll" />
<intercept-url pattern="/**" access="isAuthenticated()" /> <intercept-url pattern="/**" access="isAuthenticated()" />
<form-login <form-login login-page='/login.html' authentication-success-handler-ref="myAuthenticationSuccessHandler" authentication-failure-url="/login.html?error=true" />
login-page='/login.html'
login-processing-url="/perform_login"
authentication-success-handler-ref="myAuthenticationSuccessHandler"
authentication-failure-url="/login.html?error=true"
/>
<logout <logout delete-cookies="JSESSIONID" />
logout-url="/perform_logout"
delete-cookies="JSESSIONID"
/>
</http> </http>
<beans:bean id="myAuthenticationSuccessHandler" <beans:bean id="myAuthenticationSuccessHandler" class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler" />
class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler" />
<authentication-manager> <authentication-manager>
<authentication-provider> <authentication-provider>
<user-service> <user-service>
<user name="user1" password="user1Pass" authorities="ROLE_USER" /> <user name="user1" password="user1Pass" authorities="ROLE_USER" />
<user name="user2" password="user2Pass" authorities="ROLE_USER" />
<user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN" /> <user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN" />
</user-service> </user-service>
</authentication-provider> </authentication-provider>

2
spring-security-mvc-custom/src/main/webapp/WEB-INF/view/console.jsp
View File

@ -4,7 +4,7 @@
<head></head> <head></head>
<body> <body>
<h1>This is the body of the sample view</h1> <h1>This is the landing page for the admin</h1>
<security:authorize access="hasRole('ROLE_USER')"> <security:authorize access="hasRole('ROLE_USER')">
This text is only visible to a user This text is only visible to a user

2
spring-security-mvc-custom/src/main/webapp/WEB-INF/view/homepage.jsp
View File

@ -4,7 +4,7 @@
<head></head> <head></head>
<body> <body>
<h1>This is the body of the sample view</h1> <h1>This is the homepage for the user</h1>
<security:authorize access="hasRole('ROLE_USER')"> <security:authorize access="hasRole('ROLE_USER')">
This text is only visible to a user This text is only visible to a user