redirect after login work

spring-security-mvc-custom/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java

@@ -12,6 +12,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.DefaultRedirectStrategy;
 import org.springframework.security.web.RedirectStrategy;
 import org.springframework.security.web.WebAttributes;
@@ -46,11 +47,9 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu
      * Builds the target URL according to the logic defined in the main class Javadoc.
      */
     protected String determineTargetUrl(final HttpServletRequest requestRaw, final HttpServletResponse response) {
-        // Check for the parameter and use that if available
-
         boolean isUser = false;
         boolean isAdmin = false;
-        final Authentication authentication = org.springframework.security.core.context.SecurityContextHolder.getContext().getAuthentication();
+        final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
         for (final GrantedAuthority grantedAuthority : authorities) {
             if (grantedAuthority.getAuthority().equals("ROLE_USER")) {

spring-security-mvc-custom/src/main/resources/webSecurityConfig.xml

@@ -1,42 +1,31 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<beans:beans xmlns="http://www.springframework.org/schema/security"
+<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+    xsi:schemaLocation="
-	xsi:schemaLocation="
 		http://www.springframework.org/schema/security 
         http://www.springframework.org/schema/security/spring-security-3.1.xsd
 		http://www.springframework.org/schema/beans 
         http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
 
-	<http use-expressions="true" >
+    <http use-expressions="true">
-		<intercept-url pattern="/anonymous*" access="isAnonymous()" />
+        <intercept-url pattern="/anonymous*" access="isAnonymous()" />
         <intercept-url pattern="/login*" access="permitAll" />
         <intercept-url pattern="/**" access="isAuthenticated()" />
 
-		<form-login 
+        <form-login login-page='/login.html' authentication-success-handler-ref="myAuthenticationSuccessHandler" authentication-failure-url="/login.html?error=true" />
-			login-page='/login.html' 
-			login-processing-url="/perform_login" 
-			authentication-success-handler-ref="myAuthenticationSuccessHandler"
-			authentication-failure-url="/login.html?error=true"
-		/>
-            
-        <logout 
-        	logout-url="/perform_logout"
-            delete-cookies="JSESSIONID" 
-        />
-            
-	</http>
 
-	<beans:bean id="myAuthenticationSuccessHandler"
+        <logout delete-cookies="JSESSIONID" />
-		class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler" />
 
-	<authentication-manager>
+    </http>
-		<authentication-provider>
+
-			<user-service>
+    <beans:bean id="myAuthenticationSuccessHandler" class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler" />
-				<user name="user1" password="user1Pass" authorities="ROLE_USER" />
+
-				<user name="user2" password="user2Pass" authorities="ROLE_USER" />
+    <authentication-manager>
-				<user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN" />
+        <authentication-provider>
-			</user-service>
+            <user-service>
-		</authentication-provider>
+                <user name="user1" password="user1Pass" authorities="ROLE_USER" />
-	</authentication-manager>
+                <user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN" />
+            </user-service>
+        </authentication-provider>
+    </authentication-manager>
 
 </beans:beans>

spring-security-mvc-custom/src/main/webapp/WEB-INF/view/console.jsp

@@ -4,7 +4,7 @@
 <head></head>
 
 <body>
-	<h1>This is the body of the sample view</h1>
+	<h1>This is the landing page for the admin</h1>
 
 	<security:authorize access="hasRole('ROLE_USER')">
 		This text is only visible to a user

spring-security-mvc-custom/src/main/webapp/WEB-INF/view/homepage.jsp

@@ -1,22 +1,22 @@
 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
-<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
 <html>
 <head></head>
 
 <body>
-	<h1>This is the body of the sample view</h1>
+	<h1>This is the homepage for the user</h1>
 
 	<security:authorize access="hasRole('ROLE_USER')">
 		This text is only visible to a user
-		<br/>
+		<br />
 	</security:authorize>
-	
+
 	<security:authorize access="hasRole('ROLE_ADMIN')">
 		This text is only visible to an admin
-		<br/>
+		<br />
 	</security:authorize>
 
 	<a href="<c:url value="/perform_logout" />">Logout</a>
-	
+
 </body>
 </html>