Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Spring Security: redirect to the page by supplying rolename from DB ...

$
0
0

I have 3 User ROLE ACCESS, ROLE_ADMIN, ROLE_SUPER_ADMIN, ROLE_USER.(roles may increase in future. so hardcoding role is not at all mandatory)

My security_servlet.xml is something like this

<http auto-config="true" use-expressions="true"> <intercept-url pattern="/admin*" access="hasRole('ROLE_ADMIN')" /> <intercept-url pattern="/user*" access="hasRole('ROLE_USER')" /> <intercept-url pattern="/" access="permitAll" /> <intercept-url pattern="/candidate*" access="hasRole('ROLE_SUP_ADM')" /> <form-login login-page="/login" authentication-failure-url="/accessdenied" /> <logout logout-success-url="/logout" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider> <!-- <user-service> <user name="rohit" password="rohit" authorities="ROLE_ADMIN" /> <user name="ronnie" password="ronnie" authorities="ROLE_USER" /> </user-service> --> <jdbc-user-service data-source-ref="dataSource" users-by-username-query="select username, password, active from users where username=?" authorities-by-username-query="select us.username, ur.authority from users us, user_roles ur where us.user_id = ur.user_id and us.username =? " /> </authentication-provider> </authentication-manager>

After Login it redirects to "/". What I want is if role is "ROLE_ADMIN" then it should be landed on admins default page like "/admin/profile", If role is "ROLE_USER" then "/user/profile"

I used default-target-url but its not working for me.

You can use a Spring MVC controller to redirect user to desired page:

@Controller public class IndexController { @RequestMapping("/") public String index() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); Set<String> roles = AuthorityUtils.authorityListToSet(authentication.getAuthorities()); if (roles.contains("ROLE_ADMIN")) return "redirect:/admin/profile"; if (roles.contains("ROLE_USER")) return "redirect:/user/profile"; // and so on } }


Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles





Latest Images