Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
Bruce Parker2019-06-14 06:16:27
Java
Bruce Parker, 2019-06-14 06:16:27

Why after authorization does not transfer to a specific page?

When I start the project, the allStudents.jsp page pops up where I have to log in, after authorization I have to go back to the allStudents.jsp page, but for some reason it redirects me immediately after authorization to the "loginaction"
SecurityConfig

package adil.java.schoolmaven.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().withUser("admin").password("{noop}1234").roles("ADMIN");
    }

   
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/admin**").access("hasRole('ROLE_ADMIN')")
                .antMatchers("/allStudents**").permitAll()
                .antMatchers("/addStudent**").access("hasRole('ROLE_ADMIN')")
                .antMatchers("/editStudent/**").access("hasRole('ROLE_ADMIN')")
                .antMatchers("/deleteStudent/**").access("hasRole('ROLE_ADMIN')")
             
                
                
                .and()
                .authorizeRequests().antMatchers("/**").permitAll() 
                .and()
                
                .formLogin().loginPage("/login").failureUrl("/login?error")
        .usernameParameter("username").passwordParameter("password")
                .successForwardUrl("/allStudents")
                .loginPage("/allStudents")
                
                .loginProcessingUrl("/loginAction")
                .and()
                .logout().logoutSuccessUrl("/login?logout")
                .and()
                .csrf().disable();
    }
}

Authorization Controller
package adil.java.schoolmaven.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class AuthorizationController {
    
    

    @RequestMapping(value = "/admin", method = RequestMethod.GET)
    public ModelAndView adminPage() {

        ModelAndView m = new ModelAndView();
        m.addObject("title", "Successfully logged in");
        m.addObject("message", "home");
        m.setViewName("admin");
        return new ModelAndView("redirect: allStudents");
    }
    
    
    @RequestMapping(value = "/login", method = RequestMethod.GET)
  public ModelAndView login(
    @RequestParam(value = "error", required = false) String error,
    @RequestParam(value = "logout", required = false) String logout) {

    ModelAndView model = new ModelAndView();
    if (error != null) {
      model.addObject("error", "Invalid username and password!");
    }

    if (logout != null) {
      model.addObject("msg", "You've been logged out successfully.");
    }
    model.setViewName("login");

    return model;

  }
}

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
O
only2dray, 2019-06-15
@only2dray

Use AuthenticationSuccessHandler implementation provided by Spring Security.

@Component
public class SimpleAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
  
  private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
  
  @Override
  public void onAuthenticationSuccess(HttpServletRequest arg0, HttpServletResponse arg1, Authentication authentication)
      throws IOException, ServletException {
    
    Collectionextends GrantedAuthority> authorities = authentication.getAuthorities();
    authorities.forEach(authority -> {
      if(authority.getAuthority().equals("ROLE_USER")) {
        try {
          redirectStrategy.sendRedirect(arg0, arg1, "/user");
        } catch (Exception e) {
          // TODO Auto-generated catch block
          e.printStackTrace();
        }
      } else if(authority.getAuthority().equals("ROLE_ADMIN")) {
        try {
          redirectStrategy.sendRedirect(arg0, arg1, "/admin");
        } catch (Exception e) {
          // TODO Auto-generated catch block
          e.printStackTrace();
        }
      } else {
              throw new IllegalStateException();
          }
    });
    
  }
 
}

Ref - Spring security login redirect

Similar questions
C
ConstantineSolovei2017-10-06 10:57:05
How to get your first job in IT? 12Reply
A
Alexander2017-11-13 17:23:52
How can you simulate the work of 10,000 users in an application? 5Reply
E
EVOSandru62017-12-15 14:02:01
How in Laravel 5.x to encapsulate file uploads for different entities, or at least within different actions in the controller? 3Reply
O
oleg_vd2019-11-03 15:06:47
What development strategy is optimal for professional and career growth of a java middle developer? 0Reply
F
fundottz2015-06-23 12:10:50
What technologies to use to create a Landing Page in Java? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question