Skip to content

Commit bddaaa6

Browse files
author
Eugen
committed
Merge pull request eugenp#30 from egmp777/master
Spring MVC Security Error Handling
2 parents 3074920 + fc35344 commit bddaaa6

21 files changed

+991
-0
lines changed

spring-security-login-error-handling/.springBeans

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<beansProjectDescription>
3+
<version>1</version>
4+
<pluginVersion><![CDATA[3.5.1.201404300732-RELEASE]]></pluginVersion>
5+
<configSuffixes>
6+
<configSuffix><![CDATA[xml]]></configSuffix>
7+
</configSuffixes>
8+
<enableImports><![CDATA[true]]></enableImports>
9+
<configs>
10+
</configs>
11+
<autoconfigs>
12+
</autoconfigs>
13+
<configSets>
14+
</configSets>
15+
</beansProjectDescription>

spring-security-login-error-handling/pom.xml

Lines changed: 226 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,226 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
3+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
4+
<modelVersion>4.0.0</modelVersion>
5+
<groupId>org.baeldung</groupId>
6+
<artifactId>spring-security-login-error-handling</artifactId>
7+
<name>spring-security-login-error-handling</name>
8+
<packaging>war</packaging>
9+
<version>1.0.0-BUILD-SNAPSHOT</version>
10+
<properties>
11+
<java-version>1.7</java-version>
12+
<org.springframework-version>3.1.1.RELEASE</org.springframework-version>
13+
<org.springframework.security.version>3.2.4.RELEASE</org.springframework.security.version>
14+
<org.aspectj-version>1.6.10</org.aspectj-version>
15+
<org.slf4j-version>1.6.6</org.slf4j-version>
16+
</properties>
17+
<parent>
18+
<groupId>org.springframework.boot</groupId>
19+
<artifactId>spring-boot-starter-parent</artifactId>
20+
<version>1.1.1.RELEASE</version>
21+
</parent>
22+
<dependencies>
23+
<!-- Spring -->
24+
<dependency>
25+
<groupId>org.springframework.boot</groupId>
26+
<artifactId>spring-boot-starter-web</artifactId>
27+
</dependency>
28+
<dependency>
29+
<groupId>org.springframework</groupId>
30+
<artifactId>spring-context</artifactId>
31+
<exclusions>
32+
<!-- Exclude Commons Logging in favor of SLF4j -->
33+
<exclusion>
34+
<groupId>commons-logging</groupId>
35+
<artifactId>commons-logging</artifactId>
36+
</exclusion>
37+
</exclusions>
38+
</dependency>
39+
<dependency>
40+
<groupId>org.springframework</groupId>
41+
<artifactId>spring-core</artifactId>
42+
43+
</dependency>
44+
<dependency>
45+
<groupId>org.springframework</groupId>
46+
<artifactId>spring-webmvc</artifactId>
47+
48+
</dependency>
49+
<dependency>
50+
<groupId>org.springframework</groupId>
51+
<artifactId>spring-jdbc</artifactId>
52+
53+
</dependency>
54+
<dependency>
55+
<groupId>org.springframework</groupId>
56+
<artifactId>spring-beans</artifactId>
57+
58+
</dependency>
59+
<dependency>
60+
<groupId>org.springframework</groupId>
61+
<artifactId>spring-aop</artifactId>
62+
</dependency>
63+
<dependency>
64+
<groupId>org.springframework</groupId>
65+
<artifactId>spring-tx</artifactId>
66+
</dependency>
67+
<dependency>
68+
<groupId>org.springframework</groupId>
69+
<artifactId>spring-expression</artifactId>
70+
</dependency>
71+
<dependency>
72+
<groupId>org.springframework</groupId>
73+
<artifactId>spring-web</artifactId>
74+
</dependency>
75+
<dependency>
76+
<groupId>org.springframework</groupId>
77+
<artifactId>spring-webmvc</artifactId>
78+
</dependency>
79+
<dependency>
80+
<groupId>org.springframework.security</groupId>
81+
<artifactId>spring-security-config</artifactId>
82+
<scope>runtime</scope>
83+
</dependency>
84+
<!-- AspectJ -->
85+
<dependency>
86+
<groupId>org.aspectj</groupId>
87+
<artifactId>aspectjrt</artifactId>
88+
</dependency>
89+
<!-- Validation -->
90+
<dependency>
91+
<groupId>javax.validation</groupId>
92+
<artifactId>validation-api</artifactId>
93+
<version>1.1.0.Final</version>
94+
</dependency>
95+
<dependency>
96+
<groupId>org.hibernate</groupId>
97+
<artifactId>hibernate-validator</artifactId>
98+
</dependency>
99+
<!-- Logging -->
100+
<dependency>
101+
<groupId>org.slf4j</groupId>
102+
<artifactId>slf4j-api</artifactId>
103+
</dependency>
104+
<dependency>
105+
<groupId>org.slf4j</groupId>
106+
<artifactId>jcl-over-slf4j</artifactId>
107+
<scope>runtime</scope>
108+
</dependency>
109+
<dependency>
110+
<groupId>org.slf4j</groupId>
111+
<artifactId>slf4j-log4j12</artifactId>
112+
<scope>runtime</scope>
113+
</dependency>
114+
<dependency>
115+
<groupId>log4j</groupId>
116+
<artifactId>log4j</artifactId>
117+
<exclusions>
118+
<exclusion>
119+
<groupId>javax.mail</groupId>
120+
<artifactId>mail</artifactId>
121+
</exclusion>
122+
<exclusion>
123+
<groupId>javax.jms</groupId>
124+
<artifactId>jms</artifactId>
125+
</exclusion>
126+
<exclusion>
127+
<groupId>com.sun.jdmk</groupId>
128+
<artifactId>jmxtools</artifactId>
129+
</exclusion>
130+
<exclusion>
131+
<groupId>com.sun.jmx</groupId>
132+
<artifactId>jmxri</artifactId>
133+
</exclusion>
134+
</exclusions>
135+
<scope>runtime</scope>
136+
</dependency>
137+
138+
<!-- @Inject -->
139+
<dependency>
140+
<groupId>javax.inject</groupId>
141+
<artifactId>javax.inject</artifactId>
142+
<version>1</version>
143+
</dependency>
144+
145+
<!-- Servlet -->
146+
<dependency>
147+
<groupId>javax.servlet</groupId>
148+
<artifactId>servlet-api</artifactId>
149+
<version>2.5</version>
150+
<scope>provided</scope>
151+
</dependency>
152+
<dependency>
153+
<groupId>javax.servlet.jsp</groupId>
154+
<artifactId>jsp-api</artifactId>
155+
<version>2.1</version>
156+
<scope>provided</scope>
157+
</dependency>
158+
<dependency>
159+
<groupId>javax.servlet</groupId>
160+
<artifactId>jstl</artifactId>
161+
162+
</dependency>
163+
<!-- Taglibs -->
164+
<dependency>
165+
<groupId>org.springframework.security</groupId>
166+
<artifactId>spring-security-taglibs</artifactId>
167+
</dependency>
168+
<!-- Test -->
169+
<dependency>
170+
<groupId>junit</groupId>
171+
<artifactId>junit</artifactId>
172+
<scope>test</scope>
173+
</dependency>
174+
175+
</dependencies>
176+
<build>
177+
<finalName>SpringSecurityLogin</finalName>
178+
<resources>
179+
<resource>
180+
<directory>src/main/resources</directory>
181+
<filtering>true</filtering>
182+
</resource>
183+
</resources>
184+
<plugins>
185+
<plugin>
186+
<artifactId>maven-eclipse-plugin</artifactId>
187+
188+
<configuration>
189+
<additionalProjectnatures>
190+
<projectnature>org.springframework.ide.eclipse.core.springnature</projectnature>
191+
</additionalProjectnatures>
192+
<additionalBuildcommands>
193+
<buildcommand>org.springframework.ide.eclipse.core.springbuilder</buildcommand>
194+
</additionalBuildcommands>
195+
<downloadSources>true</downloadSources>
196+
<downloadJavadocs>true</downloadJavadocs>
197+
</configuration>
198+
</plugin>
199+
<plugin>
200+
<groupId>org.apache.maven.plugins</groupId>
201+
<artifactId>maven-compiler-plugin</artifactId>
202+
203+
<configuration>
204+
<source>1.7</source>
205+
<target>1.7</target>
206+
<compilerArgument>-Xlint:all</compilerArgument>
207+
<showWarnings>true</showWarnings>
208+
<showDeprecation>true</showDeprecation>
209+
</configuration>
210+
</plugin>
211+
<plugin>
212+
<groupId>org.apache.maven.plugins</groupId>
213+
<artifactId>maven-war-plugin</artifactId>
214+
215+
</plugin>
216+
<plugin>
217+
<groupId>org.codehaus.mojo</groupId>
218+
<artifactId>exec-maven-plugin</artifactId>
219+
220+
<configuration>
221+
<mainClass>org.test.int1.Main</mainClass>
222+
</configuration>
223+
</plugin>
224+
</plugins>
225+
</build>
226+
</project>

spring-security-login-error-handling/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java

Lines changed: 81 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,81 @@
1+
package org.baeldung.security;
2+
3+
import java.io.IOException;
4+
import java.util.Collection;
5+
6+
import javax.servlet.http.HttpServletRequest;
7+
import javax.servlet.http.HttpServletResponse;
8+
import javax.servlet.http.HttpSession;
9+
10+
import org.apache.commons.logging.Log;
11+
import org.apache.commons.logging.LogFactory;
12+
import org.springframework.security.core.Authentication;
13+
import org.springframework.security.core.GrantedAuthority;
14+
import org.springframework.security.web.DefaultRedirectStrategy;
15+
import org.springframework.security.web.RedirectStrategy;
16+
import org.springframework.security.web.WebAttributes;
17+
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
18+
19+
public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
20+
protected Log logger = LogFactory.getLog(this.getClass());
21+
22+
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
23+
24+
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
25+
handle(request, response, authentication);
26+
HttpSession session = request.getSession(false);
27+
if (session != null) {
28+
session.setMaxInactiveInterval(30);
29+
}
30+
clearAuthenticationAttributes(request);
31+
}
32+
33+
protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
34+
String targetUrl = determineTargetUrl(authentication);
35+
36+
if (response.isCommitted()) {
37+
logger.debug("Response has already been committed. Unable to redirect to " + targetUrl);
38+
return;
39+
}
40+
41+
redirectStrategy.sendRedirect(request, response, targetUrl);
42+
}
43+
44+
protected String determineTargetUrl(Authentication authentication) {
45+
boolean isUser = false;
46+
boolean isAdmin = false;
47+
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
48+
for (GrantedAuthority grantedAuthority : authorities) {
49+
if (grantedAuthority.getAuthority().equals("ROLE_USER")) {
50+
isUser = true;
51+
break;
52+
} else if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) {
53+
isAdmin = true;
54+
break;
55+
}
56+
}
57+
if (isUser) {
58+
return "/homepage.html";
59+
} else if (isAdmin) {
60+
return "/console.html";
61+
} else {
62+
throw new IllegalStateException();
63+
}
64+
}
65+
66+
protected void clearAuthenticationAttributes(HttpServletRequest request) {
67+
HttpSession session = request.getSession(false);
68+
if (session == null) {
69+
return;
70+
}
71+
session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
72+
}
73+
74+
public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
75+
this.redirectStrategy = redirectStrategy;
76+
}
77+
78+
protected RedirectStrategy getRedirectStrategy() {
79+
return redirectStrategy;
80+
}
81+
}

0 commit comments

Comments
 (0)