Good afternoon, I'm trying to validate two access profiles in Spring Security. The Admin profile and TecnicoSup, each profile should be directed to a different Home screen. You are only performing the correct Admin profile. I used as an example this question made previously that is what I want to do: link . Could someone help me validate the two profiles?
package br.com.sgis.configuration;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
@Autowired
private DataSource dataSource;
@Value("${spring.queries.users-query}")
private String usersQuery;
@Value("${spring.queries.roles-query}")
private String rolesQuery;
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth.
jdbcAuthentication()
.usersByUsernameQuery(usersQuery)
.authoritiesByUsernameQuery(rolesQuery)
.dataSource(dataSource)
.passwordEncoder(bCryptPasswordEncoder);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/login").permitAll()
.antMatchers("/registration").permitAll()
.antMatchers("/cadastro").permitAll()
.antMatchers("/recuperarSenha").permitAll()
.antMatchers("/atualizarSenha").permitAll()
.antMatchers("/atualizarSenha/**").permitAll()
.antMatchers("/tecnico/**").hasAuthority("TECNICOSUP")
.antMatchers("/admin/**").hasAuthority("ADMIN")
.anyRequest()
.authenticated().and().csrf().disable().formLogin()
.loginPage("/login").failureUrl("/login?error=true")
.successHandler(this.getSuccessHandler())
.usernameParameter("email")
.passwordParameter("password")
.and().logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/").and().exceptionHandling()
.accessDeniedPage("/access-denied");
}
private AuthenticationSuccessHandler getSuccessHandler() {
return (AuthenticationSuccessHandler) new RoleBasedAuthenticationSuccessHandler(
"/admin/home",
"/tecnico/home",
"ROLE_ADMIN"
);
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/resources/**", "/static/**", "/css/**", "/js/**", "/images/**", "/assets/**");
}
}
import java.io.IOException;
import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
public class RoleBasedAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
private String adminRoleTargetUrl;
private String adminRoleAuthority;
/ ** * @param defaultTargetUrl / public RoleBasedAuthenticationSuccessHandler (String defaultTargetUrl, String adminRoleTargetUrl, String adminRoleAuthority) { super (defaultTargetUrl); this.adminRoleTargetUrl = adminRoleTargetUrl; this.adminRoleAuthority = adminRoleAuthority; System.out.println ("adminRoleTargetUrl ..." + this.adminRoleTargetUrl); System.out.println ("this.adminRoleAuthority ..." + this.adminRoleAuthority); } / (non-Javadoc) * @see org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler # onAuthenticationSuccess (javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication) * / @Override public void onAuthenticationSuccess (HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { System.out.println ("entered here ... isAdmin" + isAdmin (authentication)); if (isAdmin (authentication)) { System.out.println ("entered if"); this.getRedirectStrategy (). sendRedirect (request, response, this.getAdminRoleTarUrl ()); return; } super.onAuthenticationSuccess (request, response, authentication); }
/ ** * @param authentication * / protected boolean isAdmin (Authentication authentication) { for (GrantedAuthority authority: authentication.getAuthorities ()) { if (authority.getAuthority () .equals (this.getAdminRoleAuthority ())) { return true; } } return false; }
/ ** * @return the adminRoleTargetUrl * / public String getAdminRoleTarUrl () { return adminRoleTargetUrl; }
/ ** * @return the adminRoleAuthority * / public String getAdminRoleAuthority () { return adminRoleAuthority; }
}