Validate 2 different user profiles in Spring Security

-4

Good afternoon, I'm trying to validate two access profiles in Spring Security. The Admin profile and TecnicoSup, each profile should be directed to a different Home screen. You are only performing the correct Admin profile. I used as an example this question made previously that is what I want to do: link . Could someone help me validate the two profiles?

package br.com.sgis.configuration;

import javax.sql.DataSource;

import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

@Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;

@Autowired
private DataSource dataSource;

@Value("${spring.queries.users-query}")
private String usersQuery;

@Value("${spring.queries.roles-query}")
private String rolesQuery;

@Override
protected void configure(AuthenticationManagerBuilder auth)
        throws Exception {
    auth.
        jdbcAuthentication()
            .usersByUsernameQuery(usersQuery)
            .authoritiesByUsernameQuery(rolesQuery)
            .dataSource(dataSource)
            .passwordEncoder(bCryptPasswordEncoder);
    }

@Override
protected void configure(HttpSecurity http) throws Exception {

    http
    .authorizeRequests()
            .antMatchers("/").permitAll()
            .antMatchers("/login").permitAll()
            .antMatchers("/registration").permitAll()
            .antMatchers("/cadastro").permitAll()
            .antMatchers("/recuperarSenha").permitAll()
            .antMatchers("/atualizarSenha").permitAll()
            .antMatchers("/atualizarSenha/**").permitAll()
            .antMatchers("/tecnico/**").hasAuthority("TECNICOSUP")
            .antMatchers("/admin/**").hasAuthority("ADMIN")
            .anyRequest()
            .authenticated().and().csrf().disable().formLogin()
            .loginPage("/login").failureUrl("/login?error=true")
            .successHandler(this.getSuccessHandler())
            .usernameParameter("email")
            .passwordParameter("password")
            .and().logout()
            .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
            .logoutSuccessUrl("/").and().exceptionHandling()
            .accessDeniedPage("/access-denied");

}


private AuthenticationSuccessHandler getSuccessHandler() {
    return (AuthenticationSuccessHandler) new RoleBasedAuthenticationSuccessHandler(
             "/admin/home",
             "/tecnico/home",
               "ROLE_ADMIN"                
            );
}


@Override
public void configure(WebSecurity web) throws Exception {
    web
       .ignoring()
       .antMatchers("/resources/**", "/static/**", "/css/**", "/js/**", "/images/**", "/assets/**");
}

}

import java.io.IOException;

import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;

import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;

public class RoleBasedAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {

private String adminRoleTargetUrl;

private String adminRoleAuthority;

/ ** * @param defaultTargetUrl / public RoleBasedAuthenticationSuccessHandler (String defaultTargetUrl, String adminRoleTargetUrl, String adminRoleAuthority) { super (defaultTargetUrl); this.adminRoleTargetUrl = adminRoleTargetUrl; this.adminRoleAuthority = adminRoleAuthority; System.out.println ("adminRoleTargetUrl ..." + this.adminRoleTargetUrl); System.out.println ("this.adminRoleAuthority ..." + this.adminRoleAuthority); } / (non-Javadoc)  * @see org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler # onAuthenticationSuccess (javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication)  * / @Override public void onAuthenticationSuccess (HttpServletRequest request, HttpServletResponse response,         Authentication authentication) throws IOException, ServletException {     System.out.println ("entered here ... isAdmin" + isAdmin (authentication));     if (isAdmin (authentication)) {         System.out.println ("entered if");         this.getRedirectStrategy (). sendRedirect (request, response, this.getAdminRoleTarUrl ());         return;     }     super.onAuthenticationSuccess (request, response, authentication); }

/ **  * @param authentication  * / protected boolean isAdmin (Authentication authentication) {     for (GrantedAuthority authority: authentication.getAuthorities ()) {         if (authority.getAuthority () .equals (this.getAdminRoleAuthority ())) {             return true;         }     }     return false; }

/ **  * @return the adminRoleTargetUrl  * / public String getAdminRoleTarUrl () {     return adminRoleTargetUrl; }

/ **  * @return the adminRoleAuthority  * / public String getAdminRoleAuthority () {     return adminRoleAuthority; }

}

    
asked by anonymous 28.08.2018 / 17:44

1 answer

0

I was able to figure out the problem, replaced ROLE_ADMIN with ADMIN and it worked:

private AuthenticationSuccessHandler getSuccessHandler() {
    return (AuthenticationSuccessHandler) new RoleBasedAuthenticationSuccessHandler(
             "/admin/home",
             "/tecnico/home",
               "ADMIN"                
            );
}
    
31.08.2018 / 21:54