I am new to struts and spring security.
Can anyone help me to figure out how to redirect to different urls different users with different roles ? In other words, how to provide determine target url based on user role in struts2 using action controller?
I found the following question <a href="https://stackoverflow.com/questions...get-url-based-on-roles-in-spring-security-3-1">determine target url based on roles in spring security 3.1</a> , but I cannot figure out how to configure the action.
I tried the following setup, but it does not work:
<strong>security.xml</strong>
<strong>struts.xml</strong>
<strong>RoleRedirectAction.java</strong>
Thanks a lot.
<strong>EDIT 1</strong>
I also tried the following annotation
<strong>EDIT 2</strong>
My final solution looks like the following. I am not sure if it is the best approach, but it works:
<strong>EDIT 3</strong>
There are even better solutions here:
<a href="http://oajamfibia.wordpress.com/2011/07/07/role-based-login-redirect/#comment-12" rel="nofollow noreferrer">http://oajamfibia.wordpress.com/2011/07/07/role-based-login-redirect/#comment-12</a>
Can anyone help me to figure out how to redirect to different urls different users with different roles ? In other words, how to provide determine target url based on user role in struts2 using action controller?
I found the following question <a href="https://stackoverflow.com/questions...get-url-based-on-roles-in-spring-security-3-1">determine target url based on roles in spring security 3.1</a> , but I cannot figure out how to configure the action.
I tried the following setup, but it does not work:
<strong>security.xml</strong>
Code:
<form-login login-page="/login" authentication-failure-url="/login?error=true" login-processing-url="/j_security_check" default-target-url="/default"/><strong>struts.xml</strong>
Code:
<action name="default" class="com.moblab.webapp.action.RoleRedirectAction" method="defaultAfterLogin"/><strong>RoleRedirectAction.java</strong>
Code:
package com.moblab.webapp.action;
import javax.servlet.http.HttpServletRequest;
public class RoleRedirectAction extends BaseAction{
public String defaultAfterLogin(HttpServletRequest request) {
if (request.isUserInRole("ROLE_ADMIN")) {
return "redirect:/<url>";
}
return "redirect:/<url>";
}
}Thanks a lot.
<strong>EDIT 1</strong>
I also tried the following annotation
Code:
@Action(value="/default",results={@Result(name="success",location="/querySessions")})<strong>EDIT 2</strong>
My final solution looks like the following. I am not sure if it is the best approach, but it works:
Code:
public class StartPageRouter extends SimpleUrlAuthenticationSuccessHandler {
@Autowired
private UserService userService;
protected final Logger logger = Logger.getLogger(this.getClass());
private RequestCache requestCache = new HttpSessionRequestCache();
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
//default path for ROLE_USER
String redirectPath = <url>;
if (authorities != null && !authorities.isEmpty()) {
Set<String> roles = getUserRoles(authorities);
if (roles.contains("ROLE_ADMIN"))
redirectPath = <url>;
else if (roles.contains("ROLE_INSTRUCTOR"))
redirectPath = <url>;
}
getRedirectStrategy().sendRedirect(request, response, redirectPath);
}
public void setRequestCache(RequestCache requestCache) {
this.requestCache = requestCache;
}
private Set<String> getUserRoles(Collection<? extends GrantedAuthority> authorities) {
Set<String> userRoles = new HashSet<String>();
for (GrantedAuthority authority : authorities) {
userRoles.add(authority.getAuthority());
}
return userRoles;
}
}<strong>EDIT 3</strong>
There are even better solutions here:
<a href="http://oajamfibia.wordpress.com/2011/07/07/role-based-login-redirect/#comment-12" rel="nofollow noreferrer">http://oajamfibia.wordpress.com/2011/07/07/role-based-login-redirect/#comment-12</a>