Spring boot - how to configure multiple login pages? -


with team have written spring application + sapui5 portal using spring boot. web application divided 3 separate locations example:

webapp: - app1 - app2 - app3

to access applications implemented login page. based on user role, redirect users exact app.

my spring application security looks like:

    @override     protected void configure(httpsecurity http) throws exception {         http.authorizerequests()                 .antmatchers("/app1/**/*.*")                 .permitall()                 .antmatchers("/register.html")                 .permitall()                 //                 .antmatchers("/app2/*.*")                 .hasrole("user")                 //                 //                 .antmatchers("/login*")                 .permitall()                 .antmatchers("/soap/*")                 .permitall()                 .antmatchers("/postlogin")                 .authenticated()                 //                 .antmatchers("/app3/*")                 //.permitall()                 .hasrole("admin")                 //                 .anyrequest()                 .authenticated()                 // log in                 .and()                 .formlogin()                 .loginpage("/login")                 .failureurl("/login?error=loginerror")                 .defaultsuccessurl("/postlogin")                 // logout                 .and().logout().logouturl("/**/logout")                 .logoutsuccessurl("/login").deletecookies("jsessionid").and()                 .csrf()                 .disable()

and of course have class redirections. must provide each app , different login page. tried configure spring security accept multiple login form on different pages don't work. possible? read documentation inconclusive.

you should able configuring multiple httpsecurity objects using different instances. similar this question , spring security documentation here. define multiple static classes in configuration class extend websecurityconfigureradapter. using myself configure different types of auth (form/basic) based on urls , did quick test confirm it. believe in example (if reading intent correctly):

@enablewebsecurity public class multihttpsecurityconfig {      @configuration     @order(1)     public static class app1configurationadapter extends websecurityconfigureradapter {         protected void configure(httpsecurity http) throws exception {             http                     .authorizerequests()                     .antmatchers("/app1/**/*.*")                     .permitall()                     .antmatchers("/register.html")                     .permitall()                     .anyrequest()                     .authenticated()                     // log in                     .and()                     .formlogin()                     .loginpage("/login")                     .failureurl("/login?error=loginerror")                     .defaultsuccessurl("/postlogin")                             // logout                     .and().logout().logouturl("/**/logout")                     .logoutsuccessurl("/login").deletecookies("jsessionid").and()                     .csrf()                     .disable();         }     }      @configuration     public static class app2configurationadapter extends websecurityconfigureradapter {          @override         protected void configure(httpsecurity http) throws exception {             http                     .authorizerequests()                     .antmatchers("/app2/*.*")                     .hasrole("user")                             // log in                     .and()                     .formlogin()                     .loginpage("/login2")                     .failureurl("/login2?error=loginerror")                     .defaultsuccessurl("/postlogin")                             // logout                     .and().logout().logouturl("/**/logout")                     .logoutsuccessurl("/login2").deletecookies("jsessionid").and()                     .csrf()                     .disable();         }     } }

note these not different application instances won't redirected login if authenticate user , go area not authorized.


Comments

Post a Comment

Popular posts from this blog

inversion of control - Autofac named registration constructor injection -

does autofac support specifying registration name in components' constructors? example: ninject's namedattribute . you need use autofac.extras.attributed package on top achieve this so let's have 1 interface , 2 classes: public interface ihello { string sayhello(); } public class englishhello : ihello { public string sayhello() { return "hello"; } } public class frenchhello : ihello { public string sayhello() { return "bonjour"; } } then have consumer class, in want select instance injected: public class helloconsumer { private readonly ihello helloservice; public helloconsumer([withkey("en")] ihello helloservice) { if (helloservice == null) { throw new argumentnullexception("helloservice"); } this.helloservice = helloservice; } public string sayhello() { return this.helloservice.sayhello()...
Read more

verilog - Systemverilog dynamic casting issues -

i've code snippet following in testbench function void write_to_port( my_data_type_base data ); my_data_type_extended data_ext; if(!$cast(data_ext, data)); `uvm_error(get_type_name(), "failed cast"); `uvm_info(get_name(), $psprintf("data_ext :\n%s", data_ext.sprint()), uvm_medium) // write data_ext out port.... endfunction when run it, i'm getting uvm_error "failed cast." i'm not quire sure why $cast not returning 1. can see, i'm printing out extended class data item after casting uvm_info. can see it's being cast properly. if don't use $cast if condition, don't runtime error. isn't coding practice use if dynamic cast check if $cast returning 1 ? what might reason behind cast not returning 1 in above case? i think semicolon on line 'if' not belong? i think consumes if statement, , uvm_error executes regardless of how if evaluates: if(!$cast(data_ext, data)); <- no semico...
Read more

ios - Change Storyboard View using Seague -

i have following code checks connection server, , depending on want change views if no connection found. nsstring *connect = [nsstring stringwithcontentsofurl:[nsurl urlwithstring:@"http://myserver.com"] encoding:nsutf8stringencoding error:nil]; if (connect == null) { [self performseguewithidentifier:@"network_failure" sender:self]; } else { // other code here } my problem not change views. have added storyboard segue between 2 views identifier of network_failure . not have navigation controller or that, problem? thanks help! no not problem. first of all, in objectivec exists nil object oriented null . must use that. so: if(connect == nil) or better: if(!connect) so due fact nil not same of null , probably code does't enter in if scope . you have been able discover breakpoint. anyway: be sure set trigger segue (line) 2 view controller , , name network_failure (that not best name. should instead view1toview2 ) as, m...
Read more