0

Hello All brother I am a new spring Thymleaf code please help me to solve this code

@Controller public class DefaultController {

     @RequestMapping("/default")
        public String defaultAfterLogin(HttpServletRequest request) {
         
            if (request.isUserInRole("ROLE_ADMIN")) {
                
                System.out.println("ROLE_ADMIN");
                return "redirect:/";
                
            }else if(request.isUserInRole("ROLE_USER")) {
                
                System.out.println("ROLE_USER");
                return "redirect:/user";
                
            }else if(request.isUserInRole("ROLE_SH")) {
                
                System.out.println("ROLE_SE");
                return "redirect:/sectionHead";
                
            }
            
            return "redirect:/access-denied";
            
           
        }

}

-------------------------This is my config------------------------------------------

@Override
    protected void configure(HttpSecurity http) throws Exception {
         
        super.configure(http);
        http.csrf().disable();
        http.headers().frameOptions().sameOrigin().and().authorizeRequests()
            
                .antMatchers(("/user"),"/user/**").hasAnyRole("ADMIN","USER")
                .antMatchers(("/sectionHead"),"/reqSectionHead/**").hasRole("SH")
                .anyRequest().authenticated().and().formLogin()
                .defaultSuccessUrl("/default")
                .loginProcessingUrl("/sso/login")
                .and()
                .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
                .and().logout()
                .invalidateHttpSession(true).clearAuthentication(true)
                .logoutRequestMatcher(new AntPathRequestMatcher("/sso/logout")).logoutSuccessUrl("/sso/login").permitAll();
        
}
Phortsophea MMO
  • 19
  • 2
  • I have 3 role =>role_admin have url like this("/") and role_user have url like this ("/user") and role_sh have url like this ("/sectionhead") but when i login if always redireact url link to ("/") – Phortsophea MMO Feb 20 '23 at 07:22
  • Yes, my bad, this redirection logic being based on roles, it makes sense. you could also have the `Authentication auth` injected as controller method param (along with `HttpServletRequest`) and log `auth.getAuthorities()` to check that roles are mapped as expected (with a `GrantedAuthoritiesMapper` as exposed there: https://stackoverflow.com/questions/74571191/use-keycloak-spring-adapter-with-spring-boot-3/75479647#75479647) – ch4mp Feb 20 '23 at 07:39
  • Note and thank brother i must be try for your recommed – Phortsophea MMO Feb 20 '23 at 07:46

0 Answers0