Spring annotation - Non logged in user redirect

Question

I need an annotation on method level which will redirect the current request to a login page if there is no user in session.

I also need to send the url to login page which will be the redirect location after successful login. (Obviously the current url with parameters)

In spring you usually define such behaviour with spring-security and its xml configuration. — mrembisz, Feb 16 '12 at 08:30

score 2 · Answer 1 · answered Feb 16 '12 at 08:29

2

Take a look at Spring Security.

There is a @Secured annotation which can help you. This post can help you.

answered Feb 16 '12 at 08:29

ndeverge

21,378
4
56
85

How would I check session attribute "User" for a particular method and if not found then redirect (with currentURL + Params) – Manish Mudgal Feb 16 '12 at 09:21
It is already managed by Spring Security. Here is a [short explanation](http://pulkitsinghal.blogspot.com/2010/07/spring-security-redirect-back-to.html). For getting the current user, look at [this](http://stackoverflow.com/questions/248562/when-using-spring-security-what-is-the-proper-way-to-obtain-current-username-i) – ndeverge Feb 16 '12 at 09:44

score 0 · Answer 2 · answered Feb 16 '12 at 08:33

0

Less precise tutorial with spring security 2 : http://www.jroller.com/habuma/entry/method_level_security_in_spring

Annotation is the same : @Secured

answered Feb 16 '12 at 08:33

Denis R.

818
1
9
15

score 0 · Answer 3 · answered Feb 16 '12 at 08:35

You should define something like the following.

<security:http auto-config='true'>

    <security:intercept-url pattern="/images/style/**" filters="none" />
    <security:intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <security:intercept-url pattern="/**" access="ROLE_USER" />

    <security:http-basic/>
    <security:form-login login-page='/login' authentication-failure-url="/login?authfailed=true"/> 
    <security:logout />

</security:http>

IS_AUTHENTICATED_ANONYMOUSLY is needed to allow access to login page. The first line allows access to images folder without authentication at all. This is just an example.

For more details take a look on spring documentation mentioned by @nico_ekito.

score 0 · Answer 4 · answered Feb 16 '12 at 08:41

0

What you need can be done with Spring Security and the annotations you should use are @Secured and @RolesAllowed. Before you use the annotations, you need to integrate and configure Spring Security.

Take a look to this and this.

answered Feb 16 '12 at 08:41

jddsantaella

3,657
1
23
39

Spring annotation - Non logged in user redirect

4 Answers4