I have a grails application that is using the spring security plugin for authentication. If my session expires, and I click a link in the application it takes me to the login screen then tries to redirect to the page I was on previously.
I would like to configure spring security to always redirect to the home page instead of the last page the user clicked on. Is there a setting that controls this behavior?
The most common ways to implement redirection logic after login are: using HTTP Referer header. saving the original request in the session. appending original URL to the redirected login URL.
By default, Spring Security will redirect after login to the secured ressource you tried to access. If you wish to always redirect to a specific URL, you can force that through the HttpSecurity configuration object. Assuming you are using a recent version of Spring Boot, you should be able to use JavaConfig.
2.1. The part of this configuration to focus on is the defaultSuccessUrl() method. After a successful login, any user will be redirected to homepage. html.
Interface AuthenticationSuccessHandler Strategy used to handle a successful user authentication. Implementations can do whatever they want but typical behaviour would be to control the navigation to the subsequent destination (using a redirect or a forward).
Beyond setting the defaultTargetUrl
you also need to tell Spring Security to force the use of that default target URL. Your Config.groovy
should look something like this:
grails.plugins.springsecurity.successHandler.alwaysUseDefault = true
grails.plugins.springsecurity.successHandler.defaultTargetUrl = '/home'
You can research further options using the Spring Security API documentation for the SavedRequestAwareAuthenticationSuccessHandler, should you need them.
UPDATE:
Later versions of the plugin use grails.plugin
and not grails.plugins
I am using grails 2.4.4 and it should be:
grails.plugin.springsecurity.successHandler.alwaysUseDefault = true
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/your-url'
Instead of:
grails.plugins.springsecurity.successHandler.alwaysUseDefault = true
grails.plugins.springsecurity.successHandler.defaultTargetUrl = '/your-url'
Yes, there is a setting successHandler.defaultTargetUrl
(defaults to root context)
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/home'
where /home
represents route to home page.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With