how to change default-target-url depending on user role

Question

I use spring security for user authentication. In security.xml I have

<form-login login-page="/login" 
                default-target-url="/dashboard" 
                always-use-default-target="false"  
                authentication-failure-url="/login/error" 
                login-processing-url="/j_security_check"/>

I want to be able to configure different target urls for different user roles. How do i do this?

Thanks!

Answer 1

If you're using Spring-Security 3.0 or higher implementing your own AuthenticationSuccessHandler is the way to go:

<sec:form-login ... authentication-success-handler-ref="successHandler"/>
...
<bean id="successHandler" class="de.....MySpecialAuthenticationSuccessHandler">

Then MySpecialAuthenticationSuccessHandler can extend one of the default handlers like SavedRequestAwareAuthenticationSuccessHandler though they are not really inheritance-friendly.

Answer 2

see -

http://forum.springsource.org/showthread.php?t=93541