It is possible to create more than one entry point in spring security by assigning the different roles here the code script configuration of springsecurity-context.xml.
springsecurity-context.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.2.xsd">
    <http   access-decision-manager-ref="accessDecisionManager" auto-config="false"  entry-point-ref="formLoginAuthenticationEntryPoint">
        <intercept-url  pattern="/section1/**" access="roles.first" />
        <intercept-url  pattern="/section2/**" access="roles.second" />
<logout logout-success-url="/index.htm" logout-url="/secure_logout"/>
  </http>
<beans:bean id="customTargetUrlResolver" class="mypackage.security.CustomTargetUrlResolver">
         <beans:property name="sectionTwoDefaultUrl" value="/section2/index.htm"/>
         <beans:property name="sectionOneDefaultUrl" value="/section1/index.htm"/>
</beans:bean>
<beans:bean id="formLoginFilter"  class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" >
 <custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/>
      <beans:property name="authenticationFailureUrl" value="/login.htm?error=1" />
      <beans:property name="authenticationManager" ref="authenticationManager"/> 
      <beans:property name="filterProcessesUrl" value="/secure_login"/>
      <beans:property name="allowSessionCreation" value="true" />
      <beans:property name="targetUrlResolver" ref="customTargetUrlResolver"/>
</beans:bean>
</beans:beans>
define the targetUrlResolver
CustomTargetUrlResolver.java
public class CustomTargetUrlResolver implements TargetUrlResolver {
    private String sectionOneDefaultUrl;
    private String sectionTwoDefaultUrl;
    public String getSectionTwoDefaultUrl() {
        return sectionTwoDefaultUrl;
    }
    public void setSectionTwoDefaultUrl(String sectionTwoDefaultUrl) {
        this.sectionTwoDefaultUrl = sectionTwoDefaultUrl;
    }
    public String getSectionOneDefaultUrl() {
        return sectionTwoDefaultUrl;
    }
    public void setSectionOneDefaultUrl(String sectionOneDefaultUrl) {
        this.sectionOneDefaultUrl = sectionOneDefaultUrl;
    }
    @Override
    public String determineTargetUrl(SavedRequest savedRequest, HttpServletRequest currentRequest,
            Authentication auth) {
        //Get user's roles
              for (GrantedAuthority authority : auth.getAuthorities()) {
                if (authority.toString().equals("roles.second")) {
                    return getSectionTwoDefaultUrl();
                } else if (authority.toString().equals("roles.first")) {
                    return getSectionOneDefaultUrl();
                }
            }
  //User has none of the roles but is authenticated, redirect below.
        return "/authenticated/index.html";
    }
}
                       
                    
1 Comment(s)