Grails redirection when session expired

11 Oct

In my current application because i have 2 login page (1 for user and 1 for admin), then i need to handle this 2 login page based on user role. I’ve manage the logout redirection in this post, however at that time i haven’t figured out how to handle session expiration, because we only can specified 1 url in DefaultSecurityConfig (eq: auth.loginFormUrl = ‘/login/auth’). So what happen is, when session expired, user will be redirected to login auth page.

Thanks God, finally i found how to manage it.
- First we need to extends LoginUrlAuthenticationEntryPoint

package com.test
/* Copyright 2006-2010 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.codehaus.groovy.grails.web.mapping.UrlMappingsHolder;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;

/**
 * @author <a href='mailto:burt@burtbeckwith.com'>Burt Beckwith</a>
 */
public class AjaxAwareAuthenticationEntryPoint extends LoginUrlAuthenticationEntryPoint {

	private UrlMappingsHolder proxyBean;

	@Override
	protected String determineUrlToUseForThisRequest(final HttpServletRequest request,
			final HttpServletResponse response, final AuthenticationException e) {

        String controllerName = (String)proxyBean.match(request.getServletPath()).getParameters().get("controller");
		if(controllerName.equals("/admin") {
			return "/admin/login";
		}
		else{
			return "/user/login";
		}
	}

	public void setGrailsUrlMappingsHolder(UrlMappingsHolder proxyBean) {
		this.proxyBean = proxyBean;
	}
}

- second, register it to resources.groovy

authenticationEntryPoint(netbank.AjaxAwareAuthenticationEntryPoint) {
		loginFormUrl = '/login/auth' // has to be specified even though it's ignored
		grailsUrlMappingsHolder = ref('grailsUrlMappingsHolder')
		portMapper = ref('portMapper')
		portResolver = ref('portResolver')
	 }

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.