Java tutorial
/*~ M-Trix - Social Experiments Application. Copyright (C) 2015-2016 The M-Trix authors. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. ~*/ /* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package br.ufpa.psi.comportamente.labgame.seguranca; import java.io.IOException; import java.util.Collection; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.web.DefaultRedirectStrategy; import org.springframework.security.web.RedirectStrategy; import org.springframework.security.web.WebAttributes; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; /** * * @author Weslley */ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler { protected Log logger = LogFactory.getLog(this.getClass()); private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { handle(request, response, authentication); clearAuthenticationAttributes(request); } protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { String targetUrl = determineTargetUrl(authentication); if (response.isCommitted()) { logger.debug("Response has already been committed. Unable to redirect to " + targetUrl); return; } redirectStrategy.sendRedirect(request, response, targetUrl); } /** * Builds the target URL according to the logic defined in the main class * Javadoc. * * @param authentication * @return */ protected String determineTargetUrl(Authentication authentication) { boolean isJogador = false; boolean isPesquisador = false; Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); OUTER: for (GrantedAuthority grantedAuthority : authorities) { switch (grantedAuthority.getAuthority()) { case "ROLE_JOGADOR": isJogador = true; break OUTER; case "ROLE_PESQUISADOR": isPesquisador = true; break OUTER; } } if (isJogador) { return "/paginas/publico/jogador.jsf"; } else if (isPesquisador) { return "/paginas/pesquisador/pesquisador.jsf"; } else { throw new IllegalStateException(); } } protected void clearAuthenticationAttributes(HttpServletRequest request) { HttpSession session = request.getSession(false); if (session == null) { return; } session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION); } public void setRedirectStrategy(RedirectStrategy redirectStrategy) { this.redirectStrategy = redirectStrategy; } protected RedirectStrategy getRedirectStrategy() { return redirectStrategy; } }