Describe the bug On successful login, I am trying to redirect but it always defaults to "/"
To Reproduce Steps to reproduce the behavior.
@Configuration
@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
public class MultiSecurityHttpConfig {
http
.authorizeExchange((authorize) -> authorize
.pathMatchers("/resources/**", "/signup", "/about").permitAll()
.pathMatchers("/home/**").hasRole("USER")
.pathMatchers("/admin/**").hasRole("ADMIN")
.pathMatchers("/db/**").access((authentication, context) ->
hasRole("ADMIN")
.check(authentication, context)
.filter(decision -> !decision.isGranted())
.switchIfEmpty(hasRole("DBA").check(authentication, context))
)
.anyExchange().denyAll())
.formLogin(formLogin -> formLogin
.authenticationSuccessHandler(new RedirectServerAuthenticationSuccessHandler("/home/landing")));
Expected behavior After successful login, should get re-directed to "/home/landing"
Sample
A link to a GitHub repository with a minimal, reproducible sample.
Reports that include a sample will take priority over reports that do not. At times, we may require a sample, so it is good to try and include a sample up front.
Comment From: abimael-turing
I was unable to replicate the error using the code you provided. Upon testing the following code snippet, it executed successfully:
@Bean
SecurityFilterChain springSecurityFilterChain(HttpSecurity http) throws Exception {
AuthenticationSuccessHandler successHandler = (request, response, authentication) -> response.sendRedirect("/home/landing");
http.authorizeHttpRequests((requests) -> requests
.requestMatchers("/home/**").authenticated()
.requestMatchers("/resources/**", "/signup", "/about").permitAll())
.formLogin(form -> form.successHandler(successHandler))
.httpBasic(withDefaults());
return http.build();
}
Could you please provide a more comprehensive code snippet for further analysis?
Comment From: hth
Sample code listed at https://github.com/hth/spring-security-samples Run module configured-login User name: user@hth.github.com Password: password Expected to redirect -> "/home/landing"
Successful login first time gives you 'Access Denied'
Steps to follow @abimael-turing 1) http://localhost:8092 2) Enter credentials 3) Access denied shown
Comment From: abimael-turing
Hi @hth,
I wanted to update you that I followed your instructions, and everything is working as expected on my end. There are no errors or 'Access denied' messages. If you need any further assistance or have additional instructions, please let me know. Thank you.
Comment From: abimael-turing
@hth I am running configured-login
Comment From: hth
Please see the steps and match with the gif @abimael-turing 1) http://localhost:8092/ 2) Enter credentials 3) Access denied shown
Expected to redirect after successful login
Should have redirected to http://localhost:8092/home/landing
Note: Your starting link has to be http://localhost:8092/
Comment From: sjohnr
Thanks for getting in touch @hth, but it feels like this is a question that would be better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add a minimal sample that reproduces this issue if you feel this is a genuine bug.
Please note that the sample you have linked is not minimal and contains numerous customizations unrelated to the redirect handler.