Redirection to Dashboard Page after successful Login in Spring Boot Security

In spring boot, we see how to redirect to a different dashboard page after successful login instead of previous page. The redirection is always to the dashboard page after the login in spring boot.

When a user accesses a website url in Spring boot application, the user is redirected to a login page for authentication. After successful login, the user is redirected to the previous page by default. In some cases redirecting to previous page is not recommended. Alternatively, you want to switch to a default dashboard page.

When developing a simple application with simple login page, the user is expected to see the dashboard after a successful login. The specific type of applications are expected to access the pages only after the successful login. These software are designed to navigate the respective pages after the user has landed on the dashboard. In that case, redirecting to the previous page is not the ideal solution.

Here, this post will demonstrate how to switch to a dashboard page regardless of where the user originates from.



Step 1 – pom.xml file dependency

Create a new spring boot security application with “spring-boot-starter-web” and “spring-boot-starter-security“. The web dependency adds the dependent jars for the web application. The security jar will add all security-related modules. 

The pom.xml file will look as like the one below

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>2.2.4.RELEASE</version>
		<relativePath /> <!-- lookup parent from repository -->
	</parent>
	<groupId>com.yawintutor</groupId>
	<artifactId>Spring-Application</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<name>SpringBootSecuritySimple</name>
	<description>Spring Boot Project</description>

	<properties>
		<java.version>1.8</java.version>
	</properties>

	<dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>

		<dependency>
			<groupId>org.apache.tomcat.embed</groupId>
			<artifactId>tomcat-embed-jasper</artifactId>
			<scope>provided</scope>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>
	</dependencies>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>
</project>


Step 2 – Configure Jsp Pages

Create Jsp pages to render login page and dashboard pages. To invoke the jsp page in the spring boot application, add the configuration in the application.properties and then add the respective jsp files to the “src/main/webapp/WEB-INF/jsp” folder.

application.properties

spring.mvc.view.prefix=/WEB-INF/jsp/
spring.mvc.view.suffix=.jsp

src/main/webapp/WEB-INF/jsp/home.jsp

<center>
<h1>Welcome to Spring Boot Simple Security Example</h1>
<a href="/logout">logout</a>
</center>

src/main/webapp/WEB-INF/jsp/login.jsp

<center>
<h1>Welcome to Spring Boot Security</h1>

<form method="POST" action="/login">
	User Name : <input type="text" name="username" value="user"/><br><br>
	Password  : <input type="password" name="password" value="password"/><br><br>
	<input type="submit" name="submit"/>
</form>
</center>

src/main/webapp/WEB-INF/jsp/dashboard.jsp

<center>
<h1>Welcome to Spring Boot DashBoard</h1>

<h2>You are in Spring Boot DashBoard Page</h2>
<br><a href="/logout">logout</a>
</center>


Step 3 – Configure Controller class

Create a controller class to invoke a jsp page. Create 3 urls, default url, login url, and dashboard url. The default url will invoke the home.jsp that displays the default page. The control will be redirected to the URL login page for authentication. After a successful login, the dashboard url will be used to redirect.

The code below shows the controller class.

TestController.java

package com.yawintutor;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

@Controller
@RequestMapping
public class TestController {
	@RequestMapping("/")
	public ModelAndView defaultHome() {
		return new ModelAndView("home");
	}

	@RequestMapping("/login")
	public ModelAndView login() {
		return new ModelAndView("login");
	}

	@RequestMapping("/dashboard")
	public ModelAndView dashboard() {
		return new ModelAndView("dashboard");
	}
}


Step 4 – Spring Boot Security configuration

The spring boot security module supports redirecting to the dashboard page after all successful login. The api “defaultSuccessUrl” is used to redirect to the dashboard page. The following spring boot security configuration file shows how to configure the redirect.  The second parameter “true” tells you to always redirect your spring boot security to this page.

SpringBootSecurityConfiguration.java

package com.yawintutor;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class SpringBootSecurityConfiguration extends WebSecurityConfigurerAdapter {
	@Override
	public void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.inMemoryAuthentication()
			.withUser("user").password("{noop}password").roles("USER");
	}

	@Override
	public void configure(HttpSecurity http) throws Exception {
		http
			.csrf().disable()
			.authorizeRequests()
			.antMatchers("/**").hasAnyRole("USER")
			.and().formLogin().loginPage("/login")
				.defaultSuccessUrl("/dashboard",true)
			.permitAll()
			.and().logout();
	}
}	

We saw in this post that the default SuccessUrl api call helps to redirect to the Dashboard page from whatever the user.



Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *