https://stackoverflow.com/questions/67520600/redirect-to-different-page-after-login-based-on-user-role-with-spring-security/67531436#67531436

Closes gh-7282
2021-06-28 11:48:07 +02:00 · 2021-06-28 11:48:07 +02:00 · fe99c3b83b
parent da9d7414bd
commit fe99c3b83b
2 changed files with 37 additions and 7 deletions
--- a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -57,6 +57,8 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
 	private static final String ATT_ERASE_CREDENTIALS = "erase-credentials";
 	private static final String AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME = "defaultAuthenticationEventPublisher";
 	@Override
 	public BeanDefinition parse(Element element, ParserContext pc) {
 		String id = element.getAttribute("id");
@ -86,11 +88,15 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
 		if ("false".equals(element.getAttribute(ATT_ERASE_CREDENTIALS))) {
 			providerManagerBldr.addPropertyValue("eraseCredentialsAfterAuthentication", false);
 		}
-		// Add the default event publisher
+
-		BeanDefinition publisher = new RootBeanDefinition(DefaultAuthenticationEventPublisher.class);
+		if (!pc.getRegistry().containsBeanDefinition(AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME)) {
-		String pubId = pc.getReaderContext().generateBeanName(publisher);
+			// Add the default event publisher to the context
-		pc.registerBeanComponent(new BeanComponentDefinition(publisher, pubId));
+			BeanDefinition publisher = new RootBeanDefinition(DefaultAuthenticationEventPublisher.class);
-		providerManagerBldr.addPropertyReference("authenticationEventPublisher", pubId);
+			pc.registerBeanComponent(new BeanComponentDefinition(publisher, AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME));
 		}
 		providerManagerBldr.addPropertyReference("authenticationEventPublisher",
 				AUTHENTICATION_EVENT_PUBLISHER_BEAN_NAME);
 		pc.registerBeanComponent(new BeanComponentDefinition(providerManagerBldr.getBeanDefinition(), id));
 		if (StringUtils.hasText(alias)) {
 			pc.getRegistry().registerAlias(id, alias);
--- a/config/src/test/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParserTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -25,6 +25,7 @@ import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationListener;
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.security.authentication.AuthenticationEventPublisher;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
 import org.springframework.security.authentication.ProviderManager;
@ -54,6 +55,17 @@ public class AuthenticationManagerBeanDefinitionParserTests {
 			+ "</authentication-manager>";
 	// @formatter:on
 	// Issue #7282
 	// @formatter:off
 	private static final String CONTEXT_MULTI = "<authentication-manager id='amSecondary'>"
 			+ "    <authentication-provider>"
 			+ "        <user-service>"
 			+ "            <user name='john' password='{noop}doe' authorities='ROLE_C,ROLE_D' />"
 			+ "        </user-service>"
 			+ "    </authentication-provider>"
 			+ "</authentication-manager>";
 	// @formatter:on
 	@Rule
 	public final SpringTestRule spring = new SpringTestRule();
@ -64,6 +76,18 @@ public class AuthenticationManagerBeanDefinitionParserTests {
 		assertThat(context.getBeansOfType(AuthenticationProvider.class)).hasSize(1);
 	}
 	@Test
 	public void eventPublishersAreRegisteredAsTopLevelBeans() {
 		ConfigurableApplicationContext context = this.spring.context(CONTEXT).getContext();
 		assertThat(context.getBeansOfType(AuthenticationEventPublisher.class)).hasSize(1);
 	}
 	@Test
 	public void onlyOneEventPublisherIsRegisteredForMultipleAuthenticationManagers() {
 		ConfigurableApplicationContext context = this.spring.context(CONTEXT + '\n' + CONTEXT_MULTI).getContext();
 		assertThat(context.getBeansOfType(AuthenticationEventPublisher.class)).hasSize(1);
 	}
 	@Test
 	public void eventsArePublishedByDefault() throws Exception {
 		ConfigurableApplicationContext appContext = this.spring.context(CONTEXT).getContext();