Spring Boot redirect to current page after successful login

Question

I have login forms in modal windows. After successful login user is redirected to / page. I am trying to find a method to stay on contact page or another page after login. How to do this? My code is:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .authorizeRequests()
            .antMatchers("/css/**","/js/**","/fonts/**","/images/**","/home","/","/kontakt").permitAll()
            .antMatchers("/userlist").hasRole("ADMIN")
            .anyRequest().authenticated();
    http
        .formLogin()
            .loginPage("/login")
            .permitAll()
            .and()
        .logout()
            .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
            .logoutSuccessUrl("/");
}

score 22 · Accepted Answer · answered Nov 09 '14 at 22:15

You could use custom AuthenticationSuccessHandler and set useReferer to true.

@Bean
public AuthenticationSuccessHandler successHandler() {
    SimpleUrlAuthenticationSuccessHandler handler = new SimpleUrlAuthenticationSuccessHandler();
    handler.setUseReferer(true);
    return handler;
}

And in your configure method:

http
    .formLogin()
        .loginPage("/login")
        .successHandler(successHandler())
        .permitAll()
        .and()

score 9 · Answer 2 · edited Jan 14 '17 at 19:25

9

Just to provide an alternative solution:

formLogin()
    .loginPage("/login")
    .defaultSuccessUrl("/")

defaultSuccessUrl is a shortcut to adding the custom SuccessHandler.

edited Jan 14 '17 at 19:25

dur

15,689
25
79
125

answered Apr 25 '16 at 09:53

Jonas

165
2
3

2

Your answer is not matching the current version of the question. And your answer is flawed, `defaultSuccessUrl` is a shortcut for `SavedRequestAwareAuthenticationSuccessHandler` not for a custom `SuccessHandler`. – dur Jan 14 '17 at 19:28

score 7 · Answer 3 · answered May 26 '16 at 15:20

7

I had a weird issue that would cause on login to redirect the user to localhost:8080/js/bootstrap.min.js

If anyone else is experiencing an odd redirection on login, which seems to override the .defaultSuccessUrl(), then try adding this code below in SecurityConfig:

@Override
public void configure(WebSecurity security){
    security.ignoring().antMatchers("/css/**","/images/**","/js/**");
}

Add all your Resources/static folders to the antMatchers()

answered May 26 '16 at 15:20

benscabbia

17,592
13
51
62

I don't know why you get underrated. Your answer helped me fix the exact same issue. – OmriYaHoo Jul 24 '17 at 10:58
worked for me as well (i had a weird redirect to the logo.png) – oschlueter Mar 13 '18 at 13:34
it tooks me hours of debuging and trying several solutions before I found your solution ! thnaks. – GENE Jul 07 '22 at 00:24

score 5 · Answer 4 · answered Feb 25 '16 at 09:51

You can as well do it in your AuthenticationSuccessHandler implementation:

@Override
public void onAuthenticationSuccess(HttpServletRequest request, 
HttpServletResponse response, Authentication authentication) throws 
IOException, ServletException 
{
    //Do your logic;
    response.sendRedirect(request.getHeader("referer");
}

score 4 · Answer 5 · answered Dec 12 '19 at 07:45

Config is same as the accepted answer, only luck I had was with extending SavedRequestAwareAuthenticationSuccessHandler.

public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                        Authentication authentication) throws IOException, ServletException {
        System.out.println("HEP HEP");
        super.onAuthenticationSuccess(request, response, authentication);
    }
}

This is the only working solution for me, thanks, really. The key was to use ``SavedRequestAwareAuthenticationSuccessHandler ``. — meniluca, Jun 16 '20 at 14:06

score 2 · Answer 6 · answered Oct 26 '19 at 19:54

2

I had absolutely the same issue with inadequate redirect after adding bootstrap to my project tree.

Method .defaultSuccessUrl with flag = true saved me time and lines of code.

.formLogin()
   .loginPage("/login")
   .defaultSuccessUrl("/", true)
   .permitAll()

answered Oct 26 '19 at 19:54

Alexander Golovinov

456
7
14

It's hard to believe that it's so easy! Thank You using this like that .defaultSuccessUrl("/goToThisUrlAfterLogin", true) made my day! – Piotr Żak Nov 12 '20 at 19:57
You saved me hours of troubleshooting. Thank you! – fire_water May 28 '23 at 20:14

score 0 · Answer 7 · answered Jun 16 '19 at 12:23

The Spring route, ala extending SavedRequestAwareAuthenticationSuccessHandler or SimpleUrlAuthenticationSuccessHandler can be a bit clunky to implement. In the controller (ex. one that processes logins), you can do the header request yourself; ex:

HttpServletRequest request =null;

String priorUrl = request.getHeader("Referer");

You will notice that you will have the URL prior to either a manual (initiated by user) logout or a session timeout (as handled by Spring session): you'll get an https://iAmPriorUrl.com/.... Then you can do whatever you want with it.

score -1 · Answer 8 · answered Jul 08 '16 at 19:00

@Jonas All you need to do is add .requestCache() at the end

you config will look like this

         .formLogin()
            .loginPage("/login")
            .permitAll()
            .and()
        .logout()
            .permitAll()
            .and()
            .requestCache()

Spring Boot redirect to current page after successful login

8 Answers8

Linked