CODEWITHSUNDEEP
grailsarchitecturespring-security
drago
drago

Reputation: 1207

Infinite redirection with Grails Spring Security plugin

I'm building simple Grails application. For security I'm using the Spring Security plugin and Spring Security UI. I want to have three types of users:

Clients will log in and make some requests, support will get those requests and respond. Administrators will be responsible for administrating user privileges and roles and some other stuff.

So basically I have three roles:

When a user logs in he/she is redirected on different page depending on user role. I did this following the advice from link.

This works. But sometimes I get following error:

Firefox has detected that the server is redirecting the request for this address in a way that will never complete. This problem can sometimes be caused by disabling or refusing to accept cookies.

This is my UrlMappings.groovy:

   class UrlMappings {

    static mappings = {
        "/$controller/$action?/$id?"{
            constraints {
                // apply constraints here

            }

        }

        "/"(controller:'login', action:'auth')
        "500"(view:'/error')

    }
}

What is the right aproach for this? Should I make different controllers for every role, or should I make one RequestController (most work is done with request domain class) and for example specify different actions for every role - for example userList, supportList, adminList etc.

Upvotes: 0

Views: 1011

Answers (1)

patriot21
patriot21

Reputation: 68

I have a similar requirement with my grails app with slightly different roles. What I do is the following:

in UrlMappings.groovy

"/"(controller: "home")

Then in my HomeController (this is not exactly my code but you get the idea)

def user

def index = {
    user = springSecurityService?.getAuthentication()?.details

    def role = user.getRole()
    if ('admin'.equals(role)) {
        redirect(view:'admin')
    } else if ('support'.equals(role)) {
        redirect(view:'support')
    } else {
        redirect(view:'home')
    }
}

My guess is your redirect issue happens when there is some error on the login page. I would check how you are handling exceptions and make sure they don't try to redirect back to the login page which causes the error again.

Upvotes: 2

Related Questions