2

I have multiple logins for my applications. I have defined security filters in two different configurations.

This one has @Order(1) for admin:

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/admin/**")
                .authenticated()
                .and()
            .formLogin()
                .loginPage("/admin/login").defaultSuccessUrl("/admin")
                .usernameParameter("username").passwordParameter("userpassword")
                .permitAll()
                .and()
            .logout().logoutSuccessUrl("/admin/login")
                .permitAll().and()
                .csrf();
    }

And other one:

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/tasker/**")
                .authenticated()
                .and()
            .formLogin()
                .loginPage("/tasker/login")
                .usernameParameter("taskeremail").passwordParameter("taskerpassword")
                .permitAll()
                .and()
            .logout().logoutSuccessUrl("/")
                .permitAll().and()
                .csrf();
    }

The first one for admin works fine but the second one is not even securing the /tasker/** urls.

Found simular questions but not answerd. Even I could not find anything helpful on spring reference. Please help.

Anil Bhaskar
  • 3,718
  • 4
  • 33
  • 51
  • I once asked this question (although with XML configuration) on a course in Udemy, when I was learning the Spring Framework. The tutor said multiple custom login forms were not possible using **spring security**, but now that I come across such questions, I guess that guy was wrong, or is it? – Sajib Acharya Jun 17 '16 at 07:32
  • I must be possible using spring-security. – Anil Bhaskar Jun 17 '16 at 07:35
  • 1
    Have a look at [this](http://stackoverflow.com/a/22947952/3640307) answer and let me know if this works. I too want to find an answer to this problem, but let's first make sure we've tried all the solutions before up-voting it for further attention which may result in a duplication vote or a close vote unless we are quite sure we do not have a solution. – Sajib Acharya Jun 17 '16 at 07:42
  • using this it can be achieved but again I think I can use only one table in db for all type of users and grant them access according to the role. Not very promising though. – Anil Bhaskar Jun 17 '16 at 10:02

0 Answers0