'Manage Multiple Login page with Spring authorization server

Is this possible to manage multiple login page with spring authorization server?

Suppose, we have 2 client and both client want a different login page

client 1 need /login url

client 2 need /login2 url..

springspring-securityoauth-2.0


Solution 1:[1]

I believe the question is how to brand a login page based on the current clientId. We can use any technique available in Spring Security, as it is fully available and not hidden when using Spring Authorization Server.

As you point out, one way to handle this would be to perform a custom redirect when authentication is required. This would be handled in a custom AuthenticationEntryPoint. You can build a delegate with a mapping of clientIds to login urls. Normally, I'd encourage you to try it yourself (learning new things is fun, right!?), but in this case, here's an example:

public class BrandedAuthenticationEntryPoint implements AuthenticationEntryPoint {
    private final Map<String, AuthenticationEntryPoint> authenticationEntryPoints;
    private final AuthenticationEntryPoint defaultEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");

    public BrandedAuthenticationEntryPoint(Map<String, String> loginUrls) {
        Map<String, AuthenticationEntryPoint> map = new HashMap<>();
        loginUrls.forEach((clientId, loginUrl) ->
                map.put(clientId, new LoginUrlAuthenticationEntryPoint(loginUrl)));
        this.authenticationEntryPoints = Collections.unmodifiableMap(map);
    }

    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
        AuthenticationEntryPoint delegate = this.defaultEntryPoint;

        // Attempt to resolve a specific login url based on clientId
        String clientId = request.getParameter("clientId");
        if (clientId != null) {
            delegate = this.authenticationEntryPoints.getOrDefault(clientId, this.defaultEntryPoint);
        }

        delegate.commence(request, response, authException);
    }
}

SAS and Form Login are two different filter chains in the default sample, so you would apply this in the normal way on both filter chains:

http.exceptionHandling(exceptionHandling -> exceptionHandling
    .authenticationEntryPoint(new BrandedAuthenticationEntryPoint(...))
);

More information on AuthenticationEntryPoint is available in the reference docs.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1

Related Questions

Upload data file as byte array with Feign

Apache Camel: Set body from resource

How to configure log4j in a Spring Mvc application configured with Java Annotations and using a log4j.properties file

SonnarQube's issue: change code to not construct the URL from user-controlled data

How do I produce just one message using Spring Cloud Stream w/o deprecated @Output, or turn off polling?

Error creating bean with name 'entityManagerFactory'

Spel not supported on spring annotation @Scheduled.fixedDelayString

How to run gradle based spring boot application in background using command line in ubuntu?

AuthenticationSuccessEvent never fired

Spring @Value annotation always evaluating as null?

Spring MongoDB query sorting

Map JSON default tag to java variable

Spring Hibernate Jackson Hibernate5Module

Spring JUnit: How to Mock autowired component in autowired component

Flyway Found more than one migration with version