I'm using version 1.2 of the Spring Security plugin in a Grails application. I want login attempts to be handled in the following way:
I've had a look at the Events section of the plugin's manual, which seems to cover this ground. However there doesn't seem to be any way to redirect a user within these event handlers.
You're basically describing how it currently works except for re-displaying login details, which is straightforward.
When you click a secured link and aren't logged in, a SavedRequest
is stored in the session to keep track of where you were trying to go. After a successful login, this object is inspected and the redirect is built from it. If you go directly to the login page there's no saved info, so it redirects to a default location. By default it's the root of the app ('/'
) but it's configurable, e.g.
grails.plugins.springsecurity.successHandler.defaultTargetUrl = '/home'
To get the previously entered login name to re-display, use the SPRING_SECURITY_LAST_USERNAME
session key in auth.gsp
:
<input type='text' class='text_' name='j_username' id='username'
value="${session['SPRING_SECURITY_LAST_USERNAME']}" />