Redirect a user to page on login/logout based on role

Author: Marek Posolda


At this moment, this feature is not provided in GateIn or EPP 5.* out of the box. In current GateIn, redirection after login works as follow:

This document is description of how to customize above behavior. We have created new HTTP filter called LoginRedirectFilter. Filter is able to detect login or logout of particular user. After this detection, filter is using LoginRedirectService, which is component that needs to be bind into eXo kernel for correct usage. Service is able to return correct URL for redirect based on groups of particular user. Filter then sends another HTTP request, which redirects user to requested page.

 

Application can be deployed into GateIn portal or EPP without need to change any other existing code on portal side. We can simply comment or uncomment particular HTTP filter and filter mapping in portal web.xml if we want to disable or enable this feature.

 

How to build and deploy the plugin

 

1) Download the code from [location will be added soon but fire an email if you need it quick] and build using "mvn clean install"

 

2) Copy target/exo.portal.redirectplugin-3.2.0-SNAPSHOT.jar  to  $GATEIN_HOME/server/default/deploy/gatein.ear/lib/
This JAR contains needed java classes, especially LoginRedirectFilter and LoginRedirectService.

 

4) Configure HTTP filter in portal web.xml . This can be done by adding Filter definition and Filter mapping into particular sections of file $GATEIN_HOME/server/default/deploy/gatein.ear/02portal.war/WEB-INF/web.xml
Assumption is that element filter is inserted after all other filter definitions:

 

   <filter>
      <filter-name>LoginRedirectFilter</filter-name>
      <filter-class>org.exoplatform.web.login.redirect.LoginRedirectFilter</filter-class>
   </filter>

 

And another assumption is that elements for filter-mapping are inserted after all other filter-mapping definitions:

 

   <filter-mapping>
      <filter-name>LoginRedirectFilter</filter-name>
      <url-pattern>/public/*</url-pattern>     
   </filter-mapping>
   <filter-mapping>
      <filter-name>LoginRedirectFilter</filter-name>
      <url-pattern>/private/*</url-pattern>     
   </filter-mapping>

 

5) LoginRedirectFilter uses LoginRedirectService to decide which URL to redirect for users of a particular group. This service needs to be configured in some of portal configuration files (for example in $GATEIN_HOME/server/default/deploy/gatein.ear/02portal.war/WEB-INF/conf/common/common-configuration.xml ). Example configuration is below. We can see that each mapping parameter has 3 nested parameters:

  • groupName - name of group and membership
  • loginURL  - URL to redirect after login of user from particular group is detected
  • logoutURL - URL to redirect after logout of user from particular group is detected

Order of mapping elements is important because if more mappings are suitable for particular user, then algorithm will choose first found mapping. For example: User john is suitable in both groups manager:/organization/management/executive-board and *:/platform/administrators , so first mapping is chosen for him and he is redirected to /portal/private/classic/organization/management after his login.

 

There are another 2 parameters defaultLoginURL and defaultLogoutURL, which contains default URL to redirect if no suitable group mapping is found for our user.

 

So example of mapping is here:

 

  <component>
        <key>org.exoplatform.web.login.redirect.LoginRedirectService</key>
        <type>org.exoplatform.web.login.redirect.LoginRedirectService</type>
        <init-params>
            <value-param>
                <name>defaultLoginURL</name>
                <description>login URL to redirect if group mapping can't be found for particular user</description>
                <value>/portal/private/classic/home</value>
            </value-param>
            <value-param>
                <name>defaultLogoutURL</name>
                <description>logout URL to redirect if group mapping can't be found for particular user</description>
                <value>/portal/public/classic/home</value>
            </value-param>
            <object-param>
                <name>redirectMappings</name>
                <description>Mappings of groups and pages where should be
                    all users from particular group redirected.</description>
                <object type="org.exoplatform.web.login.redirect.RedirectMappingConfig">
                    <field name="redirectMappings">
                        <collection type="java.util.ArrayList"
                            item-type="org.exoplatform.web.login.redirect.MappingParam">

                            <value>
                                <object type="org.exoplatform.web.login.redirect.MappingParam">
                                    <field name="groupName">
                                        <string>manager:/organization/management/executive-board</string>
                                    </field>
                                    <field name="loginURL">
                                        <string>/portal/private/classic/organization/management</string>
                                    </field>
                                    <field name="logoutURL">
                                        <string>/portal/public/classic/sitemap</string>
                                    </field>
                                </object>
                            </value>
                            <value>
                                <object type="org.exoplatform.web.login.redirect.MappingParam">
                                    <field name="groupName">
                                        <string>*:/platform/administrators</string>
                                    </field>
                                    <field name="loginURL">
                                        <string>/portal/private/classic/administration/registry</string>
                                    </field>
                                    <field name="logoutURL">
                                        <string>/portal/public/classic/</string>
                                    </field>
                                </object>
                            </value>
                            <value>
                                <object type="org.exoplatform.web.login.redirect.MappingParam">
                                    <field name="groupName">
                                        <string>*:/platform/users</string>
                                    </field>
                                    <field name="loginURL">
                                        <string>/portal/private/classic/sitemap</string>
                                    </field>
                                    <field name="logoutURL">
                                        <string>/portal/public/classic/</string>
                                    </field>
                                </object>
                            </value>
                        </collection>
                    </field>
                </object>
            </object-param>
        </init-params>
  </component>


6) So after update of mapping configuration in common-configuration.xml and filter configuration in web.xml, we can start the portal. We can try predefined users and we will see that: