Redirect to Different Pages After Login With Spring Security (original) (raw)
Last Updated : 29 May, 2026
Spring Security allows developers to control authentication and authorization in Spring Boot applications. In many applications, different users need different dashboards after login. It provides role-based redirection using a custom authentication success handler. After successful login, users can be redirected to different pages based on their roles and authorities.
- Redirect users to different pages after successful login.
- Handle role-based access using ROLE_ADMIN and ROLE_USER.
- Improve user experience with personalized dashboards.
Implementation to Redirect to Different Pages After Login
Below are the implementation steps to redirect to different pages after login with spring.
Step 1: Create Spring Boot Project
Create a Spring Boot project using Spring Initializr with the following dependencies:
- Spring Web
- Spring Security
- Thymeleaf
- Lombok
- Spring DevTools
- Spring Data JPA
- MySQL Driver Java `
4.0.0 org.springframework.boot spring-boot-starter-parent 3.2.5 org.example spring-security-redirect-pages 0.0.1-SNAPSHOT spring-security-redirect-pages spring-security-redirect-pages <java.version>17</java.version> org.springframework.boot spring-boot-starter-data-jpa org.springframework.boot spring-boot-starter-security org.springframework.boot spring-boot-starter-thymeleaf org.springframework.boot spring-boot-starter-web org.thymeleaf.extras thymeleaf-extras-springsecurity6
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.mysql</groupId>
<artifactId>mysql-connector-j</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<excludes>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
</plugin>
</plugins>
</build>`
After the project creation done, the folder structure will be like the below image:
Step 2: Configure application.properties
Add database and user credentials configuration inside application.properties.
spring.application.name=spring-security-redirect-pages
# Database Configuration
spring.datasource.url=jdbc:mysql://localhost:3306/example
spring.datasource.username=root
spring.datasource.password=
spring.jpa.hibernate.ddl-auto=update
spring.jpa.show-sql=true# User Credentials
spring.security.user.name=user
spring.security.user.password=password
spring.security.user.roles=USER# Admin Credentials
spring.security.admin.name=admin
spring.security.admin.password=password
spring.security.admin.roles=ADMIN
Step 3: Configure Spring Security
Create SecurityConfig.java inside the config package.
- SecurityFilterChain secures application URLs.
- /admin/** is accessible only to ADMIN users. Java `
package org.example.springsecurityredirectpages.config;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
@Configuration public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(auth -> auth
.requestMatchers("/admin/**").hasRole("ADMIN")
.requestMatchers("/user/**").hasRole("USER")
.anyRequest().authenticated()
)
.formLogin(form -> form
.loginPage("/login")
.successHandler(customSuccessHandler())
.permitAll()
)
.logout(logout -> logout.permitAll());
return http.build();
}
@Bean
public AuthenticationSuccessHandler customSuccessHandler() {
return new CustomAuthenticationSuccessHandler();
}}
`
Step 4: Create Custom Authentication Success Handler
Create CustomAuthenticationSuccessHandler.java inside the config package.
- Checks authenticated user roles.
- Redirects ADMIN users to /admin/home. Java `
package org.example.springsecurityredirectpages.config;
import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import java.io.IOException;
public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler { @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { String redirectURL = request.getContextPath();
if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_ADMIN"))) {
redirectURL = "/admin/home";
} else if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_USER"))) {
redirectURL = "/user/home";
}
response.sendRedirect(redirectURL);
}}
`
Step 5: Create Admin Controller
Create AdminController.java.
- Handles requests for the admin dashboard.
- Returns adminHome.html page. Java `
package org.example.springsecurityredirectpages.controller;
import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping;
@Controller public class AdminController {
@GetMapping("/admin/home")
public String adminHome() {
return "adminHome";
}}
`
Step 6: Create User Controller
Create UserController.java.
- Handles user dashboard requests.
- Returns login page for authentication. Java `
package org.example.springsecurityredirectpages.controller;
import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping;
@Controller public class UserController {
@GetMapping("/user/home")
public String userHome() {
return "userHome";
}
@GetMapping("/login")
public String login() {
return "login";
}}
`
Step 7: Main Application Class
Open the main class and write the below code. (No change are required)
Java `
package org.example.springsecurityredirectpages;
import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication public class SpringSecurityRedirectPagesApplication {
public static void main(String[] args) {
SpringApplication.run(SpringSecurityRedirectPagesApplication.class, args);
}}
`
Step 8: Create Login Page
Create login.html inside templates.
HTML `
Login`
Step 9: Create User Home Page
Displayed after successful USER login.
HTML `
User HomeWelcome User!
`
Step 10: Create Admin Home Page
Displayed after successful ADMIN login.
HTML `
Admin HomeWelcome Admin!
`
Step 12: Run the Application
Run the Spring Boot application. After completing the project, it will start at port 8080.
Login page:
**API:
If we enter the user credential the it redirects to the user home page.
- username: user
- password: password
If we enter the admin credential the it redirects to the user home page.
- username: admin
- password: password
**Output:
**AdminHome page:
**UserHome page:
After hitting the URL, the below page will redirect.
