Redirection occurs in org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler , but the plugin extends this class in org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler to support Ajax logins.
If you want to configure a role-based redirect location, I would subclass AjaxAwareAuthenticationSuccessHandler and override onAuthenticationSuccess() . You will have access to authentication so that you can verify the privileges granted and determine where to go based on these.
Then replace the bean plugin with your .groovy resource:
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils beans = { authenticationSuccessHandler(MyAuthenticationSuccessHandler) { def conf = SpringSecurityUtils.securityConfig requestCache = ref('requestCache') redirectStrategy = ref('redirectStrategy') defaultTargetUrl = conf.successHandler.defaultTargetUrl alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault targetUrlParameter = conf.successHandler.targetUrlParameter ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl useReferer = conf.successHandler.useReferer } }
source share