diff --git a/spring-security-custom-permission/pom.xml b/spring-security-custom-permission/pom.xml
index 39dec2805f..a2925189e4 100644
--- a/spring-security-custom-permission/pom.xml
+++ b/spring-security-custom-permission/pom.xml
@@ -128,6 +128,12 @@
spring-security-taglibs
${spring-security-taglibs.version}
+
+
+ org.springframework.security
+ spring-security-core
+ ${spring-security-core.version}
+
javax.servlet.jsp.jstl
@@ -280,11 +286,15 @@
org.baeldung.Application
- UTF-8
+
+
+ UTF-8
1.8
10.13.1.1
1.1.2
4.2.0.RELEASE
+ 4.2.0.RELEASE
+
1.2
2.4.0
1.6.1
diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/Application.java b/spring-security-custom-permission/src/main/java/org/baeldung/Application.java
index 71d503e678..072a6ca4fe 100644
--- a/spring-security-custom-permission/src/main/java/org/baeldung/Application.java
+++ b/spring-security-custom-permission/src/main/java/org/baeldung/Application.java
@@ -9,7 +9,7 @@ import org.springframework.context.annotation.FilterType;
@Configuration
@EnableAutoConfiguration
-@ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"))
+@ComponentScan(excludeFilters = {@ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"), @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.multiplelogin.*")})
public class Application extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java
new file mode 100644
index 0000000000..23fda0547f
--- /dev/null
+++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java
@@ -0,0 +1,22 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.context.web.SpringBootServletInitializer;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+
+@SpringBootApplication
+@ComponentScan("org.baeldung.multiplelogin")
+public class MultipleLoginApplication extends SpringBootServletInitializer {
+ public static void main(String[] args) {
+ SpringApplication.run(MultipleLoginApplication.class, args);
+ }
+
+ @Override
+ protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
+ return application.sources(MultipleLoginApplication.class);
+ }
+}
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java
new file mode 100644
index 0000000000..ec76be1909
--- /dev/null
+++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java
@@ -0,0 +1,45 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.ViewResolver;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+import org.springframework.web.servlet.view.InternalResourceViewResolver;
+import org.springframework.web.servlet.view.JstlView;
+import org.springframework.context.annotation.ComponentScan;
+
+@EnableWebMvc
+@Configuration
+@ComponentScan("org.baeldung.controller")
+public class MultipleLoginMvcConfig extends WebMvcConfigurerAdapter {
+
+ public MultipleLoginMvcConfig() {
+ super();
+ }
+
+ // API
+
+ @Override
+ public void addViewControllers(final ViewControllerRegistry registry) {
+ super.addViewControllers(registry);
+
+ registry.addViewController("/anonymous.html");
+
+ registry.addViewController("/login.html");
+ registry.addViewController("/homepage.html");
+ registry.addViewController("/console.html");
+ }
+
+ @Bean
+ public ViewResolver viewResolver() {
+ final InternalResourceViewResolver bean = new InternalResourceViewResolver();
+
+ bean.setViewClass(JstlView.class);
+ bean.setPrefix("/WEB-INF/view/");
+ bean.setSuffix(".jsp");
+
+ return bean;
+ }
+}
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java
new file mode 100644
index 0000000000..d7dbf17723
--- /dev/null
+++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java
@@ -0,0 +1,122 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.TestingAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+@Configuration
+@EnableWebSecurity
+public class MultipleLoginSecurityConfig {
+
+ @Bean
+ public UserDetailsService userDetailsService() throws Exception {
+ InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+ manager.createUser(User.withUsername("user")
+ .password("userPass")
+ .roles("USER")
+ .build());
+ manager.createUser(User.withUsername("admin")
+ .password("adminPass")
+ .roles("ADMIN")
+ .build());
+ return manager;
+ }
+
+ @Configuration
+ @Order(1)
+ public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+ public App1ConfigurationAdapter() {
+ super();
+ }
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication()
+ .withUser("admin")
+ .password("admin")
+ .roles("ADMIN");
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.antMatcher("/admin*")
+ .authorizeRequests()
+ .anyRequest()
+ .hasRole("ADMIN")
+ // log in
+ .and()
+ .formLogin()
+ .loginPage("/loginAdmin")
+ .loginProcessingUrl("/admin_login")
+ .failureUrl("/loginAdmin?error=loginError")
+ .defaultSuccessUrl("/adminPage")
+ // logout
+ .and()
+ .logout()
+ .logoutUrl("/admin_logout")
+ .logoutSuccessUrl("/protectedLinks")
+ .deleteCookies("JSESSIONID")
+ .and()
+ .exceptionHandling()
+ .accessDeniedPage("/403")
+ .and()
+ .csrf()
+ .disable();
+ }
+ }
+
+ @Configuration
+ @Order(2)
+ public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+ public App2ConfigurationAdapter() {
+ super();
+ }
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication()
+ .withUser("user")
+ .password("user")
+ .roles("USER");
+ }
+
+ protected void configure(HttpSecurity http) throws Exception {
+ http.antMatcher("/user*")
+ .authorizeRequests()
+ .anyRequest()
+ .hasRole("USER")
+ // log in
+ .and()
+ .formLogin()
+ .loginPage("/loginUser")
+ .loginProcessingUrl("/user_login")
+ .failureUrl("/loginUser?error=loginError")
+ .defaultSuccessUrl("/userPage")
+ // logout
+ .and()
+ .logout()
+ .logoutUrl("/user_logout")
+ .logoutSuccessUrl("/protectedLinks")
+ .deleteCookies("JSESSIONID")
+ .and()
+ .exceptionHandling()
+ .accessDeniedPage("/403")
+ .and()
+ .csrf()
+ .disable();
+ }
+ }
+
+}
diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java
new file mode 100644
index 0000000000..0672a760af
--- /dev/null
+++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java
@@ -0,0 +1,38 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+@Controller
+public class UsersController {
+
+ @RequestMapping("/protectedLinks")
+ public String getAnonymousPage() {
+ return "protectedLinks";
+ }
+
+ @RequestMapping("/userPage")
+ public String getUserPage() {
+ return "userPage";
+ }
+
+ @RequestMapping("/adminPage")
+ public String getAdminPage() {
+ return "adminPage";
+ }
+
+ @RequestMapping("/loginAdmin")
+ public String getAdminLoginPage() {
+ return "loginAdmin";
+ }
+
+ @RequestMapping("/loginUser")
+ public String getUserLoginPage() {
+ return "loginUser";
+ }
+
+ @RequestMapping("/403")
+ public String getAccessDeniedPage() {
+ return "403";
+ }
+}
diff --git a/spring-security-custom-permission/src/main/resources/templates/403.html b/spring-security-custom-permission/src/main/resources/templates/403.html
new file mode 100644
index 0000000000..20550768cf
--- /dev/null
+++ b/spring-security-custom-permission/src/main/resources/templates/403.html
@@ -0,0 +1,10 @@
+
+
+
+
+
+
+
+You do not have permission to view this page.
+
+
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/resources/templates/adminPage.html b/spring-security-custom-permission/src/main/resources/templates/adminPage.html
new file mode 100644
index 0000000000..13aff9b15a
--- /dev/null
+++ b/spring-security-custom-permission/src/main/resources/templates/adminPage.html
@@ -0,0 +1,13 @@
+
+
+
+
+Insert title here
+
+
+Welcome admin! Logout
+
+
+Back to links
+
+
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/resources/templates/login.html b/spring-security-custom-permission/src/main/resources/templates/login.html
new file mode 100644
index 0000000000..dd6bd04767
--- /dev/null
+++ b/spring-security-custom-permission/src/main/resources/templates/login.html
@@ -0,0 +1,27 @@
+
+
+
+
+ Login
+
+
+
+
+
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/resources/templates/loginAdmin.html b/spring-security-custom-permission/src/main/resources/templates/loginAdmin.html
new file mode 100644
index 0000000000..43d0e73233
--- /dev/null
+++ b/spring-security-custom-permission/src/main/resources/templates/loginAdmin.html
@@ -0,0 +1,31 @@
+
+
+
+
+Insert title here
+
+
+
+ Admin login page
+
+
+ Login failed!
+
+
+
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/resources/templates/loginUser.html b/spring-security-custom-permission/src/main/resources/templates/loginUser.html
new file mode 100644
index 0000000000..bf4ddd48bc
--- /dev/null
+++ b/spring-security-custom-permission/src/main/resources/templates/loginUser.html
@@ -0,0 +1,30 @@
+
+
+
+
+Login
+
+
+
+ User login page
+
+
+ Login failed!
+
+
+
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/resources/templates/protectedLinks.html b/spring-security-custom-permission/src/main/resources/templates/protectedLinks.html
new file mode 100644
index 0000000000..1877464fe5
--- /dev/null
+++ b/spring-security-custom-permission/src/main/resources/templates/protectedLinks.html
@@ -0,0 +1,13 @@
+
+
+
+
+Insert title here
+
+
+
+User page
+
+Admin page
+
+
\ No newline at end of file
diff --git a/spring-security-custom-permission/src/main/resources/templates/userPage.html b/spring-security-custom-permission/src/main/resources/templates/userPage.html
new file mode 100644
index 0000000000..894a225871
--- /dev/null
+++ b/spring-security-custom-permission/src/main/resources/templates/userPage.html
@@ -0,0 +1,12 @@
+
+
+
+
+Insert title here
+
+
+Welcome user! Logout
+
+Back to links
+
+
\ No newline at end of file