1

I have an angular app that I need to secure. We have a central SSO app in our organisation. This central app provides a login page and sets cookie after authenticating the user.

Now I need to redirect user from my angular app to this central login page in case authentication cookie is missing/expired.

Can someone please help, how can I redirect to a different page using angular routing ? It seems angular always redirect only relative to base url.

I also tried to use spring mvc and security to restrict access to index.html from server end, but I am not able to set the mapping for showing index.html file (outside web-inf) from dispatcher servlet.

Improve this question

2 Answers 2

Reset to default
3

angular's routing is for routing within the page.

Use native location.href for this.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

It sounds to me that you are trying to have partial AngularJS page and partial Spring MVC web application. I have also tried this, but then things did not go so well.

If you want to build a web application using AngularJS, I suggest you to start using AngularJS fully as Single Page Web Application and use your Spring MVC as a RESTful web service which is secured by Spring Security.

Read this article: restful-web-service-with-spring-security

The custom AuthenticationEntryPoint must return an HTTP status which AngularJS will process further in $http.success or $http.error. In case of $http.error you force user to go to the login page maybe something like $location.url("/login");

To make all $http.error points to the login page, you can use AngularJS http interceptors.

NB: You should secure your whole web application on the web server level by permanently redirect from http to https. Example: Apache HTTPD

Improve this answer

5 Comments

the problem is that I have an external login page, so I cant use $location.url("/login"), the url is not relative.
In that case, you can either create form in your angular application that will send the login to the external login url or use Konstantin's answer. I do not see any other option.
does using native location.href has any disadvantage ? I cant go with login forn approach as the page I am redirecting to sets auth cookie for user
Using location.href is the only way to get out of the angularJS application. There is not a disadvantage in your case, because you are moving to an external page.
The cookie should not be a problem, since it will normally be added by HTTP response. Try to read set cookie angular $http and http set cookie

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.