Spring OAuth2错误重定向页面

Question

我已经实现了一个使用OAuth2（使用Spring）进行身份验证的WebService。

它有效但是，当我访问url授权时，我（有时）有不同的行为：

1. 我可以访问授权，服务会将我重定向到“登录页面”
2. 登录后，服务会在index.jsp页面重定向我

其他行为（即右）：

1. 访问自动调整页面，服务将我重定向到登录页面
2. 登录后，服务会将我重定向到授权页面，我可以在其中选择＆＃34;接受＆＃34;或者＆＃34;拒绝＆＃34;，之后我可以访问该服务（使用给定的令牌）

我已经看到我的行为就是这个

1. 授权 - ＆gt;重定向到登录页面
2. 登录后 - ＆GT;我被重定向到index.jsp
3. 关闭浏览器
4. 访问授权 - ＆gt;重定向到登录页面
5. 登录后 - ＆gt;我明白了 重定向到授权页面（我有接受/拒绝）

这是我的secdurityConfiguration.xml

的一部分

<authentication-manager>
        <authentication-provider ref="customAuthenticationProvider" />
     </authentication-manager>  

    <authentication-manager id="oauthClientAuthenticationManager">
        <authentication-provider user-service-ref="clientDetailsUserService">
            <password-encoder ref="passwordEncoder" />
        </authentication-provider>
    </authentication-manager>

    <oauth2:authorization-server token-services-ref="tokenServices"
                 client-details-service-ref="webServiceClientService"
                 user-approval-page="oauth/authorize" error-page="oauth/error">
        <oauth2:authorization-code />
    </oauth2:authorization-server>

    <beans:bean id="resourceServerFilter"
                class="it.dirimo.site.OAuthSigningTokenAuthenticationFilter">
        <beans:property name="authenticationEntryPoint"
                        ref="oauthAuthenticationEntryPoint" />
        <beans:property name="tokenServices" ref="tokenServices" />
        <beans:property name="resourceId" value="SUPPORT" />
    </beans:bean>

   <global-method-security pre-post-annotations="enabled" order="0"
                            proxy-target-class="true">
        <expression-handler ref="methodSecurityExpressionHandler" />
    </global-method-security>

    <http security="none" pattern="/resource/**" />
    <http security="none" pattern="/favicon.ico" />

    <http use-expressions="true" create-session="stateless"
          authentication-manager-ref="oauthClientAuthenticationManager"
          entry-point-ref="oauthAuthenticationEntryPoint" pattern="/oauth/token">
        <intercept-url pattern="/oauth/token"
                       access="hasAuthority('OAUTH_CLIENT')" />
        <http-basic />
        <access-denied-handler ref="oauthAccessDeniedHandler" />
        <expression-handler ref="webSecurityExpressionHandler" />
    </http>

    <http use-expressions="true" create-session="stateless"
          entry-point-ref="oauthAuthenticationEntryPoint" pattern="/services/**">
        <intercept-url pattern="/services/**"
                       access="hasAuthority('OWNER')" />
        <custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
        <access-denied-handler ref="oauthAccessDeniedHandler" />
        <expression-handler ref="webSecurityExpressionHandler" />
    </http>

    <http use-expressions="true">
        <intercept-url pattern="/oauth/**" access="hasAuthority('OWNER')" />
        <intercept-url pattern="/login/**" access="permitAll() "/>
        <intercept-url pattern="/push/**"  access="permitAll()" />
        <intercept-url pattern="/logout"   access="permitall()" />
        <intercept-url pattern="/**"       access="isFullyAuthenticated()" />
        <form-login default-target-url="/" login-page="/login"
                    login-processing-url="/login/submit"
                    authentication-failure-url="/login?loginFailed"
                    username-parameter="username" password-parameter="password" />
         <logout logout-url="/logout" logout-success-url="/login?loggedOut"
                delete-cookies="JSESSIONID" invalidate-session="true" />
        <session-management invalid-session-url="/login"
                            session-fixation-protection="changeSessionId"> 
            <concurrency-control error-if-maximum-exceeded="true" max-sessions="1000"
                                 session-registry-ref="sessionRegistry" />
        </session-management>
        <expression-handler ref="webSecurityExpressionHandler"/>
</http>