我使用spring security来提供身份验证。这是我的spring-security.xml:
<beans:beans>
<http auto-config="true">
<intercept-url pattern="/user/*" access="ROLE_USER" />
<intercept-url pattern="/admin/*" access="ROLE_ADMIN" />
<intercept-url pattern="/recipe/*" access="ROLE_ADMIN,ROLE_USER" />
<form-login login-page="/login" default-target-url="/welcome"
authentication-failure-url="/loginfailed" />
<logout logout-success-url="/logout" />
</http>
<authentication-manager>
<authentication-provider ref="customAuthenticationProvider"/>
</authentication-manager>
<beans:bean id="customAuthenticationProvider" class="CustomAuthenticationProvider"/>
</beans:beans>
如果用户在/ recipe url内没有长时间工作,那么
@RequestMapping(value = "/recipe/new", method = RequestMethod.POST)
public ModelAndView addRecipePost(final Principal principal, final @ModelAttribute RecipeForm)
我收到委托人= null。我希望用户被重定向到登录屏幕。可能吗?我怎么能这样做?
答案 0 :(得分:0)
问题是xml标记内部遗漏了一些网址。