弹簧security.xml文件:
<form-login
login-page="/admin/login"
login-processing-url="/admin/postlogin"
authentication-failure-url="/admin/login?error=true"
default-target-url="/admin/dashboard"
username-parameter="username"
password-parameter="password"
authentication-success-handler-ref="customAuthenticationSuccessHandler"/>
CustomAuthenticationSuccessHandler:
@Override
public void onAuthenticationSuccess(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse, Authentication authentication)
throws IOException,ServletException {
HttpSession session = httpServletRequest.getSession();
session.setAttribute("countTodayInterviews", interviewService.countTodayInterviews());
session.setAttribute("countNewCandidates", jobSeekerService.countNewCandidates());
}
没有authentication-success-handler-ref它工作正常,我会被重定向到信息中心,但是authentication-success-handler-ref我到达了链接/admin/postlogin上的空白页面。我需要在我的会话中使用这些属性,并且像这样它应该只调用一次。有什么想法吗?
答案 0 :(得分:1)
您需要从自定义处理程序的onAuthenticationSuccess()方法重定向到正确的URL。
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication) throws IOException {
//Your custom stuff
handle(request, response, authentication);
}
protected void handle(HttpServletRequest request,
HttpServletResponse response, Authentication authentication) throws IOException {
String targetUrl = "";//Place your target url detection logic here.
redirectStrategy.sendRedirect(request, response, targetUrl);
}