每次在default-target-url中返回新的ModelAndView后,spring security加载索引页面

时间:2015-10-30 13:52:33

标签: spring spring-mvc spring-security

我已经使用spring mvc及其工作配置了spring security。 但问题是在每次在default-target-url中返回新的ModelAndView后成功登录认证spring security加载索引页面。

弹簧security.xml文件

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <!-- This is where we configure Spring-Security  -->
    <http auto-config="true" use-expressions="true" access-denied-page="/denied.htm" >

        <intercept-url pattern="/login.htm" access="permitAll"/>

        <form-login
                login-page="/login.htm" 
                login-processing-url="/j_spring_security_check.htm"
                authentication-failure-url="/login.htm?error=true" 
                default-target-url="/dashboard.htm"/>

        <logout 
                invalidate-session="true" 
                logout-success-url="/login.htm" 
                logout-url="/logout.htm"/>

    </http>

    <!-- Enable the use of pre/post annotation -->
    <global-method-security pre-post-annotations="enabled">
        <expression-handler ref="expressionHandler" />
    </global-method-security>

    <!-- Enable permission evaluator in annotation -->
    <beans:bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
          <beans:property name="permissionEvaluator" ref="customPermissionEvaluator" />
    </beans:bean>

    <!-- Declare a custom PermissionEvaluator interface -->
    <beans:bean id="customPermissionEvaluator" class="com.imobdev.util.CustomPermissionEvaluator"/>

    <!-- Declare an authentication-manager to use a custom userDetailsService -->
    <authentication-manager>
            <authentication-provider user-service-ref="customUserDetailsService">
                    <!-- <password-encoder ref="passwordEncoder"/> -->
            </authentication-provider>
    </authentication-manager>

    <!-- Use a Md5 encoder since the user's passwords are stored as Md5 in the database -->
    <!-- <beans:bean class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" id="passwordEncoder"/> -->

    <!-- A custom service where Spring will retrieve users and their corresponding access levels  -->
    <beans:bean id="customUserDetailsService" class="com.imobdev.service.CustomUserDetailsService"/>
    <!-- <beans:bean id="customUserDetailsService" class="com.imobdev.service.ImderpServiceImpl"/> -->


</beans:beans>

这是我的控制器方法

@RequestMapping(value="/dashboard")

    public ModelAndView loadDashboard(@ModelAttribute("eReg") EregForm eReg,Map<String, Object> model) throws Exception{

        return new ModelAndView("dashboard");
    }

这是我的控制台

[30/10/2015 19:19:56 INFO  MyLogger:21] START : LoginController.loadIndex
[30/10/2015 19:19:56 INFO  MyLogger:39] END : LoginController.loadIndex
[30/10/2015 19:19:59 INFO  MyLogger:21] START : CustomUserDetailsService.loadUserByUsername
[30/10/2015 19:19:59 INFO  MyLogger:21] START : ImderpDaoImpl.getUserByUserName
Hibernate: select usermst0_.u_id as u_id1_30_, usermst0_.u_type_id as u_type_18_30_, usermst0_.u_created_by as u_create2_30_, usermst0_.u_created_date as u_create3_30_, usermst0_.u_dept_id as u_dept_i4_30_, usermst0_.u_email as u_email5_30_, usermst0_.u_fname as u_fname6_30_, usermst0_.u_last_login_date as u_last_l7_30_, usermst0_.u_lname as u_lname8_30_, usermst0_.u_modified_date as u_modifi9_30_, usermst0_.u_parent_u_id as u_paren10_30_, usermst0_.u_password as u_passw11_30_, usermst0_.u_photo as u_photo12_30_, usermst0_.u_recovery_token as u_recov13_30_, usermst0_.u_role_id as u_role_14_30_, usermst0_.u_status as u_statu15_30_, usermst0_.u_type as u_type16_30_, usermst0_.u_username as u_usern17_30_ from tbUser usermst0_ where usermst0_.u_status<>? and usermst0_.u_username=?
Hibernate: select employeems0_.emp_id as emp_id1_6_0_, employeems0_.emp_bio_id as emp_bio_2_6_0_, employeems0_.emp_birth_date as emp_birt3_6_0_, employeems0_.emp_comp_id as emp_comp4_6_0_, employeems0_.emp_contact_no as emp_cont5_6_0_, employeems0_.emp_created_by as emp_crea6_6_0_, employeems0_.emp_created_date as emp_crea7_6_0_, employeems0_.emp_dept_id as emp_dept8_6_0_, employeems0_.emp_fname as emp_fnam9_6_0_, employeems0_.emp_gender as emp_gen10_6_0_, employeems0_.emp_is_report_enabled as emp_is_11_6_0_, employeems0_.emp_joining_date as emp_joi12_6_0_, employeems0_.emp_lname as emp_lna13_6_0_, employeems0_.emp_mname as emp_mna14_6_0_, employeems0_.emp_modified_date as emp_mod15_6_0_, employeems0_.emp_p_email as emp_p_e16_6_0_, employeems0_.emp_photo as emp_pho17_6_0_, employeems0_.emp_relieving_date as emp_rel18_6_0_, employeems0_.emp_role_id as emp_rol19_6_0_, employeems0_.emp_shift_id as emp_shi20_6_0_, employeems0_.emp_status as emp_sta21_6_0_ from a_employees employeems0_ where employeems0_.emp_id=?
[30/10/2015 19:19:59 INFO  MyLogger:39] END : ImderpDaoImpl.getUserByUserName
[30/10/2015 19:19:59 INFO  MyLogger:39] END : CustomUserDetailsService.loadUserByUsername
[30/10/2015 19:19:59 INFO  MyLogger:21] START : ErpController.loadDashboard
[30/10/2015 19:19:59 INFO  MyLogger:39] END : ErpController.loadDashboard
[30/10/2015 19:19:59 INFO  MyLogger:21] START : LoginController.loadIndex
[30/10/2015 19:19:59 INFO  MyLogger:39] END : LoginController.loadIndex

我们可以看到,在完成dashboard.htm后,它会调用索引页面。

所以这里有什么问题?!

0 个答案:

没有答案
相关问题
最新问题