在我的选择中,此配置应该允许从root
站点的所有页面上的安全性访问site.com后,我看到主页面,但应该重定向到登录页面
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf()
.disable()
.authorizeRequests()
.antMatchers("/resources/**").permitAll()
.antMatchers("/register").permitAll()
.antMatchers("/login").permitAll()
.and();
http.formLogin()
.loginPage("/login")
.loginProcessingUrl("/j_spring_security_check")
.successHandler(getAuthenticationSuccess())
.failureUrl("/login?error=accessDenied")
.usernameParameter("j_username")
.passwordParameter("j_password")
.permitAll()
.and()
.authorizeRequests()
.antMatchers("/**").authenticated()
.anyRequest().authenticated()
.and();
http.logout()
.logoutSuccessUrl("/")
.logoutUrl("/logout")
.permitAll();
http.headers().xssProtection();
答案 0 :(得分:2)
如果要重定向到登录页面,请在看到主页面后注销,输入登录URL以注销成功网址
http.formLogin()
.loginPage("/login")
.loginProcessingUrl("/j_spring_security_check")
.successHandler(getAuthenticationSuccess())
.failureUrl("/login?error=accessDenied")
.usernameParameter("j_username")
.passwordParameter("j_password")
.permitAll()
.and()
.authorizeRequests()
.antMatchers("/**").authenticated()
.anyRequest().authenticated()
.and()
.logout()
.logoutSuccessUrl("/login")
.permitAll();