Spring Security始终重定向到" /"登录后

时间:2016-05-20 13:51:22

标签: spring spring-security

我将Spring Security Kerberos添加到我的应用程序中,并且我实现了表单登录,以防用户未登录到域或浏览器不支持SSO。唯一的问题是,成功登录后用户不会被重定向到原始页面,而是重定向到默认的" /"。下面你可以找到我的配置,我想要的是什么?

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .headers().frameOptions().disable()
                .and()
                .exceptionHandling().accessDeniedPage("/login")
                .authenticationEntryPoint(spnegoEntryPoint())
                .and()
                .authorizeRequests()
                .regexMatchers("^\\S*.js|\\S*.css$").permitAll()
                .anyRequest().hasAnyAuthority("APP USER")
                .and()
                .logout()
                .permitAll()
                .and()
                .formLogin().loginPage("login").loginProcessingUrl("/spnego_login").permitAll()
                .and()
                .rememberMe().rememberMeServices(rememberMeServices()).key(KEY)
                .and()
                .addFilterBefore(
                        spnegoAuthenticationProcessingFilter(authenticationManagerBean()),
                        BasicAuthenticationFilter.class)
                .csrf().disable();
    }

登录页面

<form class="form-signin" action="/spnego_login" method="post" accept-charset=utf-8>
            <h2 class="form-signin-heading">Please Log In Manually</h2>
            <label for="inputEmail" class="sr-only">Username</label>
            <input type="text" id="inputEmail" class="form-control" placeholder="username" name="username" required autofocus>
            <label for="inputPassword" class="sr-only">Password</label>
            <input type="password" id="inputPassword" class="form-control" placeholder="Password" name="password" required>
            <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
        </form>

UPDATE 我尝试使用SavedRequestAwareAuthenticationSuccessHandler按照建议使用,但事实证明在Cache中找不到以前的URL。因此,成功处理程序始终默认。

2 个答案:

答案 0 :(得分:1)

将登录页面URL和登录进程URL设置为相同的URL后,重定向开始正常工作

答案 1 :(得分:-1)

这个配置对我来说非常好

@Configuration
@EnableWebSecurity
@EnableWebMvcSecurity
public class SecurityConfigurations extends WebSecurityConfigurerAdapter {

    @Autowired
    DataSource dataSource;

    @Autowired
    public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {

          auth.jdbcAuthentication().dataSource(dataSource)
            .usersByUsernameQuery(
                "select login,password,enabled from users where login=?")
            .authoritiesByUsernameQuery(
                "select u.login,r.role from roles as r , users as u where u.id=r.user_id and u.login=?");
        }

    @Override
    protected void configure(HttpSecurity http) throws Exception   {

      http.authorizeRequests()
        .antMatchers("/index").access("hasRole('ROLE_USER')")
        .and()
          .formLogin().loginProcessingUrl("/j_spring_security_check").loginPage("/login").failureUrl("/login?error")
          .usernameParameter("login").passwordParameter("password")
        .and()
          .logout().logoutSuccessUrl("/login").and()
          .csrf();
    }

}

jsp表格:

<form method="POST" action="j_spring_security_check" >

              <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />

                <div class="form-group">
                  <input type="text" class="form-control material" name="login" autofocus="autofocus">
                </div>
                <div class="form-group">
                  <input type="password" class="form-control material" name="password" >
                </div>

                <button type="submit" class="btn btn-block btn-info text-uppercase waves waves-effect waves-float">Login</button>

              </form>