我在spring mvc应用程序中使用Spring Security 4.2.3.RELEASE。我有登录成功处理程序来处理成功身份验证后的操作。
这是我的LoginSuccessHandler.java
package com.application.security;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import com.application.util.CommonUtils;
@PropertySource(value = { "classpath:application.properties" })
public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
private final static Logger logger = Logger.getLogger(LoginSuccessHandler.class);
@Autowired
Environment environment;
@Autowired
CommonUtils commonUtils;
@Override
public void onAuthenticationSuccess(
HttpServletRequest request,
HttpServletResponse response,
Authentication authentication) throws ServletException, IOException {
int sessionTimeOut = Integer.parseInt(environment.getRequiredProperty("server.session.timeout").toString().trim());
request.getSession().setMaxInactiveInterval(sessionTimeOut);
super.onAuthenticationSuccess(request, response, authentication);
CustomUser user = commonUtils.getLoggedInUserDetails();
if(user != null) {
if(!user.isPasswordReset()) {
response.sendRedirect("changePassword");
}
}
logger.info("Successfully LoggedIn......");
}
}
一切正常,直到生产线
response.sendRedirect("changePassword");执行。此行正在产生以下错误。
java.lang.IllegalStateException:提交响应后无法调用sendRedirect()
我知道当应用程序调用{{1}}
时,响应已经提交我需要重写此超类来解决此问题吗?还是其他想法?
答案 0 :(得分:1)
之所以会这样,是因为super.onAuthenticationSuccess(request, response, authentication);已经提交了响应
但是您使用response.sendRedirect("changePassword");的响应时间已经发送。
注意:此行应该是方法super.onAuthenticationSuccess(request, response, authentication);