我已经关注了 spring boot security tutorial但最终结果有一个问题,成功登录后,浏览器重定向到 /undefined
。
我什至克隆了教程中引用的代码,以为我输入错误,或者忘记添加组件什么的。不,还有同样的问题。
在 Stackoverflow 上搜索我发现您需要在 WebSecurityConfigurerAdapter
的 configure
方法中定义默认成功 URL,如下所示:
.defaultSuccessUrl("/")
但还是不行。访问 protected 资源会导致登录页面,成功登录后我不会被重定向到 protected 资源。我进入“/undefined”页面。然而,强制成功是可行的:
.defaultSuccessUrl("/", true)
...但这不是我需要的,因为在成功登录后,用户应该被重定向到(最初)请求的安全资源。
这里是项目的相关部分:
网络安全配置:
package ro.rinea.andrei.Security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/")
.permitAll()
.and()
.logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}
Controller :
package ro.rinea.andrei.Controllers;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class WebController {
@RequestMapping("/")
public String index() {
return "index";
}
@RequestMapping("/salut")
public String salut() {
return "salut";
}
@RequestMapping("/login")
public String login() {
return "login";
}
}
index
、login
和salut
定义了 View (如果需要我会添加它们的内容)
和 build.gradle 文件:
buildscript {
ext {
springBootVersion = '1.4.0.RELEASE'
}
repositories {
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
}
}
apply plugin: 'java'
apply plugin: 'idea'
apply plugin: 'spring-boot'
jar {
baseName = 'tstBut'
version = '0.0.1-SNAPSHOT'
}
sourceCompatibility = 1.8
targetCompatibility = 1.8
repositories {
mavenCentral()
}
dependencies {
compile('org.springframework.boot:spring-boot-devtools')
compile('org.springframework.boot:spring-boot-starter-jdbc')
compile('org.springframework.boot:spring-boot-starter-jersey')
compile('org.springframework.boot:spring-boot-starter-mobile')
compile('org.springframework.boot:spring-boot-starter-thymeleaf')
compile('org.springframework.boot:spring-boot-starter-validation')
compile('org.springframework.boot:spring-boot-starter-web')
compile('org.springframework.boot:spring-boot-starter-web-services')
compile('org.springframework.boot:spring-boot-starter-security')
runtime('org.postgresql:postgresql')
testCompile('org.springframework.boot:spring-boot-starter-test')
testCompile('org.springframework.restdocs:spring-restdocs-mockmvc')
}
最佳答案
你可以像这样添加一个 successHandler 来重定向:
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
...
.formLogin()
.loginPage("/login")
.successHandler(new AuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
redirectStrategy.sendRedirect(request, response, "/");
}
})
关于java - 成功登录后 Spring Boot Security 重定向 - 未定义,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/38962099/