当使用Spring security和oauth时
我有一个问题,当我登录成功后,它会重定向到“/login”,但我没有设置它,如何重定向到登录前的页面?
以下是详细信息:
授权中心:
spring:
application:
name: auth-server
server:
port: 6001
servlet:
context-path: /uaa
登录页面网址:/login
下面是配置
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/login", "/oauth/authorize**")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error=true")
.permitAll()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutUrl("/logout")
.and()
.exceptionHandling()
.accessDeniedPage("/403");
http.cors().and().csrf().disable();
http.sessionManagement().invalidSessionUrl("/login");
http.sessionManagement().maximumSessions(1).maxSessionsPreventsLogin(true);
}
客户:
server:
port: 4000
security:
oauth2:
client:
clientId: community
clientSecret: 123456
accessTokenUri: http://localhost:6001/uaa/oauth/token
userAuthorizationUri: http://localhost:6001/uaa/oauth/authorize
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
下面是安全配置
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutSuccessUrl("http://localhost:6001/uaa/auth/logout")
.and()
.exceptionHandling()
.accessDeniedHandler(deniedHandler);
http.csrf().disable();
http.httpBasic().disable();
}
当我登录成功时,它会重定向到
http://localhost:6001/uaa/oauth/authorize?client_id=community&redirect_uri=http://127.0.0.1:4000/login&response_type=code&state=jy2gLx
但 4000 是客户端端口。
最佳答案
我找到答案了,客户端的application.yml有一些错误
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
网址错误
resource:
userInfoUri: http://localhost:6001/uaa/user/me
我纠正了它并且它起作用了
关于java - Spring Oauth 和登录成功时安全重定向到/login,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61249269/