登录成功后,我试图记录当前登录时间(在方法或对象中),并将 LastLogin 时间分配给注销时的当前登录时间。我正在使用spring security进行登录,注销。但我不知道如何在方法进入目标 URL 之前对其进行控制。
Spring 安全.xml
<security:form-login login-page="/login" login-processing-url="/home/currentTime" authentication-failure-url="/login?error=true" default-target-url="/home"/>
<security:logout invalidate-session="true" logout-success-url="/home/copyLastloginToCurrentLoginTime" logout-url="/logout" />
Controller
@RequestMapping(value = "/currentTime", method = RequestMethod.GET)
public void recordCurrentLoginTime(Model model) {
// code to record current time
}
@RequestMapping(value = "/copyLastloginToCurrentLoginTime", method = RequestMethod.GET)
public void changeLastLoginTime(Model model) {
//code to copy current to last time
}
问题
我收到错误 404 for - project-title/j_spring_security_check URL,当我尝试调试时,它根本没有进入 Controller 方法。
我应该为此使用一些过滤器或其他东西吗?
我找到了this和 that但这并没有帮助。
最佳答案
写你自己的 AuthenticationSuccessHandler
和 LogoutSuccessHandler
.
例子:
spring-security.xml :
<security:form-login login-page="/login"
login-processing-url="/login_check"
authentication-failure-url="/login?error=true"
authentication-success-handler-ref="myAuthenticationSuccessHandler"
/>
<security:logout
logout-url="/logout"
success-handler-ref="myLogoutSuccessHandler"
/>
身份验证成功处理程序
@Component
public class MyAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
@Autowired
private UserService userService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
// changeLastLoginTime(username)
userService.changeLastLoginTime(authentication.getName());
setDefaultTargetUrl("/home");
super.onAuthenticationSuccess(request, response, authentication);
}
}
注销成功处理程序
@Component
public class MyLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
@Override
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
if (authentication != null) {
// do something
}
setDefaultTargetUrl("/login");
super.onLogoutSuccess(request, response, authentication);
}
}
关于spring-mvc - 在 Spring Security 中调用 target-url 之前,如何在登录/注销时重定向到方法?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/6769654/