我正在尝试这样做:让 spring security 在登录页面的查询字符串中添加 return to url https://stackoverflow.com/q/4696905/,即:让spring告诉登录页面我来自哪里。我有一些 SSO 集成..所以我会将 url 发送给他们,或者他们会为我附加引荐来源网址,所以我知道用户应该登录并发送到/some/url。这就是花花公子。我遇到的问题是延长LoginUrlAuthenticationEntryPoint(除非你能告诉我一个实施的充分理由AuthenticationEntryPoint反而)。我只需要修改登录页面的请求,如下所示:
RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
// only append returnto to '/login' urls
if(request.getServletPath() == "/login") {
// indicates we want to return to this page after login
redirectStrategy.sendRedirect(request, response, "/login?returnto=" + request.getServletPath());
}
我怎样才能让其余的请求做他们的事情呢?这是不正确的(我刚刚在做什么):
RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
// just forward the request
dispatcher.forward(request, response);
因为它使我们陷入重定向循环。然而似乎是spring 在其版本中做了什么commence http://grepcode.com/file/repo1.maven.org/maven2/org.springframework.security/spring-security-web/3.0.7.RELEASE/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java#109。我很困惑。我应该做什么commence在我的自定义扩展中LoginUrlAuthenticationEntryPoint?
弄清楚了。只需转发到附加“returnto”的登录页面即可。一开始我觉得很困惑,因为LoginUrlAuthenticationEntryPoint乍一看,这并不意味着“这会将用户重定向到登录页面”。这就是我所需要的:
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authenticationException) throws IOException, ServletException {
RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
redirectStrategy.sendRedirect(request, response, "/login?returnto=" + request.getServletPath());
}
这很有用:grepcode.com 上的 LoginUrlAuthenticationEntryPoint.java http://grepcode.com/file/repo1.maven.org/maven2/org.springframework.security/spring-security-web/3.0.7.RELEASE/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java#109
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
