将Spring SAML重定向到不同的URL

zpqajqem  于 2022-10-23  发布在  Spring
关注(0)|答案(1)|浏览(244)

我将这个spring boot SAML sample project应用到我现有的项目中。但我注意到,重定向URL会被自动设置为URL,在那里我会被重定向到登录页面。我想知道有没有什么方法可以让我将这个重定向URL更改为不同的URL?将触发重定向到身份验证页面的基本URL是http链接,但我需要在登录后重定向到HTTPS链接。(现在我无法前进到可以输入凭据的页面。我被无效的URL错误阻止了。)目前,我尝试创建一个定制的LoginSuccessHandler来实现AuthenticationSuccessHandler

@Component
public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler{

    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                        Authentication authentication) throws IOException, ServletException {

        redirectStrategy.sendRedirect(request, response,"/testing");
    }
}

我在SAML配置中有这个

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .httpBasic()
            .authenticationEntryPoint(samlEntryPoint());
    http
            .addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
            .addFilterAfter(samlFilter(), BasicAuthenticationFilter.class)
            .addFilterBefore(samlFilter(), CsrfFilter.class);
    http
            .authorizeRequests()
            .antMatchers("/api/**").permitAll()
            .anyRequest().authenticated().and().formLogin().successHandler(successHandler);
    http
            .logout()
            .disable(); // The logout procedure is already handled by SAML filters.
}

但这并不管用。重定向URL不会更改为我指定的地址(“/test”)。在使用Inteli J调试模式时,似乎没有执行此自定义类。所以我怀疑我叫这门课的方式是错误的。然后我还尝试将这个LoginSuccessHandler类提供给samlWebSSOProcessingFilter,这也没有什么不同。

@Bean
public SAMLProcessingFilter samlWebSSOProcessingFilter() throws Exception {
    SAMLProcessingFilter samlWebSSOProcessingFilter = new SAMLProcessingFilter();
    samlWebSSOProcessingFilter.setAuthenticationManager(authenticationManager());
    samlWebSSOProcessingFilter.setFilterProcessesUrl("/spring-security-saml2-sample");
    samlWebSSOProcessingFilter.setAuthenticationSuccessHandler(successRedirectHandler());

    return samlWebSSOProcessingFilter;
}
jmp7cifd

jmp7cifd1#

您需要执行以下更改才能重定向到所需的URL。首先在WebSecurityConfig文件中注入依赖项LoginSuccessHandler

@Autowired
private LoginSuccessHandler loginSuccessHandler;

然后更新SAMLProcessingFilter,如下所述

// Processing filter for WebSSO profile messages
@Bean
public SAMLProcessingFilter samlWebSSOProcessingFilter() throws Exception {
    SAMLProcessingFilter samlWebSSOProcessingFilter = new SAMLProcessingFilter();
    samlWebSSOProcessingFilter.setAuthenticationManager(authenticationManager());
    samlWebSSOProcessingFilter.setAuthenticationSuccessHandler(loginSuccessHandler);
     samlWebSSOProcessingFilter.setAuthenticationFailureHandler(authenticationFailureHandler());
    return samlWebSSOProcessingFilter;
}

然后在LoginSuccessHandler中进行以下更改

@Component
public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
            Authentication authentication) throws IOException, ServletException {
        // Add your server URL below.
        String redirectUri = "https://{server}/testing";
        response.sendRedirect(redirectUri);
    }

}

相关问题