Spring Security Spring Boot 重定向到错误的URL

iklwldmw  于 2023-11-19  发布在  Spring
关注(0)|答案(1)|浏览(173)

spring Boot 安全应该默认重定向到请求的url。根据https://stackoverflow.com/questions/36243352/how-to-set-redirection-after-successful-login
默认情况下,Spring Security将在登录后重定向到您试图访问的安全资源
在服务器运行并输入localhost:3000/categories后,它正确地将我路由到/login,但在成功登录后,它将我路由到http://localhost:8080/js/demo/chart-pie-demo.js?continue,当然不是/categories

  • SecurityConfig.java*:
  1. ...
  2.  @Bean
  3.     SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
  4.         http.authorizeHttpRequests(req -> req
  5.                 // 1. enable project static assets
  6.                 .requestMatchers("/css/*").permitAll()
  7.                 .requestMatchers("/img/*").permitAll()
  8.                 .requestMatchers("/js/*").permitAll()
  9.                 .requestMatchers("/scss/*").permitAll()
  10.                 .requestMatchers("/vendor/*").permitAll()
  12.                 // 2. admin
  13.                 .requestMatchers("/admin/*").hasRole("ADMIN")
  15.                 // 3. enable for all
  16.                 .requestMatchers("/register").permitAll()
  17.                 .requestMatchers("/register-new").permitAll()
  18.                 .requestMatchers("/forgot-password").permitAll()
  20.                 // 4. else require authentication
  21.                 .anyRequest().authenticated()
  22.         ).formLogin(form -> form
  23.                 .loginPage("/login")
  24.                 .loginProcessingUrl("/do-login")
  25.                 .permitAll()
  26.         ).logout(logout -> logout
  27.                 .invalidateHttpSession(true)
  28.                 .clearAuthentication(true)
  29.                 .permitAll()
  30.         );
  31.         return http.build();
  32.     }
  33. ...

字符串

  • LoginController.java*:
  1. @Controller
  2. public class LoginController {
  3.     @Autowired
  4.     private AdminService adminService;
  6.     @GetMapping("/login")
  7.     public String loginForm() {
  8.         return "login";
  9.     }
  11.     @GetMapping("/register")
  12.     public String register(Model model) {
  13.         model.addAttribute("adminDto", new AdminDto());
  14.         return "register";
  15.     }
  17.     @GetMapping("/forgot-password")
  18.     public String forgotPassword(Model model) {
  19.         return "forgot-password";
  20.     }
  22.     @PostMapping("/register-new")
  23.     public String addNewAdmin(
  24.             @Valid @ModelAttribute("adminDto") AdminDto adminDto,
  25.             BindingResult result,
  26.             Model model,
  27.             RedirectAttributes redirectAttributes) {
  28.         // dto is not changed anywhere so could be just passed as is
  29.         model.addAttribute("adminDto", adminDto);
  30.         try {
  31.             // 1. errors in validation
  32.             if (result.hasErrors()) {
  33.                 System.out.println("there were errors");
  34.                 return "/register";
  35.             }
  36.             // 2. user is already registered
  37.             if (adminService.findByUsername(adminDto.getUsername()) != null) {
  38.                 redirectAttributes.addFlashAttribute("message", "You are already registered");
  39.                 return "redirect:/register";
  40.             }
  41.             // 3. password and repeatPassword do not equal
  42.             if (!adminDto.getPassword().equals(adminDto.getRepeatPassword())) {
  43.                 redirectAttributes.addFlashAttribute("message", "Passwords are not same");
  44.                 return "redirect:/register";
  45.             }
  46.             // 4. success
  47.             adminService.save(adminDto);
  48.             redirectAttributes.addFlashAttribute("message", "Registered successfully");
  49.         } catch (Exception e) {
  50.             // 5. all other errors
  51.             redirectAttributes.addFlashAttribute("message", "Unknown server error");
  52.             return "redirect:/register";
  53.         }
  54.         return "redirect:/register";
  55.     }
  56. }

  • 登录.html*:
  1. <!DOCTYPE html>
  2. <html lang="en" xmlns:th="http://www.thymeleaf.org">
  4. <div th:replace="~{fragments/header::header}"></div>
  6. <body class="bg-gradient-primary">
  8.   <div class="container">
  10.     <!-- Outer Row -->
  11.     <div class="row justify-content-center">
  13.       <div class="col-xl-10 col-lg-12 col-md-9">
  15.         <div class="card o-hidden border-0 shadow-lg my-5">
  16.           <div class="card-body p-0">
  17.             <!-- Nested Row within Card Body -->
  18.             <div class="row">
  19.               <div class="col-lg-6 d-none d-lg-block bg-login-image"></div>
  20.               <div class="col-lg-6">
  21.                 <div class="p-5">
  22.                   <div class="text-center">
  23.                     <h1 class="h4 text-gray-900 mb-4">Welcome Back!</h1>
  24.                   </div>
  25.                   <div th:if="${param.error}" class="alert alert-danger text-center">
  26.                     Invalid username or password
  27.                   </div>
  28.                   <div th:if="${param.logout}" class="alert alert-info text-center">
  29.                     You have been logged out
  30.                   </div>
  31.                   <form th:action="@{/do-login}" method="post" class="user">
  32.                     <div class="form-group">
  33.                       <input type="email" name="username" class="form-control form-control-user" id="exampleInputEmail"
  34.                         aria-describedby="emailHelp" placeholder="Enter Email Address...">
  35.                     </div>
  36.                     <div class="form-group">
  37.                       <input type="password" name="password" class="form-control form-control-user"
  38.                         id="exampleInputPassword" placeholder="Password">
  39.                     </div>
  40.                     <button class="btn btn-primary btn-user btn-block">
  41.                       Login
  42.                     </button>
  43.                   </form>
  44.                   <hr>
  45.                   <div class="text-center">
  46.                     <a class="small" th:href="@{/forgot-password}">Forgot Password?</a>
  47.                   </div>
  48.                   <div class="text-center">
  49.                     <a class="small" th:href="@{/register}">Create an Account!</a>
  50.                   </div>
  51.                 </div>
  52.               </div>
  53.             </div>
  54.           </div>
  55.         </div>
  57.       </div>
  59.     </div>
  61.   </div>
  63.   <div th:replace="~{fragments/scripts::scripts}"></div>
  65. </body>
  67. </html>

  • $tree src/main/resources/templates*:
  1. src/main/resources/templates/
  2. ├── categories.html
  3. ├── forgot-password.html
  4. ├── fragments
  5.    ├── footer.html
  6.    ├── header.html
  7.    ├── scripts.html
  8.    ├── sidebar.html
  9.    └── topbar.html
  10. ├── index.html
  11. ├── login.html
  12. └── register.html


编辑:前端或模板来自sb-admin-2
EDIT 2:spring-boot安全调试日志:

  1. 2023-11-16T14:50:29.214+01:00  INFO 3766 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
  2. 2023-11-16T14:50:29.226+01:00  INFO 3766 --- [           main] c.e.ecommerce.EcommerceApplication       : Started EcommerceApplication in 6.398 seconds (process running for 6.825)
  3. 2023-11-16T14:50:39.372+01:00  INFO 3766 --- [nio-8080-exec-2] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
  4. 2023-11-16T14:50:39.373+01:00  INFO 3766 --- [nio-8080-exec-2] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
  5. 2023-11-16T14:50:39.375+01:00  INFO 3766 --- [nio-8080-exec-2] o.s.web.servlet.DispatcherServlet        : Completed initialization in 2 ms
  6. 2023-11-16T14:50:39.392+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy        : Securing GET /categories
  7. 2023-11-16T14:50:39.429+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  8. 2023-11-16T14:50:39.449+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/categories?continue to session
  9. 2023-11-16T14:50:39.450+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  10. 2023-11-16T14:50:39.462+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy        : Securing GET /login
  11. 2023-11-16T14:50:39.463+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy        : Secured GET /login
  12. 2023-11-16T14:50:39.898+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  13. 2023-11-16T14:50:39.962+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy        : Securing GET /vendor/fontawesome-free/css/all.min.css
  14. 2023-11-16T14:50:39.964+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy        : Securing GET /css/sb-admin-2.min.css
  15. 2023-11-16T14:50:39.965+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : Securing GET /vendor/jquery/jquery.min.js
  16. 2023-11-16T14:50:39.969+01:00 DEBUG 3766 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy        : Securing GET /js/sb-admin-2.min.js
  17. 2023-11-16T14:50:39.969+01:00 DEBUG 3766 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy        : Securing GET /vendor/jquery-easing/jquery.easing.min.js
  18. 2023-11-16T14:50:39.971+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : Securing GET /vendor/bootstrap/js/bootstrap.bundle.min.js
  19. 2023-11-16T14:50:39.973+01:00 DEBUG 3766 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy        : Secured GET /js/sb-admin-2.min.js
  20. 2023-11-16T14:50:39.975+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy        : Secured GET /css/sb-admin-2.min.css
  21. 2023-11-16T14:50:39.979+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  22. 2023-11-16T14:50:39.981+01:00 DEBUG 3766 --- [nio-8080-exec-8] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  23. 2023-11-16T14:50:39.982+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  24. 2023-11-16T14:50:39.984+01:00 DEBUG 3766 --- [nio-8080-exec-8] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/vendor/jquery-easing/jquery.easing.min.js?continue to session
  25. 2023-11-16T14:50:39.984+01:00 DEBUG 3766 --- [nio-8080-exec-8] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  26. 2023-11-16T14:50:39.985+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/vendor/jquery/jquery.min.js?continue to session
  27. 2023-11-16T14:50:39.985+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  28. 2023-11-16T14:50:39.986+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  29. 2023-11-16T14:50:39.986+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/vendor/fontawesome-free/css/all.min.css?continue to session
  30. 2023-11-16T14:50:39.987+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  31. 2023-11-16T14:50:39.988+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/vendor/bootstrap/js/bootstrap.bundle.min.js?continue to session
  32. 2023-11-16T14:50:39.990+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  33. 2023-11-16T14:50:39.990+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy        : Securing GET /vendor/chart.js/Chart.min.js
  34. 2023-11-16T14:50:39.991+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy        : Securing GET /js/demo/chart-area-demo.js
  35. 2023-11-16T14:50:39.997+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : Securing GET /js/demo/chart-pie-demo.js
  36. 2023-11-16T14:50:40.000+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  37. 2023-11-16T14:50:40.002+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  38. 2023-11-16T14:50:40.002+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/vendor/chart.js/Chart.min.js?continue to session
  39. 2023-11-16T14:50:40.002+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  40. 2023-11-16T14:50:40.003+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  41. 2023-11-16T14:50:40.004+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/js/demo/chart-area-demo.js?continue to session
  42. 2023-11-16T14:50:40.004+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  43. 2023-11-16T14:50:40.006+01:00 DEBUG 3766 --- [nio-8080-exec-7] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  44. 2023-11-16T14:50:40.008+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  45. 2023-11-16T14:50:40.009+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/js/demo/chart-pie-demo.js?continue to session
  46. 2023-11-16T14:50:40.010+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  47. 2023-11-16T14:50:40.069+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy        : Securing GET /login
  48. 2023-11-16T14:50:40.070+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy        : Secured GET /login
  49. 2023-11-16T14:50:40.070+01:00 DEBUG 3766 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy        : Securing GET /login
  50. 2023-11-16T14:50:40.070+01:00 DEBUG 3766 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy        : Secured GET /login
  51. 2023-11-16T14:50:40.072+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : Securing GET /login
  52. 2023-11-16T14:50:40.072+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : Secured GET /login
  53. 2023-11-16T14:50:40.073+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy        : Securing GET /login
  54. 2023-11-16T14:50:40.074+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy        : Secured GET /login
  55. 2023-11-16T14:50:40.075+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy        : Securing GET /login
  56. 2023-11-16T14:50:40.076+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy        : Secured GET /login
  57. 2023-11-16T14:50:40.078+01:00 DEBUG 3766 --- [nio-8080-exec-8] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  58. 2023-11-16T14:50:40.077+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  59. 2023-11-16T14:50:40.076+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy        : Securing GET /login
  60. 2023-11-16T14:50:40.079+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy        : Secured GET /login
  61. 2023-11-16T14:50:40.080+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy        : Securing GET /login
  62. 2023-11-16T14:50:40.081+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy        : Secured GET /login
  63. 2023-11-16T14:50:40.083+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  64. 2023-11-16T14:50:40.083+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  65. 2023-11-16T14:50:40.083+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  66. 2023-11-16T14:50:40.087+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  67. 2023-11-16T14:50:40.087+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  68. 2023-11-16T14:50:40.109+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy        : Securing GET /vendor/jquery-easing/jquery.easing.min.js
  69. 2023-11-16T14:50:40.113+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  70. 2023-11-16T14:50:40.114+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/vendor/jquery-easing/jquery.easing.min.js?continue to session
  71. 2023-11-16T14:50:40.115+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  72. 2023-11-16T14:50:40.173+01:00 DEBUG 3766 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy        : Securing GET /login
  73. 2023-11-16T14:50:40.174+01:00 DEBUG 3766 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy        : Secured GET /login
  74. 2023-11-16T14:50:40.180+01:00 DEBUG 3766 --- [nio-8080-exec-7] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  75. 2023-11-16T14:50:40.184+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : Securing GET /vendor/chart.js/Chart.min.js
  76. 2023-11-16T14:50:40.188+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  77. 2023-11-16T14:50:40.189+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/vendor/chart.js/Chart.min.js?continue to session
  78. 2023-11-16T14:50:40.189+01:00 DEBUG 3766 --- [nio-8080-exec-9] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  79. 2023-11-16T14:50:40.197+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy        : Securing GET /login
  80. 2023-11-16T14:50:40.197+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy        : Secured GET /login
  81. 2023-11-16T14:50:40.203+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  82. 2023-11-16T14:50:40.208+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy        : Securing GET /js/demo/chart-area-demo.js
  83. 2023-11-16T14:50:40.212+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  84. 2023-11-16T14:50:40.213+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/js/demo/chart-area-demo.js?continue to session
  85. 2023-11-16T14:50:40.214+01:00 DEBUG 3766 --- [nio-8080-exec-2] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  86. 2023-11-16T14:50:40.218+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy        : Securing GET /login
  87. 2023-11-16T14:50:40.219+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy        : Secured GET /login
  88. 2023-11-16T14:50:40.223+01:00 DEBUG 3766 --- [nio-8080-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  89. 2023-11-16T14:50:40.227+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : Securing GET /js/demo/chart-pie-demo.js
  90. 2023-11-16T14:50:40.230+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  91. 2023-11-16T14:50:40.231+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.s.w.s.HttpSessionRequestCache        : Saved request http://localhost:8080/js/demo/chart-pie-demo.js?continue to session
  92. 2023-11-16T14:50:40.231+01:00 DEBUG 3766 --- [nio-8080-exec-6] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  93. 2023-11-16T14:50:40.237+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy        : Securing GET /login
  94. 2023-11-16T14:50:40.238+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy        : Secured GET /login
  95. 2023-11-16T14:50:40.242+01:00 DEBUG 3766 --- [nio-8080-exec-5] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  96. 2023-11-16T14:50:40.247+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy        : Securing GET /favicon.ico
  97. 2023-11-16T14:50:40.249+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  98. 2023-11-16T14:50:40.250+01:00 DEBUG 3766 --- [io-8080-exec-10] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://localhost:8080/login
  99. 2023-11-16T14:50:40.257+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy        : Securing GET /login
  100. 2023-11-16T14:50:40.258+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy        : Secured GET /login
  101. 2023-11-16T14:50:40.261+01:00 DEBUG 3766 --- [nio-8080-exec-1] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
  102. 2023-11-16T14:52:10.158+01:00 DEBUG 3766 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy        : Securing POST /do-login


编辑3:有人可能认为这是回答已经在这里Java Spring App redirect wrong URL on Tomcat+Apache2,但有解决方案是:
假设它是一个spring Boot 应用程序,那么您应该在spring应用程序中定义两个操作路径
但是我已经定义了我重定向的所有路径,也就是说-对于每个return "redirect:/register";

  1. @GetMapping("/register")
  2.     public String register(Model model) {
  3.         model.addAttribute("adminDto", new AdminDto());
  4.         return "register";
  5.     }


所以这对我来说显然不是一个解决方案

spring-security

1条答案

按热度按时间
guykilcj

guykilcj1#

您可以使用身份验证。下面是一个自定义MySimpleUrlAuthenticationAuthentication类的简单示例,它实现了AuthenticationAuthentication和AuthenticationFailureAuthentication接口。此示例使用Spring Security来处理身份验证成功和失败:

  1. public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler {
  3.     @Override
  4.     public void onAuthenticationSuccess(
  5.             HttpServletRequest request,
  6.             HttpServletResponse response,
  7.             Authentication authentication) throws IOException, ServletException {
  8.         response.sendRedirect("/categories");
  9.     }
  11.     @Override
  12.     public void onAuthenticationFailure(
  13.             HttpServletRequest request,
  14.             HttpServletResponse response,
  15.             AuthenticationException exception) throws IOException, ServletException {
  16.         response.sendRedirect("/login");
  17.     }
  18. }

字符串
onAuthenticationSuccess方法处理成功的身份验证。onAuthenticationFailure方法处理身份验证失败。
在SecurityFilterChain中使用它:

  1. http.formLogin(form -> form
  2.                 .loginPage("/login")
  3.                 .loginProcessingUrl("/login")
  4.                 .successHandler(MySimpleUrlAuthenticationSuccessHandler())
  5.                 .failureHandler(MySimpleUrlAuthenticationFailureHandler())
  6.                 .permitAll()
  7.         );

展开查看全部
赞(0)分享  回复(0)举报  2023-11-19
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com