春季安全只允許oauth登錄

在我的項目中，我只是想允許oauth登錄。我的彈簧安全配置如下：春季安全只允許oauth登錄

@Override 
protected void configure(HttpSecurity http) throws Exception { 
    http.authorizeRequests().antMatchers("/login.html", "/oauth/**", "/sign**").permitAll() 
     .anyRequest().authenticated() 
     .and() 
      .formLogin().disable() 
      .httpBasic().disable()[enter image description here][1] 
      .exceptionHandling().accessDeniedPage("/login.html") 
     .and() 
      .apply(new SpringSocialConfigurer()); 
}

問題是訪問被拒絕的頁面不工作。我想login.html的內容如下：
login.html

其實我有403頁如下：
403

如何解決這個問題呢？

來源

2017-04-25 tanghuan

我解決這個問題，代碼如下：

@Override 
protected void configure(HttpSecurity http) throws Exception { 
    http.authorizeRequests() 
      .antMatchers("/login.html", "/oauth/**", "/sign**").permitAll() 
     .anyRequest() 
      .authenticated() 
     .and() 
      .exceptionHandling() 
      .defaultAuthenticationEntryPointFor(new HttpForbiddenEntryPoint(), AnyRequestMatcher.INSTANCE) 
     .and() 
      .logout() 
      .logoutUrl("/logout.html") 
      .clearAuthentication(true) 
      .logoutSuccessUrl("/login.html") 
     .and() 
      .apply(new SpringSocialConfigurer()); 

}

的切入點：

public class HttpForbiddenEntryPoint implements AuthenticationEntryPoint { 

    private String redirect_url = "/login.html"; 

    @Override 
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { 

     response.sendRedirect(redirect_url); 

    } 

    public String getRedirect_url() { 
     return redirect_url; 
    } 

    public void setRedirect_url(String redirect_url) { 
     this.redirect_url = redirect_url; 
    } 
}

來源

2017-04-26 02:47:41 tanghuan

春季安全只允許oauth登錄

回答

相關問題