我已經看到類似這樣的問題,但我還沒有看到針對特定問題的答案。彈簧安全jsf在成功登錄後不會重定向
我正在使用spring security 2.1和jsf 2.1。我有一個自定義的jsf登錄控制器,我開發它來處理來自xhtml文件的登錄。
這裏是登錄方法:
public String login() throws ServletException, IOException {
ExternalContext context = FacesContext.getCurrentInstance()
.getExternalContext();
RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
.getRequestDispatcher("/j_spring_security_check");
dispatcher.forward((ServletRequest) context.getRequest(),
(ServletResponse) context.getResponse());
FacesContext.getCurrentInstance().responseComplete();
Exception e = (Exception) FacesContext.getCurrentInstance().
getExternalContext().getSessionMap().get(WebAttributes.AUTHENTICATION_EXCEPTION);
// It's OK to return null here because Faces is just going to exit.
return null;
}
我把示例代碼從另一個交。
這裏是我的Spring配置:
<http use-expressions="true" auto-config="true">
<!-- <intercept-url pattern="/signin.xhtml" access="permitAll" /> -->
<intercept-url pattern="/internal/private/**" access="hasRole('USER')" />
<!-- <intercept-url pattern="/scheduling/internal/private/**" access="hasAnyRole('ADMIN','USER')"
/> -->
<!--<intercept-url pattern="/javax.faces.resource/**" access="permitAll"/>
<intercept-url pattern="/**" access="permitAll" /> -->
<form-login default-target-url="/internal/private/landing.xhtml"
login-page="/signin.xhtml" />
</http>
正如你可以看到我的默認的目標URL是 「/internal/private/landing.xhtml」。我打開了調試,可以看到身份驗證已通過,但從未重定向到默認頁面。
下面是一個從顯示了從春天重定向呼叫日誌剪斷:
08:58:03,701 DEBUG [org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy] (http-localhost-127.0.0.1-8080-2) Invalidating session with Id 'qPg2MdmRgSpTcV6CVT7cb-9M.undefined' and migrating attributes.
08:58:03,703 DEBUG [org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy] (http-localhost-127.0.0.1-8080-2) Started new session: GFoQyvUtbd+lmZiNw0QKRrI-.undefined
08:58:03,705 DEBUG [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter] (http-localhost-127.0.0.1-8080-2) Authentication success. Updating SecurityContextHolder to contain: org.springframew[email protected]d9fa0ad7: Principal: [email protected]: Username: roland.jones; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ADMIN,USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: qPg2MdmRgSpTcV6CVT7cb-9M.undefined; Granted Authorities: ADMIN, USER
08:58:03,714 DEBUG [org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler] (http-localhost-127.0.0.1-8080-2) Using default Url: /internal/private/landing.html
08:58:03,716 DEBUG [org.springframework.security.web.DefaultRedirectStrategy] (http-localhost-127.0.0.1-8080-2) Redirecting to '/scheduling/internal/private/landing.html'
08:58:03,718 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] (http-localhost-127.0.0.1-8080-2) SecurityContext stored to HttpSession: '[email protected]fa0ad7: Authentication: org.springframew[email protected]d9fa0ad7: Principal: [email protected]: Username: roland.jones; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ADMIN,USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: qPg2MdmRgSpTcV6CVT7cb-9M.undefined; Granted Authorities: ADMIN, USER'
08:58:03,727 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] (http-localhost-127.0.0.1-8080-2) SecurityContext stored to HttpSession: '[email protected]fa0ad7: Authentication: org.springframew[email protected]d9fa0ad7: Principal: [email protected]: Username: roland.jones; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ADMIN,USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: qPg2MdmRgSpTcV6CVT7cb-9M.undefined; Granted Authorities: ADMIN, USER'
08:58:05,156 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] (http-localhost-127.0.0.1-8080-2) Chain processed normally
後,我嘗試登錄,如果我在地址默認網址鍵入它去那裏沒有任何問題,所以我知道驗證通過。
請幫忙。謝謝!
所以我實際上使用Spring Security 3.1,並且我創建了一個像上面那樣的自定義成功處理程序,但仍然沒有重定向。是否有我需要做的另一個配置。 – braveheart1996
感謝您的幫助,但我明白了。我使用的是Primefaces按鈕,由於某種原因,Spring不喜歡這樣。當我更改爲常規的jsf按鈕時,它工作正常。我可以就此向春季提出一個問題。 – braveheart1996