設置:Spring Boot and security:如何擴展302狀態碼的響應?
- 春季啓動應用程序
- 的OAuth2安全
- ReactJS的UI實現
使用案例:
- 登錄到應用
- 打開其他選項卡,在同一個瀏覽器相同的應用 從標籤中的一個應用
- 註銷,用戶被重定向到登錄查看
- 轉到第一個選項卡(用戶已註銷,如果我刷新頁面,我會得到登錄表單)並執行任何觸發POST/PUT/PATCH請求的操作。的請求和下面響應例如:
請求:
Request URL:http://localhost:8080/api/info
Request Method:PUT
Status Code:302 Found
Remote Address:[::1]:8080
Referrer Policy:no-referrer-when-downgrade
accept:application/json
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.8,sv;q=0.6,ru;q=0.4,uk;q=0.2,fr;q=0.2
Cache-Control:no-cache
Connection:keep-alive
Content-Length:66
Content-Type:application/json
Cookie:_ga=GA1.1.1868465923.1505828166; _gid=GA1.1.612220229.1507272075; session=e4oSW4Kq; prod_user_session=4d6b615f-521704; user_session=g3ggLxJDomyZ
Host:localhost:8080
mode:cors
Origin:http://localhost:8080
Pragma:no-cache
Referer:http://localhost:8080/profile
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
響應:
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Connection:keep-alive
Content-Length:0
Date:Fri, 06 Oct 2017 12:12:26 GMT
Expires:0
Location:http://localhost:8080/login
Pragma:no-cache
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block
此響應系統後觸發PUT請求http://localhost:8080/login
和失敗,因爲PUT方法不允許http://localhost:8080/login
請求。
問:
我明白,我得到302個狀態和Location:http://localhost:8080/login
頭,因爲我已經註銷。我想擴展這種情況與JSON身體的反應,或至少確保這種情況下,我將得到401 Unauthorised
狀態代碼,而不是302.