1. 首頁
  2. 問答
  3. 兩個登錄頁面,但錯誤的重定向在春季應用程序

兩個登錄頁面,但錯誤的重定向在春季應用程序

2016-02-29 41 views
0

我試圖在我的應用程序上創建其他登錄頁面。 第二個工作正常,但我剛剛添加的第一個沒有正確捕捉URL,也沒有重定向到好頁面。
第二個HTTP配置總是使用。兩個登錄頁面,但錯誤的重定向在春季應用程序

<security:http pattern="/vcrequest/**" use-expressions="true" realm="NETMG Spring Security" authentication-manager-ref="authenticationManager"> 
    <security:logout logout-url="/resources/j_spring_security_logout" /> 

    <security:form-login 
     login-processing-url="/resources/j_spring_security_check" 
     login-page="/vcrequest/view/loginVCR" 
     default-target-url="/vcrequest/controller/vcrequest/my-request" 
     authentication-failure-url="/vcrequest/view/loginVCR?login_error=t" /> 

    <security:intercept-url pattern="/vcrequest/view/loginVCR" access="permitAll" /> 
    <security:intercept-url pattern="/vcrequest/**" access="isAuthenticated()" /> 
    <security:http-basic/> 
</security:http> 

<security:http use-expressions="true" realm="NETMG Spring Security" authentication-manager-ref="authenticationManager"> 
    <security:session-management session-fixation-protection="newSession"/> 
    <security:logout logout-url="/resources/j_spring_security_logout" /> 

    <security:form-login 
     login-processing-url="/resources/j_spring_security_check" 
     login-page="/view/login" 
     default-target-url="/view/home#agregateShowMode=site" 
     authentication-failure-url="/view/login?login_error=t" /> 

    <security:intercept-url pattern="/controller/users/**" access="hasRole('ROLE_ADD_USERS')" /> 
    <security:intercept-url pattern="/controller/export/**" access="hasRole('ROLE_EXPORT')" /> 
    <security:intercept-url pattern="/controller/stocks/**" access="hasRole('ROLE_STOCKS')" /> 
    <security:intercept-url pattern="/controller/home/site/edit/**" access="hasAnyRole('ROLE_EDIT_SITE')" /> 
    <security:intercept-url pattern="/controller/home/site/create*" access="hasRole('ROLE_ADD_SITE')" /> 
    <security:intercept-url pattern="/controller/home/site/save*" access="hasAnyRole('ROLE_EDIT_SITE')" /> 
    <security:intercept-url pattern="/controller/home/site/change*" access="hasRole('ROLE_CLOSE_SITE')" /> 

    <security:intercept-url pattern="/controller/home/service/add/**" access="hasRole('ROLE_ADD_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/add*" access="hasRole('ROLE_ADD_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/link/**" access="hasRole('ROLE_LINK_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/edit/**" access="hasAnyRole('ROLE_EDIT_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/save/**" access="hasAnyRole('ROLE_EDIT_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/close/**" access="hasRole('ROLE_CLOSE_SERVICE')" /> 

    <security:intercept-url pattern="/controller/home/link/add/**" access="hasAnyRole('ROLE_ADD_LINK', 'ROLE_ADD_LINK_FOR_REQUEST')" /> 
    <security:intercept-url pattern="/controller/home/link/link*" access="hasRole('ROLE_ADD_LINK')" /> 
    <security:intercept-url pattern="/controller/home/link/edit/**" access="hasAnyRole('ROLE_EDIT_LINK')" /> 
    <security:intercept-url pattern="/controller/home/link/save/**" access="hasAnyRole('ROLE_EDIT_LINK')" /> 
    <security:intercept-url pattern="/controller/home/link/close/**" access="hasRole('ROLE_CLOSE_LINK')" /> 


    <security:intercept-url pattern="/controller/home/device/add/**" access="hasAnyRole('ROLE_ADD_DEVICE', 'ROLE_ADD_DEVICE_FOR_REQUEST')" /> 
    <security:intercept-url pattern="/controller/home/device/link/**" access="hasRole('ROLE_LINK_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/link*" access="hasRole('ROLE_LINK_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/edit/**" access="hasAnyRole('ROLE_EDIT_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/save/**" access="hasAnyRole('ROLE_EDIT_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/close/**" access="hasRole('ROLE_CLOSE_DEVICE')" /> 

    <security:intercept-url pattern="/pages/private/**" access="isAuthenticated()" /> 

    <!-- URLs not secured --> 
    <security:intercept-url pattern="/resources/**" access="permitAll" /> 
    <security:intercept-url pattern="/css/**" access="permitAll" /> 
    <security:intercept-url pattern="/img/**" access="permitAll" /> 
    <security:intercept-url pattern="/js/**" access="permitAll" /> 
    <security:intercept-url pattern="/view/login" access="permitAll" /> 
    <security:intercept-url pattern="/view/loginVCR" access="permitAll" /> 
    <security:intercept-url pattern="/jamon/**" access="permitAll" /> 
    <security:intercept-url pattern="/view/js-dynamic/**" access="permitAll" /> 

    <!-- All others URLs need at least that the user is authenticated --> 
    <security:intercept-url pattern="/**" access="isAuthenticated()" /> 
</security:http>

我使用下面的文章,但沒有成功: Two realms in same application with Spring Security? 有誰知道如何解決這個問題?

來源

2016-02-29 Jerome Campeaux

回答

0

也許在這兩個領域擁有相同的登錄處理url會帶來麻煩。有你試圖改變第一領域登錄處理-URL到另一個映射,例如:

<security:form-login 
     login-processing-url="/anotherresource/j_spring_security_check"

注意:如果將此參數設置爲第一境界匹配圖案,如

/vcrequest/j_spring_security_check

請記住在安全領域繞過它

<security:intercept-url pattern="/vcrequest/j_spring_security_check"` access="permitAll" />

來源

2016-02-29 11:22:43 jlumietu

+0

感謝您的回答,我會嘗試你的解決方案,似乎是一個很好的 –

相關問題

 相關問題