1. 首頁
  2. 問答
  3. always-use-default-target =「false」和default-target-url不適用於spring-social

always-use-default-target =「false」和default-target-url不適用於spring-social

2013-04-30 72 views
2

always-use-default-target和always-use-default-target =「false」用戶名和密碼的用戶登錄always-use-default-target =「false」和default-target-url不適用於spring-social

兩個屬性似乎用彈簧社會時忽略

使用Facebook或Twitter用戶登錄:

  • 如果用戶曾經因爲他的登錄頁面/她點擊了「登錄」按鈕,登錄成功後他/她被重定向到「/」。我希望他/她被重定向到default-target-url
  • 如果用戶因爲嘗試訪問受保護的url而被重定向到登錄頁面,那麼在成功後他/她也會被重定向到「/」登錄。我希望他/她被重定向到他/她要求的原始受保護的URL。

我使用

  • 春天3.1.3.RELEASE
  • 春季安全3.1.3.RELEASE
  • 春天社會1.0.2.RELEASE


這是我的spring-security.xml

<beans:beans xmlns="http://www.springframework.org/schema/security" 
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 

    <http use-expressions="true" access-denied-page="/ingresar/?acceso_denegado=true"> 
     <intercept-url pattern="/" access="permitAll" /> 
     <intercept-url pattern="/signin/**" access="permitAll" /> 
     <intercept-url pattern="/url1/**" access="permitAll" /> 
     <intercept-url pattern="/url2/**" access="hasAnyRole('ROLE_XXX')"/> 
     ... 
     <intercept-url pattern="/**" access="denyAll" /> 
     <form-login login-page="/url3/" default-target-url="/url4" always-use-default-target="false" 
        authentication-failure-url="/url5" login-processing-url="/url6"/> 
     <logout logout-url="/logout"/> 
    </http>  

    <beans:bean id="myUserService" class="my.kalos.service.MyUserServiceImpl"/> 

    <beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/> 

    <authentication-manager alias="authenticationManager"> 
     <authentication-provider user-service-ref='myUserService'> 
      <password-encoder ref="encoder"/> 
     </authentication-provider> 
    </authentication-manager> 
</beans:beans>

這是我的彈簧社會配置類

@Configuration 
public class MyAppSocialConfig { 

    @Inject 
    MyAppConnectionSignUp myAppConnectionSignUp; 

    @Inject 
    private DataSource dataSource; 

    @Bean 
    public ConnectionFactoryLocator connectionFactoryLocator() { 
     ConnectionFactoryRegistry registry = new ConnectionFactoryRegistry(); 
     registry.addConnectionFactory(new FacebookConnectionFactory(myAppConf.getFbAppId(), myAppConf.getFbAppSecret())); 
     registry.addConnectionFactory(new TwitterConnectionFactory(myAppConf.getTtConsumerKey(), myAppConf.getTtConsumerSecret())); 
     return registry; 
    } 

    @Bean 
    public UsersConnectionRepository usersConnectionRepository() { 
     JdbcUsersConnectionRepository repository = new JdbcUsersConnectionRepository(dataSource, 
       connectionFactoryLocator(), Encryptors.noOpText()); 
     repository.setConnectionSignUp(myAppConnectionSignUp); 
     return repository; 
    } 

    @Bean 
    @Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES) 
    public ConnectionRepository connectionRepository() { 
     Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 
     MyUser user = (MyUser) authentication.getPrincipal(); 
     return usersConnectionRepository().createConnectionRepository(String.valueOf(user.getId())); 
    } 

    @Bean 
    @Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES) 
    public Facebook facebook() { 
     return connectionRepository().getPrimaryConnection(Facebook.class).getApi(); 
    } 

    @Bean 
    @Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES) 
    public Twitter twitter() { 
     return connectionRepository().getPrimaryConnection(Twitter.class).getApi(); 
    } 

    @Bean 
    public ProviderSignInController providerSignInController() { 
     ProviderSignInController controller = new MyAppProviderSignInController(...); 
     controller.setSignInUrl("/someUrl/"); 
     return controller; 
    } 
}

來源

2013-04-30 Oscar Guindzberg

+0

你有沒有解決這個問題?答案是有用的。你可以回答你自己的問題。 – 2014-04-15 06:56:29

回答

0

我終於得到它的工作,但我使用XML配置。這個想法是使用postLoginUrl屬性覆蓋默認的URL(「/」)。

<http auto-config="true" use-expressions="true"> 
    <!-- Enable csrf protection --> 
    <csrf /> 
    <form-login login-page="/sign" default-target-url="/dashboard" authentication-failure-url="/sign" username-parameter="username" password-parameter="password" /> 
    <!-- Dashboard is protected --> 
    <intercept-url pattern="/dashboard**/**" access="hasRole('ROLE_USER')" /> 
    <!-- Adds social authentication filter to the Spring Security filter chain. --> 
    <custom-filter ref="socialAuthenticationFilter" before="PRE_AUTH_FILTER" /> 
</http> 


<!-- Configures the social authentication filter which integrates Spring Social with Spring Security --> 
<beans:bean id="socialAuthenticationFilter" class="org.springframework.social.security.SocialAuthenticationFilter"> 
    <beans:constructor-arg index="0" ref="authenticationManager" /> 
    <beans:constructor-arg index="1" ref="userIdSource" /> 
    <beans:constructor-arg index="2" ref="usersConnectionRepository" /> 
    <beans:constructor-arg index="3" ref="connectionFactoryLocator" /> 
    <!-- Sets the url of the registration - use in case the sign in has failed --> 
    <beans:property name="signupUrl" value="/user/register/" /> 
    <!-- Sets the url of the dashboard - use in case the sign in has succeed --> 
    <beans:property name="postLoginUrl" value="/dashboard/" /> 
</beans:bean>

來源

2014-05-13 12:02:13 Fabian

相關問題

 相關問題