使用Spring Security登录后无法将用户重定向到所需页面
法罕·希尔吉尔·安萨里(Farhan Shirgill Ansari)
在此Web应用程序中一切正常。浏览器被阻止缓存页面。登录和注销也可以。注销后,我能够成功地将用户重定向到登录页面。
Web应用程序控件的流程可以通过此简单流程图说明。
> loginForm> a> b> c> registerForm>配置文件
这些是应用程序中的基本6页。
loginForm.jsp:
<body onload='document.f.username.focus();'>
<h3>Login with Username & Password</h3>
<form name='f' method="post">
<table>
<tr>
<td>User:</td>
<td><input type="text" name="username" value='' /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td colspan="2"><input name='submit' type="submit" value="Login" /></td>
</tr>
<tr>
<td><input type="hidden" name="${_csrf.parameterName}"
value="${_csrf.token}">
</td></tr>
</table>
</form>
</body>
a.jsp:
<h1>Your Profile - a</h1>
<form method="post">
<table>
<tr>
<td><input type="submit" value="Register" /></td>
</tr>
</table>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}">
</form>
b.jsp:
<h1>Your Profile - b</h1>
<form method="post">
<table>
<tr>
<td><input type="submit" value="Register" /></td>
</tr>
</table>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}">
</form>
c.jsp:
<h1>Your Profile - c</h1>
<form method="post">
<table>
<tr>
<td><input type="submit" value="Register" /></td>
</tr>
</table>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}">
</form>
registerForm.jsp:
<form method="post">
<table>
<tr>
<td>First Name:</td>
<td><input type="text" name="firstName" /></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type="text" name="lastName" /></td>
</tr>
<tr>
<td>User Name:</td>
<td><input type="text" name="userName" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td><input type="submit" value="Register" /></td>
</tr>
</table>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}">
</form>
profile.jsp:还包含注销链接。
<h1><a href="#" onclick="javascript:logoutForm.submit();">logout</a></h1>
<c:url var="logoutUrl" value="/logout" />
<form action="${logoutUrl}" method="post" id="logoutForm">
<input type="hidden" name="${_csrf.parameterName}"
value="${_csrf.token}" />
</form>
<table>
<tr>
<td>First Name:</td>
<td><c:out value="${spitter.firstName}" /></td>
</tr>
<tr>
<td>Last Name:</td>
<td><c:out value="${spitter.lastName}" /></td>
</tr>
<tr>
<td>User Name:</td>
<td><c:out value="${spitter.userName}" /></td>
</tr>
</table>
LoginController.java
@Controller
public class LoginController {
@RequestMapping(value = "/loginPage", method = RequestMethod.GET)
public String showLoginForm() {
System.out.println("Inside GET loginPage");
return "loginForm";
}
@RequestMapping(value = "/loginPage", method = RequestMethod.POST)
public String processLoginForm() {
System.out.println("Inside POST loginPage");
return "redirect:/spitter/a";
}
}
当我通过键入请求loginForm.jsp时,将调用第一个方法
当我单击loginForm.jsp上的Submit按钮时,它应该导致调用LoginController.java中存在的第二个方法。但是,这永远不会发生。为什么?。我有时看到将其重定向到profile.jsp,或者有时将浏览器栏中的URL反映为
这是HTTP状态404-/ web /
其他控制器:
SpittrController.java:
@Controller
@RequestMapping(value = "/spitter")
public class SpittrController {
@RequestMapping(value = "/a", method = RequestMethod.GET)
public String a() {
return "a";
}
@RequestMapping(value = "/a", method = RequestMethod.POST)
public String processA() {
return "redirect:/spitter/b";
}
@RequestMapping(value = "/b", method = RequestMethod.GET)
public String b() {
return "b";
}
@RequestMapping(value = "/b", method = RequestMethod.POST)
public String processB() {
return "redirect:/spitter/c";
}
@RequestMapping(value = "/c", method = RequestMethod.GET)
public String c() {
return "c";
}
@RequestMapping(value = "/c", method = RequestMethod.POST)
public String processC() {
return "redirect:/spitter/register";
}
@RequestMapping(value = "/register", method = RequestMethod.GET)
public String showRegistrationForm() {
return "registerForm";
}
@RequestMapping(value = "/register", method = RequestMethod.POST)
public String processingRegistration(@Valid Spitter spitter, Errors errors) {
if (errors.hasErrors()) {
return "registerForm";
}
spittleRepository.save(spitter);
return "redirect:/spitter/" + spitter.getUserName();
}
@RequestMapping(value = "/{username}", method = RequestMethod.GET)
public String showSpitterProfile(@PathVariable("username") String username,
Model model) {
Spitter spitter = spittleRepository.findByUsername(username);
if (spitter != null) {
model.addAttribute(spitter);
}
return "profile";
}
}
Java配置以启用Spring MVC Web安全性:
@Configuration
@EnableWebSecurity
public class SecurityConfig
extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin().loginPage("/loginPage").and()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/spitter/a").authenticated()
.antMatchers(HttpMethod.POST, "/spitter/a").authenticated()
.antMatchers(HttpMethod.GET, "/spitter/b").authenticated()
.antMatchers(HttpMethod.POST, "/spitter/b").authenticated()
.antMatchers(HttpMethod.GET, "/spitter/c").authenticated()
.antMatchers(HttpMethod.POST, "/spitter/c").authenticated()
.antMatchers(HttpMethod.GET, "/spitter/register").authenticated()
.antMatchers(HttpMethod.POST, "/spitter/register").authenticated()
.antMatchers(HttpMethod.GET, "/spitter/**").authenticated()
.and().logout().logoutSuccessUrl("/loginPage");
}
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password")
.roles("USER").and().withUser("admin").password("password")
.roles("USER", "ADMIN");
}
}
应用程序的Eclipse结构:
刷新
您应该添加http.formLogin().loginPage("/loginPage").defaultSuccessUrl("/spitter/a").and().Web安全配置。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
编辑于
相关文章
TOP 榜单
- 1
Linux的官方Adobe Flash存储库是否已过时?
- 2
在 Python 2.7 中。如何从文件中读取特定文本并分配给变量
- 3
如何检查字符串输入的格式
- 4
如何使用HttpClient的在使用SSL证书,无论多么“糟糕”是
- 5
Modbus Python施耐德PM5300
- 6
错误TS2365:运算符'!=='无法应用于类型'“(”'和'“)”'
- 7
用日期数据透视表和日期顺序查询
- 8
检查嵌套列表中的长度是否相同
- 9
Java Eclipse中的错误13,如何解决?
- 10
ValueError:尝试同时迭代两个列表时,解包的值太多(预期为 2)
- 11
如何监视应用程序而不是单个进程的CPU使用率?
- 12
如何自动选择正确的键盘布局?-仅具有一个键盘布局
- 13
ES5的代理替代
- 14
在令牌内联程序集错误之前预期为 ')'
- 15
有什么解决方案可以将android设备用作Cast Receiver?
- 16
套接字无法检测到断开连接
- 17
如何在JavaScript中获取数组的第n个元素?
- 18
如何将sklearn.naive_bayes与(多个)分类功能一起使用?
- 19
应用发明者仅从列表中选择一个随机项一次
- 20
在Windows 7中无法删除文件(2)
- 21
ggplot:对齐多个分面图-所有大小不同的分面
我来说两句