登录成功后如何设置重定向? [英] How to set redirection after successful login?

问题描述

我正在使用带有 spring-boot-starter-security 依赖项的 spring boot.

I am using spring boot with the spring-boot-starter-security dependency.

我有一个应用程序可以在提供正确凭据的情况下成功登录.但是，每当我登录时，我都不会被重定向到任何地方.我该如何配置?

I have an application that will successfully login given the proper credentials. However, whenever I login I am not being redirected anywhere. How can I configure this?

表格如下:

 <form th:action="@{/login}" method="post">
        <div><label> User Name : <input type="text" name="username"/> </label></div>
        <div><label> Password: <input type="password" name="password"/> </label></div>
        <div><input type="submit" value="Sign In"/></div>
 </form>

我曾尝试更改上面的 th:action 标签，但我无法使用它.

I have tried changing the th:action tag above but I wasn't able to get anywhere with it.

MvcConfig 方法如下:

The MvcConfig method is below:

public void addViewControllers(ViewControllerRegistry registry) {
    registry.addViewController("/login").setViewName("login");
    registry.addViewController("/").setViewName("login");
}

推荐答案

定义成功登录后的重定向需要应用在 Spring Security 上，而不是 Spring MVC.

Defining the redirection after a successful login needs to be applied on Spring Security, not Spring MVC.

th:action 定义将处理身份验证请求的 Spring Security 端点.它没有定义重定向 URL.开箱即用，Spring Boot Security 将为您提供 /login 端点.默认情况下，Spring Security 将在登录后重定向到您尝试访问的安全资源.如果您希望始终重定向到特定的 URL，您可以通过 HttpSecurity 配置对象强制这样做.

The th:action defines the Spring Security endpoint that will process the authentication request. It does not define the redirection URL. Out of the box, Spring Boot Security will provide you the /login endpoint. By default, Spring Security will redirect after login to the secured ressource you tried to access. If you wish to always redirect to a specific URL, you can force that through the HttpSecurity configuration object.

假设您使用的是最新版本的 Spring Boot，您应该可以使用 JavaConfig.

Assuming you are using a recent version of Spring Boot, you should be able to use JavaConfig.

这是一个简单的例子:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserService userService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // the boolean flags force the redirection even though 
        // the user requested a specific secured resource.
        http.formLogin().defaultSuccessUrl("/success.html", true);
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService);
    }
}

请注意，您需要定义一个合适的端点来为 /success.html URL 提供内容.src/main/resources/public/ 中默认可用的静态资源可以用于测试目的.我个人宁愿定义一个由 Spring MVC 控制器提供的安全 URL，该控制器为 Thymeleaf 提供内容.您不希望任何匿名用户能够访问成功页面.Thymeleaf 作为在呈现 HTML 内容时与 Spring Security 交互的一些有用功能.

Please note that you need to define a proprer endpoint to serve content for the /success.html URL. A static resource available by default in src/main/resources/public/ would do the trick for test purpose. I would personnally rather define a secured URL served by a Spring MVC Controller serving content with Thymeleaf. You don't want any anonymous user to be able to access the success page. Thymeleaf as some usefull features to interact with Spring Security while rendering the HTML content.

问候，丹尼尔

这篇关于登录成功后如何设置重定向?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！